Jan 05 2018 11:58 AM
Hi All,
I'm trying to setup office 365 Email encryption and having some issues. Following these instructions:
http://office365support.ca/setup-and-enable-office-365-message-encryption/
This command:
Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc
Gives this error:
The Trusted Publishing Domain (TPD) for your organization should be managed in Microsoft Azure Rights Management. The 'RMSOnlineKeySharingLocation' parameter has been deprecated. For more information, see http://go.microsoft.com/fwlink/p/?LinkId=789272.
+ CategoryInfo : InvalidArgument: (:) [Set-IRMConfiguration], LocalizedException
+ FullyQualifiedErrorId : [Server=DM5PR22MB0444,RequestId=cb997291-1895-4faa-a895-6098f745280f,TimeStamp=1/5/2018 7:38:18 PM] [FailureCategory=Cmdlet-LocalizedException] 63B7BAFF,Microsoft.Exchange.Management.RightsManagement.SetIRMConfiguration
+ PSComputerName : outlook.office365.com
I've also tried folowing these instructions:
and completed the comands with no error, but when I send an encrypted email and try to open it in the web browser I get this error every time:
Sorry, we can't display your message right now
Something went wrong and your encrypted message couldn't be opened. Please try again by following the instructions in the original email message in 5 minutes.
Any help would be appreciated
Jan 07 2018 01:07 AM
Jan 07 2018 02:59 AM
Jan 09 2018 09:21 AM
Same issue here. No resolution yet. Starting a ticket w/ MS.
Jan 11 2018 02:05 AM
I have the samme problem.
Any news from Microsoft support on this issue?
I have also created a support ticket now.
Jan 11 2018 04:55 PM
Did you get any resolution for this? I am also having this issue.
Jan 18 2018 10:29 AM
I too am having the same issue and after following the instructions from Microsoft support, I have not gained any progress.
Feb 20 2018 10:18 PM
Try this;
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session
Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc
Import-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online"
Set-IRMConfiguration -InternalLicensingEnabled $True
Test-IRMConfiguration -RMSOnline
Mar 01 2018 05:26 AM
First download - https://www.microsoft.com/en-us/download/details.aspx?id=30339
Then follow the updated instructions - https://support.office.com/en-us/article/Set-up-new-Office-365-Message-Encryption-capabilities-built...
Mar 02 2018 07:36 AM
When I run the import part I get the following:
Import-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online"
This cmdlet is deprecated. The Trusted Publishing Domain (TPD) for your organization is managed in Microsoft Azure Rights Management. For more information, see http://go.microsoft.com/fwlink/p/?LinkId=789272.
Aug 10 2018 09:01 PM
I discovered for those commands that produce "cmdlet deprecated" and "The Trusted Publishing Domain (TPD) for your organization is managed in Microsoft Azure Rights Management" errors you have to first disable any transport rule you have enabled to encrypt email in Exchange admin console then
Set-IRMConfiguration -InternalLicensingEnabled $false
Set-IRMConfiguration -InternalLicensingEnabled $false
then the cmdlet
Import-RMSTrustedPublishingDomain -RMSOnline "RMS Online"
should work. If so, then set the above back to $true and re-enable your transport rules. You may have to wait for a period of time for the rule to kick in. I had to do the above because when we ran
Get-IRMConfiguration
the output showed empty values for RMSOnlineKeySharingLocation, RMSOnlineVersion, ServiceLocation, and PublishingLocation. These values were filled in after successfully running the Import-RMSTrustedPublishingDomain cmdlet.
Oct 15 2018 03:08 PM
Folks,
I`m facing same issue wherein getting deprecated message while enabling IRM.
I`ve followed ever step as discussed in the this specific forum
Dec 19 2018 11:57 AM
well, well, well almost one year later December 19, 2018 and I also still have the same problem same error, this should not be this difficult to setup email encryption in O365
Dec 19 2018 12:01 PM
Dec 19 2018 12:05 PM
No, I did not mean to have the command twice.
Dec 19 2018 01:39 PM
Hey J1901, I never got a message saying someone responded to this until today. I found the answer shortly after I asked this question.
Open powershell and run this to install AADRM if you havent already: "Install-Module -Name AADRM" without quotes.
Then run this script:
$cred = Get-Credential
Get-Command -Module aadrm
Connect-AadrmService -Credential $cred
#Activate the service.
Enable-Aadrm
#Get the configuration information needed for message encryption.
$rmsConfig = Get-AadrmConfiguration
$licenseUri = $rmsConfig.LicensingIntranetDistributionPointUrl
#Disconnect from the service.
Disconnect-AadrmService
#Create a remote PowerShell session and connect to Exchange Online.
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $session -allowclobber
#Collect IRM configuration for Office 365.
$irmConfig = Get-IRMConfiguration
$list = $irmConfig.LicensingLocation
if (!$list) { $list = @() }
if (!$list.Contains($licenseUri)) { $list += $licenseUri }
#Enable message encryption for Office 365.
Set-IRMConfiguration -LicensingLocation $list
Set-IRMConfiguration -AzureRMSLicensingEnabled $true -InternalLicensingEnabled $true
#Enable server decryption for Outlook on the web, Outlook for iOS, and Outlook for Android.
Set-IRMConfiguration -ClientAccessServerEnabled $true
Then log into O365 and follow these instructions:
Create a rule in the Exchange admin center that will apply encryption.
You get some errors in Powershell but I just did this last week and it worked still.
May 23 2019 05:31 AM
Aug 06 2020 09:39 AM
If run the below commands before you setting the Publishing the Domains
Set-IRMConfiguration -InternalLicensingEnabled $false
Set-IRMConfiguration -AzureRMSLicensingEnabled $false
Once both commands successfully executed, Set the Publishing domain once again and post publishing domain enabled. Enable InternalLicensing and AzureRMSLicensing once again using the below commands,
Set-IRMConfiguration -InternalLicensingEnabled $True
Set-IRMConfiguration -AzureRMSLicensingEnabled $True
Jan 15 2021 09:47 AM
I had the issue where running the powershell scripts and setting up Encryption thru the portal still resulted with no templates in the Transport rules setup, finally found this script, ran it, and instantly solved my issue, this is after having a ticket open and spending an hour on line with the MS Tech rep.