We would like to announce the general availability of Adobe Acrobat Reader integration with Microsoft Information Protection solutions – which we originally announced in September Your feedback during the development of this integration was both insight and useful. You can download the new Adobe Acrobat Reader that supports Microsoft Information Protection capabilities at the following location
Figure 1: Page to download the Adobe integration Plug-in
Installation instructions
Prior to downloading the latest Adobe Acrobat, please make sure that your labels are visible in the Security and Compliance center UI @ https://protection.office.com . If the labels are visible and are published by a label policy from the Security and Compliance center, the Adobe Integration will function.
Note: The instructions on how to replicate your existing AIP labels to Security and Compliance center is at the following link
After you have validated the label being visible in the Security and Compliance center, please proceed to download your Adobe Acrobat Reader from the Adobe site. Once you have installed the Reader then please proceed to the link and download the integration plug-in for installation. Please make sure that you close the Adobe Acrobat solution prior to installing the plug-in, otherwise it will not work.
If have an older installation then please make sure to read the general terms of use and uninstall any old Reader and plug-in installation before installing the new reader and the plug-in. The integration works with the 2019.010.20064 version of Acrobat Reader DC and Acrobat DC. Please do not use the plug-in with an earlier version of Acrobat.
After you have installed the plug-in, please try to label and protect a PDF document using the Azure Information Protection client and then open with Adobe Acrobat Reader that has the integration enabled.
Organizations with restrictive install permissions within their tenant
In case you receive the following error as shown in Figure 2, when opening the secure PDF document with Adobe, It is due to the fact that the tenant administrator in your organization does not want users to authorize applications within your organizations tenant . This is an additional security measure that your tenant administrator might have enabled .
Figure 2: Admin Consent page that shows if you have not authorized the Adobe applications
In such cases, please have your tenant administrators consent to the Adobe Acrobat App-id which is as follows:
cad2910c-3b55-4610-ba7e-dda581063c91
Once the administrative consent happens, then you should be ready to consume protected PDF content via Adobe’s Acrobat Reader. If you would like to understand what consent flows are, please read the information at the following link:
Viewing the label ribbon when PDF is labeled or labeled and protected
To view the label ribbon in Acrobat reader interface please update or create the following registry entry on your computer
Computer\HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\MicrosoftAIP
Create a DWORD value name called : bShowDMB with a Hexadecimal value of 1
Figure 3: Label banner on a PDF
That will allow the ability to view the label ribbon within the Acrobat interface
Issues in viewing labels with Adobe Reader
Even after making the changes in registry you are not seeing the labels. Then the issue could be the following:
- Have your labels been replicated from the AIP portal to Security and Compliance center?
- Have you published your labels to the users in your tenant from the Security and Compliance center?
If your answer is no, to the above questions, then you will not see the labels. The Adobe integration is enabled with Microsoft Information Protection and the policies for those labels comes the Security and Compliance center at https://protection.office.com
Please check if your AIP labels manifest within Security and Compliance center and if they are visible then please make sure that your labels are published.
If you have done the above steps please make sure that the registry entry for the label banner is done as Adobe\Acrobat Reader\DC and not under Adobe\DC
Computer\HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\MicrosoftAIP
And the value is a DWORD not a QWORD
We at both Adobe and Microsoft look forward to your engagement and feedback to improve the product experience.