"do not forward" button missing/greyed out; RMS and CA configured correctly RRS feed

  • Question

  • Greetings,

    I have an issue I can only (hopefully) imagine has an easy solution:

    I have MS Cert Authority (2008R2) in-house and in use (no problems). I have ADRMS (2008R2) set up and working for myself and the other domain admins (office 2010 pro).

    For our end-users, however (office 2010 standard), they can encrypt and digitally sign using their corporate MS CA certs, but the "do not forward" part of the permissions ribbon is missing or greyed out. Why is that? I can't find that DNF policy anywhere (it's built into the Outlook app, no?), the office14 GPO templates don't have that setting anywhere and I've racked my brain for hours trying to figure it out. I think I need to add some "everyone" permissions somewhere, but I don't know where?

    I'm a bit loopy and it's late, so who knows if I'm right or not. I've seen other people ask this question, but haven't found an answer.

    Can anyone put me out of my misery, but before that maybe have a good answer to my query? :)

    Thanks all. Much appreciated


    UPDATE: But via OWA, there is no problem for anyone. Is this an Outlook issue? Or a combination?

    • Edited by Lee Quidde Friday, January 4, 2013 12:23 PM
    Friday, January 4, 2013 10:20 AM


  • Hi. The IRM authoring functionality in Office is limited to Pro or Pro Plus editions of Office. Users with Office 2010 standard can consume IRM-protected content, but not create it. Unfortunately, there's no way around this other than upgrading the clients to Office Pro. You can create messages that are flagged with certain policy and then have an Exchange Transport Rule to protect the emails, but that will only apply to emails and not to documents.

    Hope this helps.

    Enrique Saggese - Sr. Program Manager - Information Protection - Microsoft Corporation

    • Marked as answer by Lee Quidde Friday, February 15, 2013 2:40 AM
    Monday, January 7, 2013 12:45 AM