Azure 信息保护统一标记客户端管理员指南Azure Information Protection unified labeling client administrator guide

适用于: Azure 信息保护,windows 10,Windows 8.1,windows 8,windows server 2019,windows server 2016,windows Server 2012 R2,windows server 2012Applies to: Azure Information Protection, Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

如果你具有 Windows 7 或 Office 2010,请参阅 AIP For Windows And office 版本中的扩展支持If you have Windows 7 or Office 2010, see AIP for Windows and Office versions in extended support.

适用于以下内容的说明: Azure 信息保护适用于 Windows 的统一标签客户端Instructions for: Azure Information Protection unified labeling client for Windows

如果你负责企业网络上的 Azure 信息保护统一标签客户端,或者如果你想要获得比 Azure 信息保护统一标签客户端用户指南中的更多技术信息,请使用本指南中的信息。Use the information in this guide if you are responsible for the Azure Information Protection unified labeling client on an enterprise network, or if you want more technical information than is in the Azure Information Protection unified labeling client user guide.

例如:For example:

  • 了解此客户端的不同组件以及是否应安装这些组件Understand the different components of this client and whether you should install it

  • 如何为用户安装客户端,以及有关先决条件、安装选项和参数及验证检查的信息How to install the client for users, with information about prerequisites, installation options and parameters, and verification checks

  • 查找客户端文件和使用情况日志Locate the client files and usage logs

  • 确定客户端支持的文件类型Identify the file types supported by the client

  • 将客户端与 PowerShell 结合用于命令行控制Use the client with PowerShell for command-line control

是否有本文档未解决的问题?Have a question that's not addressed by this documentation? 请访问 Azure 信息保护 Yammer 站点Visit our Azure Information Protection Yammer site.

Azure 信息保护统一标签客户端技术概述Technical overview of the Azure Information Protection unified labeling client

Azure 信息保护统一标签客户端包括以下各项:The Azure Information Protection unified labeling client includes the following:

  • Office 外接程序,可在功能区上安装 " 敏感度 " 按钮,使用户能够选择敏感度标签,并提供显示 Azure 信息保护栏以获得更好的标签可见性的选项。An Office add-in, that installs a Sensitivity button on the ribbon for users to select sensitivity labels, and an option to display the Azure Information Protection bar for better label visibility.

  • Windows 文件资源管理器,便于用户将分类标签和保护应用到文件的右键单击选项。Windows File Explorer, right-click options for users to apply classification labels and protection to files.

  • 一个查看器,可在本机应用程序无法将其打开时显示受保护的文件。A viewer to display protected files when a native application cannot open it.

  • 一个 PowerShell 模块,用于发现文件中的敏感信息,应用或删除分类标签和保护文件。A PowerShell module to discover sensitive information in files, and apply or remove classification labels and protection from files.

    客户端包括用于安装和配置在 Windows Server 上作为服务运行的 Azure 信息保护扫描程序 的 cmdlet。The client includes cmdlets to install and configure the Azure Information Protection scanner that runs as a service on Windows Server. 此服务允许你发现、分类和保护数据存储中的文件,例如网络共享和 SharePoint 服务器库This service lets you discover, classify, and protect files on data stores such as network shares and SharePoint Server libraries

  • 与保护服务通信的 Rights Management 客户端 (Azure Rights Management) 以加密和保护文件。The Rights Management client that communicates with the protection service (Azure Rights Management) to encrypt and protect files.

除查看器外,Azure 信息保护统一标签客户端不能与直接与保护服务或 Active Directory Rights Management Services 通信的应用程序和服务一起使用。With the exception of the viewer, the Azure Information Protection unified labeling client cannot be used with applications and services that communicate directly with the protection service or Active Directory Rights Management Services.

如果安装了 AD RMS,想迁移到 Azure 信息保护,请参阅从 AD RMS 迁移到 Azure 信息保护If you have AD RMS and want to migrate to Azure Information Protection, see Migrating from AD RMS to Azure Information Protection.

是否应部署 Azure 信息保护统一标签客户端?Should you deploy the Azure Information Protection unified labeling client?

