Relevant for: AIP classic client only
Gets the server mode status that is used for authentication to RMS.
The Get-RMSServerAuthentication cmdlet gets the server mode status and details that are set by using Set-RMSServerAuthentication. Server mode must be set to protect or unprotect files non-interactively. For example, if you protect files by using Windows Server and File Classification Infrastructure (FCI). This status remains on for the duration of your PowerShell session.
This cmdlet does not apply if you protect or unprotect files by using your user account.
To use server mode with the Azure Rights Management service, you must use a service principal account in Azure AD. To use server mode with AD RMS, the computer account must be granted permissions. For more information, see Using PowerShell with the Azure Information Protection client from the Azure Information Protection client admin guide.
To provide a unified and streamlined customer experience, the Azure Information Protection classic client and Label Management in the Azure Portal are deprecated as of March 31, 2021. While the classic client continues to work as configured, no further support is provided, and maintenance versions will no longer be released for the classic client.
Example 1: Get the server mode status when you are using Azure RMS
PS C:\>Get-RMSServerAuthentication The RmsServerAuthentication is ON Base64Key AppPrincipalId BposTenantId --------- -------------- ------------ zIeMu8zNJ6U377CLtppkhkbl4gjodmYSXUVwAO5ycgA= b5e3f76a-b5c2-4c96-a594-a0807f65bba4 23976bc6-dcd4-4173-9d96-dad1f48efd42
This command gets the server mode status and the output indicates that a service principal account is being used to authenticate to the Azure Rights Management service. The outputs includes the currently used identifiers.
Example 2: Get the serer mode status when you are using AD RMS
PS C:\>Get-RMSServerAuthentication The RmsServerAuthentication is ON
This command gets the server mode status and because there are no identifiers, the output indicates that you are using Windows integrated authentication for AD RMS.