locked
Enabling AIP against SMTP domain or Active Directory Domain RRS feed

  • Question

  • Dear Folks,

    A customer has on premises domain as "abc.net" and SMTP domain is "abc.com" which is a verified domain in Office 365 Tenant (abc.com). We are in the process of evaluating AIP.

    I would like to confirm, against which domain, i should run this command for enabling Azure Information Protection (AIP) for Exchange.

    .\GenConnectorConfig.ps1 -ConnectorUri https://rmsconnector.abc.com -SetExchange2013

    or

    .\GenConnectorConfig.ps1 -ConnectorUri https://rmsconnector.abc.net -SetExchange2013


    Thanks, Sheeraz


    Wednesday, July 4, 2018 3:19 PM

Answers

  • Use the domain that holds the DNS record for the connector URL name (previously configured) - see this section: https://docs.microsoft.com/en-us/azure/information-protection/deploy-use/install-configure-rms-connector#configuring-load-balancing-and-high-availability

    After you have installed the second or final instance of the RMS connector, define a connector URL server name and configure a load balancing system.

    The connector URL server name can be any name under a namespace that you control. For example, you could create an entry in your DNS system for rmsconnector.contoso.com and configure this entry to use an IP address in your load balancing system. There are no special requirements for this name and it doesn’t need to be configured on the connector servers themselves. Unless your Exchange and SharePoint servers are going to be communicating with the connector over the Internet, this name doesn’t have to resolve on the Internet.
    ...
    After the name is created in DNS and is configured for an IP address, configure load balancing for that address, which directs traffic to the connector servers.

    Saturday, July 7, 2018 8:21 PM

All replies

  • Use the domain that holds the DNS record for the connector URL name (previously configured) - see this section: https://docs.microsoft.com/en-us/azure/information-protection/deploy-use/install-configure-rms-connector#configuring-load-balancing-and-high-availability

    After you have installed the second or final instance of the RMS connector, define a connector URL server name and configure a load balancing system.

    The connector URL server name can be any name under a namespace that you control. For example, you could create an entry in your DNS system for rmsconnector.contoso.com and configure this entry to use an IP address in your load balancing system. There are no special requirements for this name and it doesn’t need to be configured on the connector servers themselves. Unless your Exchange and SharePoint servers are going to be communicating with the connector over the Internet, this name doesn’t have to resolve on the Internet.
    ...
    After the name is created in DNS and is configured for an IP address, configure load balancing for that address, which directs traffic to the connector servers.

    Saturday, July 7, 2018 8:21 PM
  • Thanks Carol,

    We chose to work with SMTP domain (shown following) and it worked perfectly.

    .\GenConnectorConfig.ps1 -ConnectorUri https://rmsconnector.abc.net -SetExchange2013


    Thanks, Sheeraz

    Sunday, July 8, 2018 11:31 AM