Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2011-03-19
Using Microsoft Outlook protection rules, you can protect messages with Information Rights Management (IRM) by applying an Active Directory Rights Management Services (AD RMS) template in Outlook 2010 before the messages are sent.
|If you configure Outlook protection rules to IRM-protect messages, consider enabling transport decryption to allow transport agents, including the Transport Rules agent, to decrypt and access the message. If you use journaling, you should also consider enabling journal report decryption to allow the Journaling agent to save an unencrypted copy of the message in the journal report. For more information, see Understanding Journal Report Decryption.|
Looking for other management tasks related to IRM? Check out Managing Information Rights Management.
You must have an AD RMS server deployed in the same Active Directory forest as your server running Microsoft Exchange Server 2010.
Use the Shell to create an Outlook protection rule
You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Rights protection" entry in the Messaging Policy and Compliance Permissions topic.
|You can't use the EMC to create Outlook protection rules.|
This example creates the Outlook protection rule Project Contoso. The rule protects messages sent to the ContosoPMs distribution group with the AD RMS template Business Critical.
New-OutlookProtectionRule -Name "Project Contoso" -SentTo "DL-ContosoPMs@contoso.com" -ApplyRightsProtectionTemplate "Business Critical"
|When you use the
You can also use the
SentToScope predicates to apply IRM protection to
messages sent from users in the specified department or messages
sent to the specified scope (
All for all recipients).
For detailed syntax and parameter information, see New-OutlookProtectionRule.