Q
Get started Bring yourself up to speed with our introductory content.

How do admins check the Exchange IRM setup?

Testing Exchange information rights management functionality can be tedious, but Microsoft offers a dedicated cmdlet for Exchange 2016 administrators that streamlines the process.

The best way to know a tool works properly is to put it through rigorous testing. It's even better when you can...

automate that process.

Administrators can avoid time-consuming testing of Exchange 2016 information rights management (IRM) configurations with the Test-IRMConfiguration PowerShell cmdlet to ensure Exchange IRM performs as expected.

Administrators use the Test-IRMConfiguration cmdlet to analyze the IRM deployment. This PowerShell cmdlet runs a series of tests that ease the testing process and avoid any missed steps that might happen during a manual procedure.

How the cmdlet tests Exchange IRM

The Test-IRMConfiguration cmdlet starts by examining the Exchange IRM configuration and the Active Directory Rights Management Services (AD RMS) server for proper version and hotfix updates.

After these initial checks, the cmdlet tries to activate the AD RMS server by obtaining a Rights Account Certificate and client licensor certificate. It also attempts to obtain AD RMS rights policy templates from the AD RMS server. These checks verify the availability and connectivity between Exchange 2016 and rights management components.

Sending protected messages

Next, the cmdlet tests that a specified user can send messages protected with Exchange IRM. After sending these messages, the cmdlet attempts to obtain a user license and a pre-license for the desired recipient. This verifies IRM operation between senders and recipients within the organization.

Administrators use the Test-IRMConfiguration cmdlet to analyze the IRM deployment.

If the organization uses Exchange Online, the Test-IRMConfiguration cmdlet will check the connection to RMS Online and then obtain and validate the organization's trusted publishing domain.

Testing depends on the administrator's rights

The number of parameters available for the cmdlet will vary depending on the permissions assigned to the administrator. For example, an administrator responsible for Exchange IRM configuration will generally require both Compliance Management and Organization Management permissions, while a Transport Rules administrator will need Organization Management and Records Management permissions.

This was last published in May 2018

Dig Deeper on Microsoft Exchange Server Administration Tools

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What issues have you had with Exchange IRM configurations and how do you resolve them?
Cancel

-ADS BY GOOGLE

SearchWindowsServer

SearchEnterpriseDesktop

SearchCloudComputing

SearchSQLServer

Close