使用 FCI 的 Windows 文件服务器如何支持 Azure Rights ManagementHow Windows file servers that use FCI support Azure Rights Management

适用于: Azure 信息保护Office 365Applies to: Azure Information Protection, Office 365

当你将 Windows Server 配置为使用文件分类基础结构时,此文件服务器资源管理器功能可以扫描本地文件,并确定它们是否包含敏感数据。When you configure Windows Server to use File Classification Infrastructure, this File Server Resource Manager feature can scan local files and determine whether they contain sensitive data. 对于满足此条件的文件,可以使用管理员定义的分类属性,对其进行标记。For files that meet this criteria, they are tagged with classification properties that an administrator defines. 然后,文件分类基础结构可根据分类执行自动操作。The File Classification Infrastructure can then take automatic action, according to the classification. 其中一项操作包括使用 Azure Rights Management 和 Rights Management 连接器(也称为 RMS 连接器)的部署来应用信息保护。One of these actions includes applying information protection by using Azure Rights Management and the deployment of the Rights Management connector (also known as the RMS connector). 然后,由 Azure RMS 自动保护 Office 文件。Office files are then automatically protected by Azure RMS.

若要保护所有文件类型,请不要使用 RMS 连接器,而是改为运行 Windows PowerShell 脚本,该脚本使用 Azure 信息保护模块中的 cmdlet。To protect all file types, do not use the RMS connector, but instead, run a Windows PowerShell script that uses cmdlets from the Azure Information Protection module.

分类策略是完全可以配置的,并且具有高度的可扩展性,因此你可以防止未授权和已授权用户可能发生的数据泄漏。The classification policies are fully configurable and highly extensible so that you can prevent potential data leakage from unauthorized and authorized users. 它甚至有助于降低网络管理员的数据泄漏风险,因为你可以配置不要求这些管理员具有文件访问权限的策略。It can even help to reduce the risk of data leakage by network administrators because you can configure policies that don’t require these administrators to have access to the files.

有关为 Office 文件部署和配置 RMS 连接器的说明,请参阅部署 Azure Rights Management 连接器For instructions to deploy and configure the RMS connector for Office files, see Deploying the Azure Rights Management connector.

有关对所有文件类型使用 Windows PowerShell 脚本的说明,请参阅使用 Windows Server 文件分类基础结构的 RMS 保护 (FCI)For instructions to use the Windows PowerShell script for all file types, see RMS Protection with Windows Server File Classification Infrastructure (FCI).

后续步骤Next steps

至此,已了解应用程序和服务如何支持 Azure RMS,建议比较 Azure RMS 与本地版 Rights Management、Active Directory Rights Management Services (AD RMS)。Now that you understand how applications and services support Azure RMS, you might be interested in comparing Azure RMS with the on-premises version of Rights Management, Active Directory Rights Management Services (AD RMS). 有关功能、要求和安全控制的比较,请参阅比较 Azure Rights Management 和 AD RMSFor a comparison of features, requirements, and security controls, see Comparing Azure Rights Management and AD RMS.