The tricky bit in this command was working out how to provide the logo file as just the filename creates a PowerShell error and the Get-Content cmdlet has to be used to encode the file. Set-OMEConfiguration -Identity "OME Configuration" -Image (Get-Content "risuallogo.png" -Encoding byte) -PortalText "risual Secure Email Portal" -EmailText "Encrypted message from risual" Get-OMEConfiguration provides the current Office 365 Message Encryption configuration and to set the configuration to meet my requirements, I used something similar to this (I’ve substituted risual for the actual customer name!): This is all done in PowerShell, with some simple commands: Testing my rule was easy enough, but it’s also possible to customise the portal that recipients go to in order to read the encrypted message. With RMS/Information Rights Management (IRM) properly enabled I could create the rule as intended. Set-IRMConfiguration -InternalLicensingEnabled $true Import-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online" (that’s the European command – there are alternative locations for other regions listed in the post I used to help me) Set-IRMConfiguration –RMSOnlineKeySharingLocation “” I also needed to run the following commands in PowerShell: This is because it’s not just a case of enabling RMS in the service settings. You can’t create a rule containing the ApplyOME or RemoveOME action because IRM licensing is disabled. Unfortunately that still didn’t work and the resulting error message was: ![]() ![]() That’s because Office 365 Message Encryption needs Azure Rights Management Services (RMS) to be enabled, and it’s necessary to use the More Options link to expose the option to Modify the Message Security… from which it’s possible to Apply Office 365 Message Encryption. The challenge for me was that I wasn’t creating it in PowerShell – I was using the Exchange Admin Center and the appropriate options weren’t visible. New-TransportRule -Name 'Encrypt email on request' -Comments ' ' -Mode Enforce -SubjectOrBod圜ontainsWords 'encrypt me please' -ApplyOME $true Office 365 Message Encryption needs Azure RMS I could equally have done this based on other criteria (for example, I suggest that any message marked as confidential and sent externally would be a good candidate). This one is relatively straightforward – Office 365 Message Encryption has been around for a while now (it replaced Exchange Hosted Encryption) – and I was able to use a transport rule to detect a phrase in the subject or body (“encrypt me please”) and apply Office 365 Message Encryption accordingly. As part of my work this week with Exchange transport rules, I needed to recreate another facility that my customer has grown used to in Office 365 – the ability to selectively encrypt emails using keywords.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |