Month: August 2014

Azure Rights Management and external users

Rights management is extremely important! The last thing you want is that a document with business critical information is lost.

Azure Rights Management is an easy way to get a few steps more secure. In this blog post, I will show how you can get started yourself, and how to send a protected document to an external user that do not have Azure Rights Management.

For demonstration purposes, I will use a fictive food restaurant that I just opened, Anders Food 14. Our domain name will then be anderseide14.onmicrosoft.com. Should be good enough to get through this post.

As this is an Office 365 tenant, enabling Azure RM is just a few clicks away.

While singed in to the Office 365 admin center, click Service Settings, and then Rights Management.
Note: This post was written before the graphical update of the Office 365 Admin Center, but the steps in this post is still valid 🙂

ActivateRMSOffice365

There, click Manage, and you are sent to this page

ActivateRMSOffice365Button

There you simply click Activate, and then confirm it by clicking activate once more.

ActivateRMSOffice365ButtonConfirm

You are now aboard, and your tenant is ready to use Azure Rights Management. If you need to create custom Rights Management templates you also need an Azure subscription, but to get started you should be good with only Office 365 for now.

ActivateRMSOffice365Activated

The next step is to try this out. Open Word, and make sure you are signed in using the corporate account. In my case, I’m signed in using theboss@anderseide14.onmicrosoft.com

I like to protect my documents even before I start adding content. Click File, and on the Info tab, locate a button named Protect Document. If you click that one, you get a new menu with an option named Restrict Access. Hover that one, and if this is your first time, you can select Connect to Rights Management Servers and get templates.

ConnectRightsManagementServers

Now, you are ready to protect the document. Click Protect Document, then Restrict Access again.. For the purpose of this blog post, select Restricted Access. Add the email address of an external contact in the Read field and click OK.

SetRestrictedAccessRightsManagementServers

SetDocumentPermissions - Safe

 

Add some secret information, and save the document. In my case, I will add a new menu that we will release later this summer.

MenuDocument

After the document is saved, give it to the external contact, along with this URL: https://portal.aadrm.com/.

https://portal.aadrm.com (Microsoft Rights Management) is a site where you can sign up for a free Azure RM account that you can use to DRM proterct your files and documents. If you use Azure RM to protect your documents, your recipients have to use Azure RM their self, or they can get a free account from this service to be able to open them.

I have not enabled my private address for Azure Rights Management yet, so when I try to open the document, I get this message.

RMSNoAccessToDocument

I could have signed in using my account here, or I could request access to the document using another account. I already know that I need to use my private address, so to solve this case, I go to the Microsoft Rights Management portal, and begin the sign up process.

SignUpGetStarted - Safe

I’m now sent to a form that needs filling. When that’s done, I click Create.

RegisterAccount - Safe

A verification email is now sent to my address.

EmailVerificationSendt - Safe

When it arrives, I verify by clicking the link.

EmailVerification

When that’s done, I get a Thank you message, and I’m ready to open the document.

SignupComplete

Well, try opening the file again, and this time click Change User, and sign in with the email and password you created during the Microsoft Rights Management sign up request.

Whola. You and your contact are now in, and ready to secure every document.

Advertisements