Forum Discussion

Robert Bollinger's avatar
Robert Bollinger
Iron Contributor
Jan 13, 2021

Security and Compliance, Rights Management.

Hey Team,    I would like to know if there is a log file i can check to see who may have disabled "Rights Management" in our test tenant? Some background   We had Rights Management enabled in our...
exchange
office 365
security
VasilMichev's avatar
VasilMichev
MVP
Jan 14, 2021

If there's nothing in the logs, you're out of luck. You can still try opening a support ticket and ask them to check.

  • Robert Bollinger's avatar
    Robert Bollinger
    Iron Contributor
    Jan 14, 2021

    VasilMichev 

    Upon further review this is what i see from the AIPserviceAdminLog: 

     

    2021-01-13T00:37:56 admin.myaccount@ourtesttenant.com SetTenantFunctionalState -functionalState Enabled Passed TRUE

     

    I don't see any other entries that might for example say, Functional State Disabled Passed TRUE. 

     

    Thanks, 

     

    Robert 

  • Robert Bollinger's avatar
    Robert Bollinger
    Iron Contributor
    Jan 14, 2021

    VasilMichev 

     

    Thanks for the response as always. I checked the Unified Audit log and didnt see anything of value there. I see all kinds of log being generate but not what i need. 

     

    I also checked 

     

    Get-AipServiceUserLog -Path c:\temp\azusrlogs -fromdate 11/01/2020 -todate 01/15/2021 -numberofthreads 10

     

    Some good data was reported here, but not quite what i am looking for. Can you think of any other place i might be able to check? Specifically what i am looking for is who ran the "Disable-AIPService" or Disabled AIP using the GUI. 

     

    I guess at this point i can open a support ticket as you've suggested. but i was just trying to avoid it. 

     

    Thanks, 


    Robert 

Resources