He can email it or share it by other means, but encryption and the usage license "travels" with the file, so other parties will not be able to open it. Now if he has sufficient permissions to edit the protection settings, that's a different story. In any case, you should look into using the newer AIP-based protection, as the IRM implementation is decade old...
Share an IRM-protected file with external user
![](https://techprofile.blob.core.windows.net/images/T99_3tSx-EahU0gSyTX89w.png?8DB933)
Hello,
I have an IRM-protected library on Sharepoint.
A user who has edit permissions on this library has downloaded a file.
Could he send that file to an external user who does not exist in my Azure AD Tenant?
From what I could research, this user can only see the permissions he has, but not change them so as to send it to an external user.
However, I have also noticed that if the site owner downloads it, he can change permissions on the file.
So, if I have an scenario where I'd like to share some documents, IRM is not the best choice?
Many thanks in advance.
1 additional answer
Sort by: Most helpful
-
Luis Olias 181 Reputation points
2021-02-10T17:05:19.31+00:00 Thanks a lot michev.
When you mention: "...Now if he has sufficient permissions to edit the protection settings, that's a different story..."
The user I am talking about is a member of the group, not an owner. From what I could see, owners can do what you mention.
So, in a environment where people need to share documents with external organizations, IRM is not the proper technology?
Thanks a lot.