Get-RMSServerAuthentication

Gets the server mode status that is used for authentication to RMS.

Syntax

Get-RMSServerAuthentication []

Description

The Get-RMSServerAuthentication cmdlet gets the server mode status and details that are set by using Set-RMSServerAuthentication. Server mode must be set to protect or unprotect files non-interactively. For example, if you protect files by using Windows Server and File Classification Infrastructure (FCI). This status remains on for the duration of your PowerShell session.

This cmdlet does not apply if you protect or unprotect files by using your user account.

To use server mode with the Azure Rights Management service, you must use a service principal account in Azure AD. To use server mode with AD RMS, the computer account must be granted permissions. For more information, see Using PowerShell with the Azure Information Protection client from the Azure Information Protection client admin guide.

Examples

Example 1: Get the server mode status when you are using Azure RMS

PS C:\>Get-RMSServerAuthentication
The RmsServerAuthentication is ON

Base64Key                                         AppPrincipalId                          BposTenantId
---------                                         --------------                          ------------
zIeMu8zNJ6U377CLtppkhkbl4gjodmYSXUVwAO5ycgA=      b5e3f76a-b5c2-4c96-a594-a0807f65bba4    23976bc6-dcd4-4173-9d96-dad1f48efd42

This command gets the server mode status and the output indicates that a service principal account is being used to authenticate to the Azure Rights Management service. The outputs includes the currently used identifiers.

Example 2: Get the serer mode status when you are using AD RMS

PS C:\>Get-RMSServerAuthentication
The RmsServerAuthentication is ON

This command gets the server mode status and because there are no identifiers, the output indicates that you are using Windows integrated authentication for AD RMS.