top of page

Part 3: How to enable IRM( AD RMS) in Exchange 2013

In this multi Part Articles, I have been covered how to installing,Configuring,creating templates and publishing it using SMB Share to domain users.

Here we will see how to integrate AD RMS with Exchange Servers and enabling the templates for mail to protect.

Before we are going  to enabling in Exchange, We need to give permissions of AD RMS Certifications to Exchange Servers. Basically we could do that by adding all the Exchange servers in one DL and give permissions to that DL since you will be having multiple servers.

Open IIS Manager in AD RMS Server. Note, you need to use Service account to login to AD RMS Server.


Right Click on Certifications–Select Switch to Content View


Right Click on ServerCertifications.ASPX and Edit Permissions


Add Exchange Servers and Give Full Control


Alright. We done at AD RMS.

Now login to Exchange Server and Open Exchange Powershell console and run the following commands to enable IRM

To enable on CAS –   Set-IRMConfiguration -ClientAccessServerEnabled $true

To Enable for OWA –   Set-OWAMailboxPolicy –Identity Default -IRMEnabled $true

For Multimailbox IRM search –   Set-IRMConfiguration -SearchEnabled $true

For Licensing Internally –   Set-IRMConfiguration –InternalLicensingEnabled $true

For Licensing External users –   Set-IRMConfiguration –ExternalLicensingEnabled $true

Once you enabled, You can run Get-IRMConfiguration to see which are all services we enabled.

Run Get-RMSTemplate |format-list to see the templates available to use.


Login into the Exchange Outlook Web App(OWA) and see the templates.


Run Test-IRMCongiuration -sender to test the IRM Configuration and AD RMS health status of the URLs and availability of the services.

6 views0 comments


bottom of page