locked
Issue Integrating RMS Connector with service application RRS feed

  • Question

  • Hi everyone,

    We are having troubles trying to integrate our information protection application with the RMS Connector Infrastructure.

    The application was previosuly running with AAD RMS. It directly sent the protection requests directly to Azure RMS and everything worked fine.

    Our application was configured to communicate with the cloud based RMS following this guide: https://docs.microsoft.com/en-us/information-protection/develop/how-to-use-file-api-with-aadrm-cloud

    We have created a service identity via ACS and record the key information from that process.

    SYMMETRIC KEY GENERATION:
    Import-Module MSOnline
    Connect-MsolService
    New-MsolServicePrincipal

    FIND OUT TENANTBPOSID AND URLS:
    Import-Module aadrm
    Connect-AadrmService
    Get-AadrmConfiguration

    In our application we used this information to connect and authenticate on the Azure RMS cloud in the following way

    SafeNativeMethods.IpcSetAPIMode(APIMode.Server);
    SymmetricKeyCredential credentials = new SymmetricKeyCredential();
    credentials.AppPrincipalId = MY_APP_PRINCIPAL_ID;
    credentials.Base64Key = BASE_64_KEY;
    credentials.BposTenantId = BPOS_TENANT_ID;
    ConnectionInfo ci = new ConnectionInfo(new System.Uri(extranetURL), new System.Uri(intranetURL))


    where

    extranetURL = "https://mytenant/_wmcs/licensing";
    intranetURL = "https://mytenant/_wmcs/licensing"


    Now we are looking to integrate our application with the RMS Connector Infrastructure.
    We have deplyed the RMS connector Infrastructure following this guide: https://docs.microsoft.com/en-us/information-protection/deploy-use/install-configure-rms-connector#authorizing-servers-to-use-the-rms-connector
    We then changed our extranetURL and intranetURL by substituting our tenant address with the DNS of our RMS Connector.

    extranetURL = "https://rmsConnectorDNS/_wmcs/licensing";
    intranetURL = "https://rmsConnectorDNS/_wmcs/licensing"

    At this point we run our application but it returns the following exception:"The request is not supported. HRESULT: 0x80070032"  when our code performs this function call:

    IpcGetTemplateIssuerList(ci, false, true, false, true, null, credentials);
    How can We correctly integrate our application with the RMS Connector Infrastructure?


    Thanks!

    Wednesday, December 14, 2016 2:35 PM

All replies

  • Hi Simone,

                 You don't need provide the connection info. Take a look at the following sample project on GitHub, let me know if it gets you closer. You should just be able to communicate with Azure AIP and not have to talk to the connector.

    https://github.com/Azure-Samples/Azure-Information-Protection-Samples/tree/master/AzureIP_Test

    In that example we provide the Azure information in the App.Config file.

    Kartik

    Wednesday, December 14, 2016 7:46 PM
  • Hi Kartik,

    First of all thank you for your answer.

    What you posted is correct but it is a requirement for our project to be able to communicate with Azure RMS through the RMS connector.
    We already succeeded in communicating directly with Azure RMS in our previous configuration, our problem at the moment is to be able to keep the same functionality as we had before but making requests go through the RMS connector component.

    I hope I explained myself clearly and thanks again,

    Alessandro
    Tuesday, December 20, 2016 4:11 PM