AADRM Configuration

Editor's note: The following post was written by Office 365 MVP Michael Kirst-Neshva

Protect Your Data Microsoft Azure Active Directory Rights Management

Microsoft recently launched the new Rights Management Service as a renewed version.

With “Microsoft AZURE Active Directory Rights Management” (AADRM) a user can easily encrypt his data, documents or email. The new version can be used with many data types, like Microsoft Office (it support MS Office 2010 and 2013), PDF or any other files with an additional generic PFILE protection. The new Client allows Office 2010 to works with AADRM with no configuration on the client side, the setup will do everything for you.

For better understanding, the new service is a real Microsoft cloud platform and hosted in AZURE. Currently, Office 365 customers with E3 and E4 Plan can be using the solution with no additional costs. But there are many new functions.

-          A Microsoft RMS Connector server to connect on-premises SharePoint and Exchange to the cloud service

-          Bring your own Key feature

-          RMS sharing App for Windows (for Apple and Android is coming later in October)

“Bring your own Key”? Yes, in the future you can generate your own master key which will work with the online service.

The new Microsoft RMS Connector server will connect your local SharePoint or Exchange environment with the cloud service. With that options the user doesn’t need any RMS infrastructure. I talking about that in a future article and describe the hybrid cloud options.

Microsoft RMS enables the flow of protected data on all important devices, of all important file types, and lets these files be used by all important people in a user’s collaboration circle.” (RMS Whitepaper)

So, now I will show you, how you can register you and install the client.

1.)    Register your primary email address to generate a new tenant at https://portal.aadrm.com/.
To test the solution, you can use any email address like anyname@contoso.com.




2.)    After you download the client software inside the zip file, you must abstract them and start the “setup.exe”
The installation is a “normal” installation….

3.)    When the installation is finished, you have new options in your windows system.
An extended File Explorer Submenu and new Buttons in the Ribbon Bar of your Office Software



The RMS Client comes with predefined rules for your organization. “Corp – Confidential View Only” and “Corp – Confidential” defines rules for every user in your company out-of-the-box.

When you are using the RMS software for the first time, you must be sign in with a “Microsoft Organization ID”. This ID is the eMail address from your download registration or an existing Microsoft Office 365 Account. Yes, every Office 365 Account is a “Microsoft Business ID” because you store the data and information inside of Microsoft AZURE Active Directory, the same base for AADRM.

And here is the good news….

With an Office 365 Business ID you can use the RMS Client with all its features
for free!

The client is easy to use. Type your email addresses and define the level of encryption and authorization. Click “send” and your email client is opened to send this encrypted file per email attachment. It’s that simple!


About the author

Michael Kirst-Neshva has been working for over 15 years as an IT Consultant and Trainer (MCT) Microsoft operating environment.  He was also designated "Microsoft Cloud Ambassador 2012" and has been an MVP for Office 365 since January 2013.

His previous projects and assignments have taken him into the worlds of SMB to enterprise customers. These activities cover the topics of cloud services, BPOS, Office 365, Microsoft infrastructure, Microsoft applications and services infrastructure, security, and integration into existing or new infrastructure.

As an Infrastructure Architect Michael helped shape new blueprints required for project implementation in projects. Michael is the founder and operator of the German User Group supports Office365 and with numerous contributions users and requesters for the optimal use of the new Microsoft cloud services. Also he is a speaker at various German based conferences like “ShareConf”, “CloudConf” and “SharePoint Conference Vienna”.

Read Michael’s German language blog or follow him on Twitter


About MVP Monday


The MVP Monday Series is created by Melissa Travers. In this series we work to provide readers with a guest post from an MVP every Monday. Melissa is a Community Program Manager, formerly known as MVP Lead, for Messaging and Collaboration (Exchange, Lync, Office 365 and SharePoint) and Microsoft Dynamics in the US. She began her career at Microsoft as an Exchange Support Engineer and has been working with the technical community in some capacity for almost a decade. In her spare time she enjoys going to the gym, shopping for handbags, watching period and fantasy dramas, and spending time with her children and miniature Dachshund. Melissa lives in North Carolina and works out of the Microsoft Charlotte office.


Skip to main content