Exchange Online Archives - DavidAtkin.com

No RMS templates are available in your organization

By David | June 21, 2018 | Comments 27 comments

Problem:

When configuring a transport rule for ‘Apply Office 365 Message Encryption and rights protection to the message with…” you receive the following error when attempting to select a label:

“No RMS templates are available in your organization”

Solution:

You need to configure Exchange Online for RMS. See below for powershell commands:

#Configure Credentials
$cred = Get-Credential

# Configure Exchange Online PS Session
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic –AllowRedirection

# Import Exchange Online PS Session
Import-PSSession $Session

# Configure the RMS Online Key Sharing Location (Note that this url changes based on location – See the bottom of this article for locations)
Set-IRMConfiguration –RMSOnlineKeySharingLocation “https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc”

# Import the RMS Trusted Publishing Domain
Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

# Test the IRM Configuration to ensure that Exchange is configured correctly
Test-IRMConfiguration -RMSOnline

The output of this command should look something like this, with the overall result as PASS.
Results : Checking organization context …

– PASS: Organization context checked; running as tenant administrator.
Loading IRM configuration …
– PASS: IRM configuration loaded successfully.
Checking RMS Online tenant prerequisites …
– PASS: RMS Online tenant prerequisites passed.
Checking RMS Online authentication certificate …
– PASS: The RMS Online authentication certificate is valid.
Checking that a Trusted Publishing Domain can be obtained from RMS Online …
– PASS: Trusted Publishing Domain successfully obtained from RMS Online. Templates available:
Confidential \ All Employees, Highly Confidential \ All Employees, Secure Email.
Checking that the Trusted Publishing Domain obtained from RMS Online is valid …
– PASS: Trusted Publishing Domain obtained from RMS Online is valid.

OVERALL RESULT: PASS

# Set the IRM Internal Licencing to True
Set-IRMConfiguration -InternalLicensingEnabled $true

Give Exchange Online 20 minutes to see the update and you should then be able to see the Templates.

Global policy issue:

Currently there is a bug with Exchange Online not being able to see labels that are NOT included in the ‘Global’ Azure Information Protection Policy. This is being investigated by Microsoft at the time of writing this article.

RMS Key Sharing Location URLs:

North America
https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc

European Union
https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc

Asia
https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc

South America
https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc

Office 365 for Government (Government Community Cloud)
https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc

[amazon_link asins=’1509304789,1509304797,B07DFPMXX9′ template=’ProductGrid’ store=’412294wp-21′ marketplace=’UK’ link_id=’cfcdc236-7528-11e8-809a-dfacb79ea481′]

PowerShell Script to connect to Microsoft Online Services (Office365)

By David | October 26, 2017 | Comments 1 comment

Below is a simple PowerShell Script to connect to the following Microsoft Online Services:

Office365 Admin Center
Exchange Online
Sharepoint Online
Skype for Business
Security and Compliance Center

The Script has a simple Menu build in so that you can connect to the services that you need. You’re prompted for your Office365 Credentials prior to being put into the menu. Once you’re done connecting to the services, you can quit the menu (via option 6/Q) and use PowerShell as normal.

You can Dowload the script as a ZIP file from here:
Connect to all Microsoft Online Services

The Script will not set your execution policy. It’s presumed that you have the correct execution policy setup already.

Screenshot of the Simple Menu:

The Script:

Write-Host "Please Type in your Office365 Global Admin Credentials" $cred = Get-Credential


function Show-Menu

{

param (

[string]$Title = 'Which Microsoft Online Service would you like to connect to?'

)

cls

Write-Host "================ $Title ================"

Write-Host "1: Type '1' to connect to Exchange Online." Write-Host "2: Type '2' to connect to the Office365 Admin Center" Write-Host "3: Type '3' to connect to Sharepoint Online." Write-Host "4: Type '4' to connect to the Security and Compliance Center." Write-Host "5: Type '5' to connect to Skype for Business Online" Write-Host "Q: Press 'Q' to quit, or when you have connected to all required services." } do { Show-Menu $input = Read-Host "Please make a selection" switch ($input) { '1' { cls $session1 = New-Pssession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Authentication Basic -AllowRedirection -Credential $cred Import-PSSession $session1 } '2' { cls $session2 = Connect-MsolService -Credential $cred $session2 } '3' { cls $orgName= Read-Host "What is the tennant Name?" $session3 = Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $cred $session3 } '4' { cls $session4 = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Authentication Basic -AllowRedirection -Credential $cred Import-PSSession $session4 } '5' { cls $session5 = New-CsOnlineSession -Credential $cred Import-PSSession $session5 } 'q' { return } } pause } until ($input -eq 'q')