1. Ensure you have assigned an Azure right Management license to the user in Office 365.
2. Run the following from a an Elevate PowerShell instance.
If you have never installed Encrypted email before, you may need to install AzureRM and AADRM.
Install-Module -Name AzureRM -AllowClobber Install-Module -Name AADRM
3. Next run this script (you will need the tenant office 365 credentials):
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $session
Set-IRMConfiguration -SimplifiedClientAccessEnabled $true
$cred = Get-Credential
Get-Command -Module aadrm
Connect-AadrmService -Credential $cred
Enable-Aadrm
$rmsConfig = Get-AadrmConfiguration
$licenseUri = $rmsConfig.LicensingIntranetDistributionPointUrl
Disconnect-AadrmService
$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $session
$irmConfig = Get-IRMConfiguration
$list = $irmConfig.LicensingLocation
if (!$list) { $list = @() }
if (!$list.Contains($licenseUri)) { $list += $licenseUri }
Set-IRMConfiguration -LicensingLocation $list
Set-IRMConfiguration -AzureRMSLicensingEnabled $true -InternalLicensingEnabled $true
Set-IRMConfiguration -SimplifiedClientAccessEnabled $true
Set-IRMConfiguration -ClientAccessServerEnabled $true4. To test it is working run:
Test-IRMConfiguration -Sender [email protected]
5. Next, in the Office 365 Exchange Admin centre, set up a mail flow rule like this:
