Forum Discussion

Jay Hampton's avatar
Jay Hampton
Copper Contributor
Jan 05, 2018

Email Encryption in Office 365 with Azure

Hi All,   I'm trying to setup office 365 Email encryption and having some issues. Following these instructions:   http://office365support.ca/setup-and-enable-office-365-message-encryption/ ...
azure
J 1901's avatar
J 1901
Copper Contributor
Dec 19, 2018

well, well, well almost one year later December 19, 2018 and I also still have the same problem same error, this should not be this difficult to setup email encryption in O365

  • JayHampton's avatar
    JayHampton
    Copper Contributor
    Dec 19, 2018

    Hey J1901, I never got a message saying someone responded to this until today. I found the answer shortly after I asked this question. 

     

    Open powershell and run this to install AADRM if you havent already: "Install-Module -Name AADRM" without quotes.

     

    Then run this script:

     

    $cred = Get-Credential

    Get-Command -Module aadrm

    Connect-AadrmService -Credential $cred

    #Activate the service.

    Enable-Aadrm

    #Get the configuration information needed for message encryption.

    $rmsConfig = Get-AadrmConfiguration

    $licenseUri = $rmsConfig.LicensingIntranetDistributionPointUrl

    #Disconnect from the service.

    Disconnect-AadrmService

    #Create a remote PowerShell session and connect to Exchange Online.

    $session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection

    Import-PSSession $session -allowclobber

    #Collect IRM configuration for Office 365.

    $irmConfig = Get-IRMConfiguration

    $list = $irmConfig.LicensingLocation

    if (!$list) { $list = @() }

    if (!$list.Contains($licenseUri)) { $list += $licenseUri }

    #Enable message encryption for Office 365.

    Set-IRMConfiguration -LicensingLocation $list

    Set-IRMConfiguration -AzureRMSLicensingEnabled $true -InternalLicensingEnabled $true

    #Enable server decryption for Outlook on the web, Outlook for iOS, and Outlook for Android.

    Set-IRMConfiguration -ClientAccessServerEnabled $true

     

    Then log into O365 and follow these instructions:

     

    Create a rule in the Exchange admin center that will apply encryption.

     

    1. Login to the Exchange admin center with the administrator credentials
    2. On the right side click “Mail Flow” add a rule and call it Email Encryption or something similar
    3. Under “Apply this rule if” select “if the subject or body include” and type “is encrypted” then click OK
    4. Click “More Option” at the bottom of the rule box
    5. Under “ Do the Following” Select “Apply Office 365 Message Encryption and rights protection to the message with…” >> “Modify the message security…” >> “Apply Office 365 Message Encryption and rights protection”
    6. Select RMS template “Encrypt”
    7. Click “OK”
    8. Click save

     

     

    You get some errors in Powershell but I just did this last week and it worked still.

    • John_J1925's avatar
      John_J1925
      Copper Contributor
      Jan 15, 2021

      JayHampton 

       

      I had the issue where running the powershell scripts and setting up Encryption thru the portal still resulted with no templates in the Transport rules setup, finally found this script, ran it, and instantly solved my issue, this is after having a ticket open and spending an hour on line with the MS Tech rep.

Resources