如果你使用 的是 Office 365 安全 & 相容性中心中的敏感度标签,请部署 Azure 信息保护统一标签客户端,以下内容适用:Deploy the Azure Information Protection unified labeling client if you are using sensitivity labels in the Office 365 Security & Compliance Center, and any of the following applies:

  • 你需要通过在 Windows 计算机上的 Office 应用 (Word、Excel、PowerPoint、Outlook) 中选择标签来对 (和) 文档和电子邮件进行分类。You want to classify (and optionally, protect) documents and email messages by selecting labels from within your Office apps (Word, Excel, PowerPoint, Outlook) on Windows computers.

  • 想要通过使用文件资源管理器(支持除 Office、多选和文件夹支持的文件类型以外的其他文件类型)对文件进行分类(或保护)。You want to classify (and optionally, protect) files by using File Explorer, supporting additional file types than those supported by Office, multi-select, and folders.

  • 想要通过使用 PowerShell 命令运行对文档进行分类(或保护)的脚本。You want to run scripts that classify (and optionally, protect) documents by using PowerShell commands.

  • 你需要测试可发现、分类 (的服务,还可以选择保护本地存储的) 文件。You want to test a service that discovers, classifies (and optionally, protects) files that are stored on-premises.

  • 想要在本机应用程序显示未安装文件或无法打开这些文档时查看受保护的文档。You want to view protected documents when a native application to display the file is not installed or cannot open these documents.

示例显示 Azure 信息保护统一标签客户端的 Office 加载项,并显示功能区上的 "新建 敏感度 " 按钮和可选的 "Azure 信息保护" 栏:Example showing the Office add-in for the Azure Information Protection unified labeling client, displaying the new Sensitivity button on the ribbon and the optional Azure Information Protection bar:

具有默认策略的 Azure 信息保护栏

安装和支持 Azure 信息保护统一标签客户端Installing and supporting the Azure Information Protection unified labeling client

可以使用可执行文件或 Windows installer 文件来安装 Azure 信息保护统一标签客户端。You can install the Azure Information Protection unified labeling client by using an executable or a Windows installer file. 有关每个选项的详细信息和说明,请参阅为 用户安装 Azure 信息保护统一标签客户端For more information about each choice, and instructions, see Install the Azure Information Protection unified labeling client for users.

使用以下部分获取有关安装客户端的支持信息。Use the following sections for supporting information about installing the client.

安装检查和疑难解答Installation checks and troubleshooting

安装客户端后,请使用“帮助和反馈”选项打开“Microsoft Azure 信息保护”对话框********:When the client is installed, use the Help and Feedback option to open the Microsoft Azure Information Protection dialog box:

  • 从 Office 应用程序:在 " 主页 " 选项卡上的 " 敏感度 " 组中,选择 " 敏感度",然后选择 " 帮助和反馈"。From an Office application: On the Home tab, in the Sensitivity group, select Sensitivity, and then select Help and Feedback.

  • 在文件资源管理器中:右键单击选择一个/多个文件或文件夹,然后依次选择“分类和保护”和“帮助和反馈”。From File Explorer: Right-select a file, files, or folder, select Classify and protect, and then select Help and Feedback.

帮助和反馈”部分Help and Feedback section

默认情况下," 告诉我详细 信息" 链接转到 Azure 信息保护 网站。The Tell me more link by default, goes to the Azure Information Protection website. 你可以配置自己的 URL 链接,该链接将作为你的标签管理中心中的策略设置之一转到自定义帮助页: Office 365 Security & 相容性中心、Microsoft 365 安全中心或 Microsoft 365 合规中心。You can configure your own URL link that goes to a custom help page as one of the policy settings in your labeling management center: Office 365 Security & Compliance Center, Microsoft 365 security center, or Microsoft 365 compliance center.

仅当指定高级设置时,才会显示 "报告问题" 链接。The Report an Issue link displays only if you specify an advanced setting. 配置此设置时,指定 HTTP 链接,例如支持人员的电子邮件地址。When you configure this setting, you specify an HTTP link such as the email address of your help desk.

如果要求将这些日志文件发送到 Microsoft 支持部门,则 导出日志 会自动收集并附加 Azure 信息保护统一标签客户端的日志文件。The Export Logs automatically collects and attaches log files for the Azure Information Protection unified labeling client if you have been asked to send these to Microsoft Support. 最终用户也可使用此选项将这些日志文件发送给你的支持人员。This option can also be used by end users to send these log files to your help desk. 或者,可以使用 AIPLogs PowerShell cmdlet。Alternatively, you could use the Export-AIPLogs PowerShell cmdlet.

