Office Message Encryption Configuration and Troubleshooting

You have the possibility of checking: - the current configuration - enable/disable OME versions - view and export templates/labels details - check known issues - export and check logs - open or refresh cache IRM folder or registry

5 Star
7,090 times
Add to favorites
Office 365
E-mail Twitter Digg Facebook
  • MFA Update
    1 Posts | Last post June 29, 2019
    • Awesome script, hopefully gets updated to using MFA.
      I had to combine the post below as well as this article in order for it to connect properly (though I had to auth 4 times). 
  • No available subscription which contains Azure Informaion Protection capability
    2 Posts | Last post April 04, 2019
    • Hi there
      Great script that saved me a lot of hassle.  Echo the request for MFA function so I look forward to version 1.2
      I have a client with AIP Plan 2 and ARM enabled all OK.  When I select option 8 I get "No available subscription which contains Azure Informaion Protection capability."  What does this point to please as far as I can see the tenant is up and running with AIP enabled.
    • Hi,
      We too would really love the version that supports MFA. For some reason, replacing the commands as indicated below just does not want to work.
      Thank you so much Victor for this. 
  • MFA Auth
    2 Posts | Last post April 24, 2018
    • Have you thought about building an MFA functional version of the script? I was able to access my tenant by swapping the following: 
              Connect-AadrmService -Credential $global:cred -ErrorAction Stop
              $global:session = New-PSSession -ConfigurationName Microsoft.Exchange  `
              -ConnectionUri  `
              -Credential $global:cred -Authentication Basic -AllowRedirection
              Import-PSSession $session -AllowClobber | Out-Null
              Connect-MsolService -Credential $global:cred
      With this:
              Connect-AadrmService -ErrorAction Stop
      and running the script in the Exchange Online Powershell Module. We just used the script to enable both OMEv1 and OMEv2, which is going to save us a lot of headaches! Thanks again for the awesome script. 
    • Thank you Justin for your feedback and I'm glad it helped you to configure OME faster.
      I'll add the MFA functionality in the 1.2 version of the script.
  • Uploaded an improved version:
    1 Posts | Last post April 13, 2018
  • Deprecated Commands
    2 Posts | Last post March 22, 2018
    • Sadly the OMEv1 Set-IRMConfiguration -RMSOnlineKeySharingLocation is now deprecated. 
    • Hello Eferguson03,
      The cmdlet is deprecated only if OMEv2 is enabled, case in which templates/labels are managed by Azure Information Protection (AIP).
      To check if OMEv2 was enabled you can verify if the following returned value is true:
  • Typo
    2 Posts | Last post February 26, 2018
    • Hi Victor,
      nice one - thank you for sharing it! There seems to be a small typo in line 627. I get the error message when i export the logs:
      Get-AadrmUsageLogFeature : A parameter cannot be found that matches parameter name 'eq'.
      At C:\Users\xxx\scripts\OMEv2.ps1:627 char:34
      +     if (Get-AadrmUsageLogFeature -eq $true)
      +                                  ~~~
    • Thank you Jacob, I've fix it.