Nội dung Text: Using Information Rights Management
[ Team LiB ]
Using Information Rights Management
To protect your message with IRM, choose the Permission button sometime before
sending it. The Permission button is the envelope icon with the red circle on it, as shown
in Figure 8.15.
Figure 8.15. Select the Permission button to enable IRM. The InfoBar message
reminds you that the message has restricted permissions.
The first time you use IRM, either to send a restricted message or to read one, the IRM
software is downloaded from the Microsoft Office Web site and installed. It's about
340KB in size and shouldn't take more than a few minutes to download, even on a dial-up
After the client software is installed, a .NET passport is required to send or read messages
with restricted permissions. If you don't have a passport for your email address, you must
get one to use IRM. The first time you use IRM, the Passport Wizard opens and you can
get a passport for your email address or associate your existing passport with the service
and receive a rights management (RM) certificate.
If you don't have a passport account for your email address, the wizard leads you through
signing up for a passport and associating it with the rights management service.
If you use several different email addresses, you'll need a .NET Passport and certificate
for each address with which you send or receive protected messages.
After the RM certificate is installed and you open the message, you'll receive a warning
that the Office program needs to connect to the RM servers to verify your identity (see
Figure 8.16). If you aren't signed in to the Passport service, the passport logon dialog
Figure 8.16. Before opening an RM-protected message, your credentials must be
If the address doesn't match the address used on the message,
Outlook will display a message asking whether you want to open it
using a different set of credentials. Answering Yes opens the Select
User dialog for you to choose a different passport. When you need to
associate a new address with an RM certificate, you can get a new
passport using the Add button. Choosing No closes the dialog and
the RM-protected message is not opened.
You need to sign in to the licensing service using a .NET Passport associated with the
same email address used on the message. After you get the RM certificate, you must open
the message to read it because the Reading Pane is disabled along with the Copy,
Forward, and Print commands.
Corporations might have a rights management server available.
Instead of using a passport, you'll follow the instructions to log on to
your corporate server. As always, speak with your administrator if
you have any questions.
If you use Outlook to add restricted permissions to an attachment, the attachment can be
read but not edited. When attachments are assigned restricted permissions in Word,
Excel, or PowerPoint, you'll have more control over the permissions that readers have.
The File, Save menu option is disabled, but you can right-click on the attachment in the
opened message and choose Save As.
You can enable permissions on a message at any time before sending the message. The
message is signed using the passport with which you're currently signed in. If it doesn't
have an RM certificate, Outlook guides you through the required steps. If you have an
RM certificate associated with a different passport account, select the passport using File,
Permission, Restrict Permission As. The Select User dialog opens for you to select the
passport account to use.
If you have a Word, Excel, or PowerPoint document attached to the message, you'll
receive a warning that the attachment will also have restricted permissions. If you don't
want permissions assigned to the attachment, choose Cancel and the send operation will
be canceled. You must disable permissions or remove the attachment if you don't want it
to be protected.
Don't use IRM as a matter of routine and enable it on every message
you send. It's annoying when it's used on unimportant messages
because the recipient can't read the message without first connecting to
the certificate server.
[ Team LiB ]