重置设置将注销用户,删除当前下载的敏感度标签和标签策略,并重置 Azure Rights Management 服务的用户设置。The Reset Settings signs out the user, deletes the currently downloaded sensitivity labels and label policies, and resets the user settings for the Azure Rights Management service.

备注

如果客户端出现技术问题,请参阅 支持选项和社区资源If you have technical problems with the client, see Support options and community resources.

有关“重置设置”选项的详细信息More information about the Reset Settings option
  • 不是本地管理员也能使用此选项,并且不会在事件查看器中记录此操作。You do not have to be a local administrator to use this option and this action is not logged in the Event Viewer.

  • 除非文件被锁定,否则此操作将删除以下位置中的所有文件。Unless files are locked, this action deletes all the files in the following locations. 这些文件包括客户端证书、保护模板、标签管理中心的敏感标签和策略,以及缓存的用户凭据。These files include client certificates, protection templates, sensitivity labels and policies from your labeling management center, and the cached user credentials. 不会删除客户端日志文件。The client log files are not deleted.

    • %LocalAppData%\Microsoft\DRM%LocalAppData%\Microsoft\DRM

    • %LocalAppData%\Microsoft\MSIPC%LocalAppData%\Microsoft\MSIPC

    • %LocalAppData%\Microsoft\MSIP\mip\<ProcessName.exe>%LocalAppData%\Microsoft\MSIP\mip\<ProcessName.exe>

    • %LocalAppData%\Microsoft\MSIP\AppDetails%LocalAppData%\Microsoft\MSIP\AppDetails

    • %LocalAppData%\Microsoft\MSIP\TokenCache%LocalAppData%\Microsoft\MSIP\TokenCache

  • 将删除以下注册表项和设置。The following registry keys and settings are deleted. 如果以下任意注册表项具有自定义值,则必须在重置客户端后重新对其进行配置。If the settings for any of these registry keys have custom values, these must be reconfigured after you reset the client.

    对于企业网络,通常使用组策略配置这些设置,在这种情况下,在计算机上刷新组策略时,将自动重新应用这些设置。Typically for enterprise networks, these settings are configured by using group policy, in which case they are automatically reapplied when group policy is refreshed on the computer. 但是,某些设置可能通过脚本一次性配置,或手动配置。However, there might be some settings that are configured one time with a script, or manually configured. 在这些情况下,必须执行其他步骤来重新配置这些设置。In these cases, you must take additional steps to reconfigure these settings. 例如,由于要从 AD RMS 迁移并且网络上仍有服务连接点,因此计算机要运行一次脚本才能配置用于重定向到 Azure 信息保护的设置。As an example, computers might run a script one time to configure settings for redirection to Azure Information Protection because you are migrating from AD RMS and still have a Service Connection Point on your network. 重置客户端后,计算机必须再次运行此脚本。After resetting the client, the computer must run this script again.

    • HKEY_CURRENT_USER \SOFTWARE\Microsoft\Office\15.0\Common\IdentityHKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Identity

    • HKEY_CURRENT_USER \SOFTWARE\Microsoft\Office\14.0\Common\DRMHKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\14.0\Common\DRM

    • HKEY_CURRENT_USER \SOFTWARE\Microsoft\Office\15.0\Common\DRMHKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\DRM

    • HKEY_CURRENT_USER \SOFTWARE\Microsoft\Office\16.0\Common\DRMHKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\DRM

    • HKEY_CURRENT_USER \SOFTWARE\Classes\Local Settings\Software\Microsoft\MSIPCHKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\MSIPC

  • 当前登录的用户已注销。The currently signed in user is signed out.

客户端状态”部分Client status section

使用“连接身份”值来确认显示的用户名是否是要用于 Azure 信息保护身份验证的帐户。Use the Connected as value to confirm that the displayed user name identifies the account to be used for Azure Information Protection authentication. 此用户名必须与用于 Office 365 或 Azure Active Directory 的帐户匹配。This user name must match an account used for Office 365 or Azure Active Directory. 此帐户还必须属于在标记管理门户中为敏感度标签配置的 Office 365 租户。The account must also belong to an Office 365 tenant that is configured for sensitivity labels in your labeling management portal.

