WavebreakmediaMicro - Fotolia
How do admins check the Exchange IRM setup?
Testing Exchange information rights management functionality can be tedious, but Microsoft offers a dedicated cmdlet for Exchange 2016 administrators that streamlines the process.
The best way to know a tool works properly is to put it through rigorous testing. It's even better when you can automate that process.
Administrators can avoid time-consuming testing of Exchange 2016 information rights management (IRM) configurations with the Test-IRMConfiguration PowerShell cmdlet to ensure Exchange IRM performs as expected.
Administrators use the Test-IRMConfiguration cmdlet to analyze the IRM deployment. This PowerShell cmdlet runs a series of tests that ease the testing process and avoid any missed steps that might happen during a manual procedure.
How the cmdlet tests Exchange IRM
The Test-IRMConfiguration cmdlet starts by examining the Exchange IRM configuration and the Active Directory Rights Management Services (AD RMS) server for proper version and hotfix updates.
After these initial checks, the cmdlet tries to activate the AD RMS server by obtaining a Rights Account Certificate and client licensor certificate. It also attempts to obtain AD RMS rights policy templates from the AD RMS server. These checks verify the availability and connectivity between Exchange 2016 and rights management components.
Sending protected messages
Next, the cmdlet tests that a specified user can send messages protected with Exchange IRM. After sending these messages, the cmdlet attempts to obtain a user license and a pre-license for the desired recipient. This verifies IRM operation between senders and recipients within the organization.
If the organization uses Exchange Online, the Test-IRMConfiguration cmdlet will check the connection to RMS Online and then obtain and validate the organization's trusted publishing domain.
Testing depends on the administrator's rights
The number of parameters available for the cmdlet will vary depending on the permissions assigned to the administrator. For example, an administrator responsible for Exchange IRM configuration will generally require both Compliance Management and Organization Management permissions, while a Transport Rules administrator will need Organization Management and Records Management permissions.
Dig Deeper on Microsoft messaging and collaboration
Related Q&A from Stephen J. Bigelow
What is data separation and why is it important in the cloud?
Some enterprises avoid the public cloud due to its multi-tenant nature and data security concerns. Learn what data separation is and how it can keep ... Continue Reading
NAS vs. object storage: What's best for unstructured data storage?
There are advantages and disadvantages to using NAS or object storage for unstructured data. Find out what to consider when it comes to scalability, ... Continue Reading
Do hypervisors limit vertical scalability?
Knowing hardware maximums and VM limits ensures you don't overload the system. Learn hypervisor scalability limits for Hyper-V, vSphere, ESXi and ... Continue Reading