Jun 28 2019
01:03 AM
- last edited on
May 24 2021
03:13 PM
by
TechCommunityAP
Jun 28 2019
01:03 AM
- last edited on
May 24 2021
03:13 PM
by
TechCommunityAP
Hi,
I have a question about this section of the documentation.
Migration phase 2 - server-side configuration for AD RMS - https://docs.microsoft.com/en-us/azure/information-protection/migrate-from-ad-rms-phase2
##
If your templates in AD RMS used the ANYONE group, the closest equivalent group in Azure Information Protection is named AllStaff-7184AB3F-CCD1-46F3-8233-3E09E9CF0E66@<tenant_name>.onmicrosoft.com. For example, this group might look like the following for Contoso: AllStaff-7184AB3F-CCD1-46F3-8233-3E09E9CF0E66@contoso.onmicrosoft.com. This group contains all users from your Azure AD tenant.
When you manage templates and labels in the Azure portal, this group displays as your tenant's domain name in Azure AD. For example, this group might look like the following for Contoso: contoso.onmicrosoft.com. To add this group, the option displays Add <organization name> - All members.
##
Should I keep the ANYONE group in the template imported to Azure RMS / AIP or should I remove the ANYONE group permission on the template?
If I should keep the ANYONE group, when is this entry being used?
Thanks
Juergen
Jul 01 2019 02:46 PM
On the AIP template, you may delete entry for the ANYONE group and add the group "AllStaff-7184AB3F-CCD1-46F3-8233-3E09E9CF0E66@<tenant_name>.onmicrosoft.com" instead.
Regards,
Martin
Jul 02 2019 12:49 PM
Martin, thank you for the clarification.