如果需要以不同的用户身份登录到所显示的用户,请参阅 以其他用户身份登录If you need to sign in as a different user to the one displayed, see the Sign in as a different user instructions.

使用“版本”信息可以确认安装的是哪个版本的客户端。Use the Version information to confirm which version of the client is installed. 您可以通过阅读客户端的 版本信息 来检查这是否是最新的发行版和相应的修补程序和新功能。You can check whether this is the latest release version and the corresponding fixes and new features by reading the Version release information for the client.

支持多种语言Support for multiple languages

Azure 信息保护统一标签客户端支持 Office 365 支持的相同语言。The Azure Information Protection unified labeling client supports the same languages that Office 365 supports. 有关这些语言的列表,请参阅 Office 国际可用性页面的 Office 365、Exchange Online Protection 和 Power BI**** 部分。For a list of these languages, see the Office 365, Exchange Online Protection, and Power BI section from the International availability page from Office.

对于这些语言,菜单选项、对话框和来自 Azure 信息保护的消息,统一标签客户端以用户的语言显示。For these languages, menu options, dialog boxes, and messages from the Azure Information Protection unified labeling client display in the user's language. 只有单个安装程序可检测语言,因此,无需额外配置即可安装不同语言的 Azure 信息保护统一标签客户端。There is a single installer that detects the language, so no additional configuration is required to install the Azure Information Protection unified labeling client for different languages.

但是,在标签中心配置标签时,不会自动翻译指定的标签名称和说明。However, label names and descriptions that you specify are not automatically translated when you configure labels in your labeling center. 要使用户查看其首选语言的标签,请提供自己的翻译,并通过使用 Office 365 Security & 相容性 PowerShell 并使用集标签LocaleSettings参数为标签配置它们。For users to see labels in their preferred language, provide your own translations and configure them for the labels by using by using Office 365 Security & Compliance PowerShell and the LocaleSettings parameter for Set-Label. 视觉标记未翻译,且不支持多种语言。Visual markings are not translated and do not support more than one language.

安装后任务Post installation tasks

安装 Azure 信息保护统一标签客户端之后,请确保为用户提供有关如何标记文档和电子邮件的说明,以及针对特定方案选择哪些标签的指南。After you have installed the Azure Information Protection unified labeling client, make sure that you give users instructions for how to label their documents and emails, and guidance for which labels to choose for specific scenarios. 例如:For example:

安装 Azure 信息保护扫描程序Installing the Azure Information Protection scanner

统一标签客户端的扫描程序已正式发布。The scanner for the unified labeling client is generally available. Microsoft 下载中心安装最新版本的统一标签客户端。Install the current version of the unified labeling client, from the Microsoft Download Center.

如果是首次在计算机上安装扫描程序,请下载并安装此客户端,然后按照 部署 Azure 信息保护扫描程序中的说明自动对文件进行分类和保护If you are installing the scanner for the first time on a computer, download and install this client and then follow the instructions in Deploying the Azure Information Protection scanner to automatically classify and protect files.

如果要从 Azure 信息保护客户端 (经典) 或以前版本的统一标签客户端升级扫描程序,请参阅 升级 Azure 信息保护扫描程序 部分了解相关说明。If you are upgrading the scanner from the Azure Information Protection client (classic), or a previous version of the unified labeling client, see the Upgrading the Azure Information Protection scanner section for instructions.

升级和维护 Azure 信息保护统一标签客户端Upgrading and maintaining the Azure Information Protection unified labeling client

备注

Azure 信息保护统一标签客户端支持 (经典) 升级 Azure 信息保护客户端,以及从以前版本的 Azure 信息保护统一标签客户端升级。The Azure Information Protection unified labeling client supports upgrading the Azure Information Protection client (classic), as well as upgrading from previous versions of the Azure Information Protection unified labeling client.

Azure 信息保护团队会定期更新 Azure 信息保护统一标签客户端,以提供新功能和修补程序。The Azure Information Protection team regularly updates the Azure Information Protection unified labeling client for new functionality and fixes. 公告会发布到团队的 Yammer 网站Announcements are posted to the team's Yammer site.

