EncryptionBackendSetup.ps1
<#PSScriptInfo .VERSION 1.2 .GUID 31ac2d7a-b320-4bb4-97ef-b89b0d6d5f00 .AUTHOR Chris.Loonan .COMPANYNAME .COPYRIGHT .TAGS .LICENSEURI .PROJECTURI .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES #> <# .DESCRIPTION Encryption Setup #> #Param() <#Created by Chris Loonan This Script is meant to automate the Encryption backend Setup. After this go into the exchange admin center on portal.office.com and turn on the rules to encrypt messages as the user wants #> #This menu has the user choose where they are located or if they are using a guvment license Function locationMenu{ $locaMenu = 'X' while($locaMenu -ne 'Q'){ Clear-Host Write-Host "`n`t`t Location`n" Write-Host "Location Submenu" Write-Host -NoNewline "`n["; Write-Host -NoNewline "1"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; ` Write-Host " North America" Write-Host -NoNewline "`n["; Write-Host -NoNewline "2"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; ` Write-Host " EU" Write-Host -NoNewline "`n["; Write-Host -NoNewline "3"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; ` Write-Host " Asia" Write-Host -NoNewline "`n["; Write-Host -NoNewline "4"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; ` Write-Host "South America" Write-Host -NoNewline "`n["; Write-Host -NoNewline "5"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; ` Write-Host " US GOVERNMENT" $locaMenu = Read-Host "`nSelection (Press enter for previous menu)" $timeStamp = Get-Date -Uformat %m%d%y%H%M # Option 1 if($locaMenu -eq 1){ #These links will be saved to the script variable location to be called later $Script:location="https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc" Write-Host "Location Saved" Encryption } if($locaMenu -eq 2){ $Script:location="https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc" Write-Host "Location Saved" } if($locaMenu -eq 3){ $Script:location="https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc" Write-Host "Location Saved" } if($locaMenu -eq 4){ $Script:location="https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc" Write-Host "Location Saved" } if($locaMenu -eq 5){ $Script:location="https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc" Write-Host "Location Saved" } } #this tells the script to head on down to the next function Encryption #away we gooooooooo } Function Encryption{ Clear-Host Write-Host "`n `t This Script will begin to setup the back end commands needed complete the Encryption Set-up" Write-Host "`n `t Press Q at the end to start over" Start-Sleep -s 3 #Check To see if they actually activated it $activationCheck=Read-Host "`n Have you installed the AADRM Module? (y/n)" if($activationCheck -eq "y"){ #Exchange Shell login $i = 0 for(){ Try{ if($i -ne 0){ Write-Host -NoNewLine 'You messed something up, login again...' $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown') } $UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection -ErrorAction Stop Import-PSSession $Session break } catch [System.Management.Automation.Remoting.PSRemotingTransportException],[System.Management.Automation.ParameterBindingException]{ if($i -eq 3){ return } } $i = $i + 1 } Connect-aadrmService -Credential $userCredential Enable-aadrm } #if the user Selected 'n' then they will still need to activate it on their azure portal. This will open to the page. if($activationCheck -eq "n"){ Write-Host "`n Redirecting, be sure to relaunch this script after you have downloaded the module." $IE=new-object -com internetexplorer.application $IE.navigate2("https://www.microsoft.com/en-us/download/confirmation.aspx?id=30339") $IE.visible=$true exit } #Configures the RMS Online key sharing location for the customer Set-IRMConfiguration -RMSOnlineKeySharingLocation $location Write-Host "`n `n Location Set" #import the Trusted Publishing Domain (TPD) from RMS Online Import-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online" Write-Host "`n `n Successfully Imported Trusted Publishing Domain" $userEmail=$usercredentials.username Write-Host "`n `n Disabling IRM Templates" Set-IRMConfiguration -ClientAccessServerEnabled $false Write-Host "`n `n Enabling IRM for Office 365 Encryption" Set-IRMConfiguration -InternalLicensingEnabled $true Test-IRMConfiguration -sender $useremail Write-Host "`n `n Setup Complete. You did it. Great Job. Keep up the good work." exit } locationMenu Encryption |