Setting up Encrypted email in Office 365 in 5 Steps

Posted on By rich No Comments on Setting up Encrypted email in Office 365 in 5 Steps

1. Ensure you have assigned an Azure right Management license to the user in Office 365.

2. Run the following from a an Elevate PowerShell instance.

If you have never installed Encrypted email before, you may need to install AzureRM and AADRM.

Install-Module -Name AzureRM -AllowClobber
Install-Module -Name AADRM

3. Next run this script (you will need the tenant office 365 credentials):

$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $session
Set-IRMConfiguration -SimplifiedClientAccessEnabled $true
$cred = Get-Credential
Get-Command -Module aadrm
Connect-AadrmService -Credential $cred
Enable-Aadrm
$rmsConfig = Get-AadrmConfiguration
$licenseUri = $rmsConfig.LicensingIntranetDistributionPointUrl
Disconnect-AadrmService
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $session
$irmConfig = Get-IRMConfiguration
$list = $irmConfig.LicensingLocation
if (!$list) { $list = @() }
if (!$list.Contains($licenseUri)) { $list += $licenseUri }
Set-IRMConfiguration -LicensingLocation $list
Set-IRMConfiguration -AzureRMSLicensingEnabled $true -InternalLicensingEnabled $true
Set-IRMConfiguration -SimplifiedClientAccessEnabled $true
Set-IRMConfiguration -ClientAccessServerEnabled $true

4. To test it is working run:

Test-IRMConfiguration -Sender [email protected]

5. Next, in the Office 365 Exchange Admin centre, set up a mail flow rule like this:

Leave a Reply

Your email address will not be published. Required fields are marked *