如果使用 Windows 更新,则 Azure 信息保护的统一标签客户端将自动升级此客户端的常规可用性版本,而不考虑客户端的安装方式。If you are using Windows Update, the Azure Information Protection unified labeling client automatically upgrades the general availability version of this client, irrespective of how the client was installed. 新客户端版本会在发布后的几周内发布到目录中。New client releases are published to the catalog a few weeks after the release.

也可以从 Microsoft 下载中心下载新版本,手动升级客户端。Alternatively, you can manually upgrade the client by downloading the new release from the Microsoft Download Center. 然后,安装新版本来升级客户端。Then install the new version to upgrade the client. 如果要从 Azure 信息保护客户端升级 (经典) ,则必须使用此方法升级预览版。You must use this method to upgrade preview versions and if you are upgrading from the Azure Information Protection client (classic).

如果要从 Azure 信息保护客户端 (经典) 在 Windows 7 上进行升级,则在客户端升级过程中,任何 Office 应用程序都将自动重启。If you are upgrading from the Azure Information Protection client (classic) on Windows 7, any Office applications will automatically restart during the client upgrade. 此自动重启不适用于更高版本的操作系统,或者,如果要从统一标签客户端的较旧版本升级。This automatic restart does not apply to later operating systems, or if you are upgrading from an older version of the unified labeling client.

手动升级时,只有当要更改安装方法时,才需要先卸载旧版本。When you manually upgrade, uninstall the previous version first only if you're changing the installation method. 例如,从客户端的可执行文件 (.exe) 版本更改为客户端的 Windows 安装程序 (.msi) 版本。For example, you change from the executable (.exe) version of the client to the Windows installer (.msi) version of the client. 或当需要安装旧版客户端时。Or, if you need to install a previous version of the client. 例如,你安装了预览版本用于测试,现在需要恢复到当前的正式发行版。For example, you had a preview version installed for testing and now need to revert to the current general availability version.

使用 版本发行历史记录和支持策略 来了解 Azure 信息保护统一标签客户端的支持策略、当前支持的版本以及支持的版本的新增功能和更改功能。Use the Version release history and support policy to understand the support policy for the Azure Information Protection unified labeling client, which versions are currently supported, and what's new and changed for the supported releases.

升级 Azure 信息保护扫描程序Upgrading the Azure Information Protection scanner

用于升级扫描程序的说明取决于你是从 Azure 信息保护统一标签客户端中的扫描程序的早期版本升级,还是从 Azure 信息保护客户端升级 (经典) 。Instructions for upgrading the scanner depend on whether you are upgrading from an earlier version of the scanner from the Azure Information Protection unified labeling client, or from the Azure Information Protection client (classic).

从统一标签客户端的早期版本升级扫描程序To upgrade the scanner from an earlier version of the unified labeling client

  1. 在扫描程序计算机上,停止扫描程序服务“Azure 信息保护扫描程序”****。On the scanner computer, stop the scanner service, Azure Information Protection Scanner.

  2. Microsoft 下载中心下载并安装最新版本的统一标签客户端,以便升级 Azure 信息保护统一标签客户端。Upgrade the Azure Information Protection unified labeling client by downloading and installing the latest version of the unified labeling client from the Microsoft Download Center.

  3. 在 PowerShell 会话中,使用扫描仪的配置文件运行 Install-aipscanner 命令。In a PowerShell session, run the Update-AIPScanner command with your scanner's profile. 例如:Update-AIPScanner –Profile EuropeFor example: Update-AIPScanner –Profile Europe

  4. 重启 Azure 信息保护扫描程序服务“Azure 信息保护扫描程序”****。Restart the Azure Information Protection Scanner service, Azure Information Protection Scanner.

你现在可以使用 部署 Azure 信息保护扫描程序中的其余说明自动分类和保护文件,并忽略安装扫描程序的步骤。You can now use the rest of the instructions in Deploying the Azure Information Protection scanner to automatically classify and protect files, omitting the step to install the scanner. 由于已经安装了扫描仪,因此没有理由再次安装。Because the scanner is already installed, there's no reason to install it again.

