On-premises servers that support Azure Rights Management data protection

Applies to: Azure Information Protection, Office 365

The following on-premises server products are supported with Azure Information Protection when you use the Azure Rights Management connector. This connector acts as a communications interface (a relay) between the on-premises servers and the Azure Rights Management service that is used by Azure Information Protection to protect Office documents and emails.

To use this connector, you must configure directory synchronization between your Active Directory forests and Azure Active Directory.

  • Exchange Server:

    • Exchange Server 2016

    • Exchange Server 2013

    • Exchange Server 2010

  • Office SharePoint Server:

    • Office SharePoint Server 2016

    • Office SharePoint Server 2013

    • Office SharePoint Server 2010

  • File servers that run Windows Server and use File Classification Infrastructure (FCI):

    • Windows Server 2016

    • Windows Server 2012 R2

    • Windows Server 2012


    Because file servers that run Windows Server 2008 R2 do not have a built-in file management task action to apply Rights Management protection, you cannot use the Rights Management connector for this scenario. However, you can use File Classification Infrastructure and Azure RMS on these operating systems if you configure a custom file management task to run an executable or script that can protect files by using Azure RMS. For example, a Windows PowerShell script that uses the AzureInformationProtection cmdlets.

    You can also use these cmdlets with servers running later versions of Windows Server, with the benefit that these cmdlets can protect all file types. The RMS connector protects Office files only. For how-to instructions, see RMS Protection with Windows Server File Classification Infrastructure (FCI).

The Rights Management connector is supported on Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, and Windows Server 2008 R2.

For more information about how to configure the Rights Management connector for these on-premises servers, see Deploying the Azure Rights Management connector.

Next steps

To check for other requirements, see Requirements for Azure Information Protection.