Get-RMSServerAuthentication

Relevant for: AIP classic client only

Gets the server mode status that is used for authentication to RMS.

Syntax

Get-RMSServerAuthentication []

Description

The Get-RMSServerAuthentication cmdlet gets the server mode status and details that are set by using Set-RMSServerAuthentication. Server mode must be set to protect or unprotect files non-interactively. For example, if you protect files by using Windows Server and File Classification Infrastructure (FCI). This status remains on for the duration of your PowerShell session.

This cmdlet does not apply if you protect or unprotect files by using your user account.

To use server mode with the Azure Rights Management service, you must use a service principal account in Azure AD. To use server mode with AD RMS, the computer account must be granted permissions. For more information, see Using PowerShell with the Azure Information Protection client from the Azure Information Protection client admin guide.

Note

To provide a unified and streamlined customer experience, the Azure Information Protection classic client and Label Management in the Azure Portal are deprecated as of March 31, 2021. While the classic client continues to work as configured, no further support is provided, and maintenance versions will no longer be released for the classic client.

We recommend that you migrate to unified labeling and upgrade to the unified labeling client. Learn more in our recent deprecation blog.

Examples

Example 1: Get the server mode status when you are using Azure RMS

PS C:\>Get-RMSServerAuthentication
The RmsServerAuthentication is ON

Base64Key                                         AppPrincipalId                          BposTenantId
---------                                         --------------                          ------------
zIeMu8zNJ6U377CLtppkhkbl4gjodmYSXUVwAO5ycgA=      b5e3f76a-b5c2-4c96-a594-a0807f65bba4    23976bc6-dcd4-4173-9d96-dad1f48efd42

This command gets the server mode status and the output indicates that a service principal account is being used to authenticate to the Azure Rights Management service. The outputs includes the currently used identifiers.

Example 2: Get the serer mode status when you are using AD RMS

PS C:\>Get-RMSServerAuthentication
The RmsServerAuthentication is ON

This command gets the server mode status and because there are no identifiers, the output indicates that you are using Windows integrated authentication for AD RMS.