从经典客户端升级扫描程序To upgrade the scanner from the classic client

如果当前正在从 Azure 信息保护客户端 (经典) 使用 Azure 信息保护扫描程序,则可以将其升级,以使用从 Office 365 安全 & 符合性中心发布的敏感信息类型和敏感度标签 (或 Microsoft 365 安全中心或 Microsoft 365 符合性中心) 。If you are currently using the Azure Information Protection scanner from the Azure Information Protection client (classic), you can upgrade it to use sensitive information types and sensitivity labels that are published from the Office 365 Security & Compliance Center (or the Microsoft 365 security center or the Microsoft 365 compliance center).

如何升级扫描程序取决于当前正在运行的经典客户端版本:How to upgrade the scanner depends on the version of the classic client that you are currently running:

升级会创建一个名为 " **AIPScannerUL_ <profile_name> **" 的新数据库,并保留以前版本的扫描数据库。The upgrade creates a new database named AIPScannerUL_<profile_name>, and the previous scanner database is retained in case you need it for the previous version. 如果确信不需要以前的扫描程序数据库,则可以将其删除。When you are confident you don't need the previous scanner database, you can delete it. 由于升级会创建一个新数据库,因此在首次运行时,扫描程序会重新扫描所有文件。Because the upgrade creates a new database, the scanner rescans all files the first time it runs.

从此客户端 (经典) 版本1.48.204.0 和更高版本升级 Azure 信息保护客户端Upgrade from the Azure Information Protection client (classic) version 1.48.204.0 and later versions of this client

如果使用统一标签客户端的预览版本升级扫描仪,则不需要再次运行这些说明。If you upgraded the scanner by using the preview version of the unified labeling client, you don't need to run these instructions again.

  1. 在扫描程序计算机上,停止扫描程序服务“Azure 信息保护扫描程序”****。On the scanner computer, stop the scanner service, Azure Information Protection Scanner.

  2. 通过从 Microsoft 下载中心下载和安装统一的标签客户端,升级到 Azure 信息保护统一的标签客户端。Upgrade to the Azure Information Protection unified labeling client by downloading and installing the unified labeling client from the Microsoft Download Center.

  3. 在 PowerShell 会话中,使用扫描仪的配置文件运行 Install-aipscanner 命令。In a PowerShell session, run the Update-AIPScanner command with your scanner's profile. 例如: Update-AIPScanner –Profile EuropeFor example: Update-AIPScanner –Profile Europe.

    此步骤创建一个名为的新数据库**AIPScannerUL_ <profile_name> **This step creates a new database with the name AIPScannerUL_<profile_name>

  4. 重启 Azure 信息保护扫描程序服务“Azure 信息保护扫描程序”****。Restart the Azure Information Protection Scanner service, Azure Information Protection Scanner.

你现在可以使用 部署 Azure 信息保护扫描程序中的其余说明自动分类和保护文件,并忽略安装扫描程序的步骤。You can now use the rest of the instructions in Deploying the Azure Information Protection scanner to automatically classify and protect files, omitting the step to install the scanner. 由于已经安装了扫描仪,因此没有理由再次安装。Because the scanner is already installed, there's no reason to install it again.

从 Azure 信息保护客户端升级 (早于1.48.204.0 的经典) 版本Upgrade from the Azure Information Protection client (classic) versions earlier than 1.48.204.0

重要

对于平滑升级路径,请不要在运行扫描程序的计算机上安装 Azure 信息保护统一标签客户端,作为升级扫描仪的第一步。For a smooth upgrade path, do not install the the Azure Information Protection unified labeling client on the computer running the scanner as your first step to upgrade the scanner. 请改用以下升级说明。Instead, use the following upgrade instructions.

从版本1.48.204.0 开始,扫描器使用配置文件从 Azure 门户获取其配置设置。Beginning with version 1.48.204.0, the scanner gets its configuration settings from the Azure portal, by using a configuration profile. 升级扫描程序包括指示扫描器使用此联机配置,为统一标签客户端提供脱机配置,不支持扫描程序的脱机配置。Upgrading the scanner includes instructing the scanner to use this online configuration and for the unified labeling client, offline configuration for the scanner is not supported.

  1. 使用 Azure 门户创建新的扫描程序配置文件,其中包含扫描程序和数据存储库的设置及其所需的任何设置。Use the Azure portal to create a new scanner profile that includes settings for the scanner and your data repositories with any settings that they need. 有关此步骤的帮助,请参阅从扫描程序部署说明 在 Azure 门户中配置扫描器For help with this step, see Configure the scanner in the Azure portal from the scanner deployment instructions.

  2. 在扫描程序计算机上,停止扫描程序服务“Azure 信息保护扫描程序”****。On the scanner computer, stop the scanner service, Azure Information Protection Scanner.

  3. 通过从 Microsoft 下载中心下载和安装统一的标签客户端,升级到 Azure 信息保护统一的标签客户端。Upgrade to the Azure Information Protection unified labeling client by downloading and installing the unified labeling client from the Microsoft Download Center.

  4. 在 PowerShell 会话中,使用你在步骤 1 中指定的相同配置文件名称运行 Update-AIPScanner 命令。In a PowerShell session, run the Update-AIPScanner command with the same profile name that you specified in step 1. 例如:Update-AIPScanner –Profile EuropeFor example: Update-AIPScanner –Profile Europe

  5. 重启 Azure 信息保护扫描程序服务“Azure 信息保护扫描程序”****。Restart the Azure Information Protection Scanner service, Azure Information Protection Scanner.

你现在可以使用 部署 Azure 信息保护扫描程序中的其余说明自动分类和保护文件,并忽略安装扫描程序的步骤。You can now use the rest of the instructions in Deploying the Azure Information Protection scanner to automatically classify and protect files, omitting the step to install the scanner. 由于已经安装了扫描仪,因此没有理由再次安装。Because the scanner is already installed, there's no reason to install it again.

从早于1.48.204.0 的版本升级时,如果在运行 Install-aipscanner 命令之前未在 Azure 门户中配置扫描仪,则没有指定用于标识升级过程的扫描程序配置设置的配置文件名称。when you upgrade from a version earlier than 1.48.204.0 and you don't configure the scanner in the Azure portal before you run the Update-AIPScanner command, you won't have a profile name to specify that identifies your scanner configuration settings for the upgrade process.

在这种情况下,当在 Azure 门户中配置扫描程序时,必须指定与运行 Update-AIPScanner 命令时使用的完全相同的配置文件名称。In this scenario, when you configure the scanner in the Azure portal, you must specify exactly the same profile name that was used when you ran the Update-AIPScanner command. 如果名称不匹配,则不会为设置配置扫描程序。If the name doesn't match, the scanner will not be configured for your settings.

提示

若要识别具有此错误配置的扫描仪,请使用 Azure 门户中的 " Azure 信息保护-节点 " 窗格。To identify scanners that have this misconfiguration, use the Azure Information Protection - Nodes pane in the Azure portal.

对于具有 internet 连接的扫描仪,它们使用 Azure 信息保护客户端的正式版本号显示其计算机名称,但没有配置文件名称。For scanners that have internet connectivity, they display their computer name with the GA version number of the Azure Information Protection client, but no profile name. 只有版本号为1.41.51.0 的扫描仪才能在此窗格中显示 "配置文件名称"。Only scanners that have a version number 1.41.51.0 should display no profile name on this pane.

卸载 Azure 信息保护统一标签客户端Uninstalling the Azure Information Protection unified labeling client

可使用以下任一选项卸载客户端:You can use any of the following options to uninstall the client:

  • 使用 "控制面板" 卸载程序:单击Microsoft Azure 信息保护 > 卸载Use Control Panel to uninstall a program: Click Microsoft Azure Information Protection > Uninstall

  • 重新运行可执行文件 (例如 AzInfoProtection_UL.exe) ,并从 " 修改安装程序 " 页上单击 " 卸载"。Rerun the executable (for example, AzInfoProtection_UL.exe), and from the Modify Setup page, click Uninstall.

  • 使用 /uninstall 运行可执行文件。Run the executable with /uninstall. 例如: AzInfoProtection_UL.exe /uninstallFor example: AzInfoProtection_UL.exe /uninstall

后续步骤Next steps

若要安装客户端,请参阅为 用户安装 Azure 信息保护统一标签客户端To install the client, see Install the Azure Information Protection unified labeling client for users.

若已安装客户端,要了解支持此客户端所需的其他信息,请参阅以下内容:If you've already installed the client, see the following for additional information that you might need to support this client: