EncryptionBackendSetup.ps1


<#PSScriptInfo
 
.VERSION 1.2
 
.GUID 31ac2d7a-b320-4bb4-97ef-b89b0d6d5f00
 
.AUTHOR Chris.Loonan
 
.COMPANYNAME
 
.COPYRIGHT
 
.TAGS
 
.LICENSEURI
 
.PROJECTURI
 
.ICONURI
 
.EXTERNALMODULEDEPENDENCIES
 
.REQUIREDSCRIPTS
 
.EXTERNALSCRIPTDEPENDENCIES
 
.RELEASENOTES
 
 
#>


<#
 
.DESCRIPTION
 Encryption Setup
 
#>
 

#Param()


<#Created by Chris Loonan
This Script is meant to automate the Encryption backend Setup.
 
After this go into the exchange admin center on portal.office.com and turn on the rules to encrypt messages as the user wants
#>





#This menu has the user choose where they are located or if they are using a guvment license
Function locationMenu{
    $locaMenu = 'X'
        while($locaMenu -ne 'Q'){
            Clear-Host
            Write-Host "`n`t`t Location`n"
            Write-Host "Location Submenu"
            Write-Host -NoNewline "`n["; Write-Host -NoNewline "1"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; `
                Write-Host " North America"
            Write-Host -NoNewline "`n["; Write-Host -NoNewline "2"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; `
                Write-Host " EU"
            Write-Host -NoNewline "`n["; Write-Host -NoNewline "3"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; `
                Write-Host " Asia"
            Write-Host -NoNewline "`n["; Write-Host -NoNewline "4"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; `
                Write-Host "South America"
            Write-Host -NoNewline "`n["; Write-Host -NoNewline "5"; Write-Host -ForegroundColor DarkCyan -NoNewline "]"; `
                Write-Host " US GOVERNMENT"
                
            $locaMenu = Read-Host "`nSelection (Press enter for previous menu)"
            $timeStamp = Get-Date -Uformat %m%d%y%H%M
            # Option 1
            if($locaMenu -eq 1){
            #These links will be saved to the script variable location to be called later
                $Script:location="https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc"
                Write-Host "Location Saved"
                Encryption
                }
            if($locaMenu -eq 2){
                $Script:location="https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc"
                Write-Host "Location Saved"
                }
            if($locaMenu -eq 3){
                $Script:location="https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc"
                Write-Host "Location Saved"
                }
            if($locaMenu -eq 4){
                $Script:location="https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc"
                Write-Host "Location Saved"
                }
            if($locaMenu -eq 5){
                $Script:location="https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc"
                Write-Host "Location Saved"
                }
                }
    #this tells the script to head on down to the next function
    
    Encryption
    #away we gooooooooo
    }

                
            
Function Encryption{
    Clear-Host
    Write-Host "`n `t This Script will begin to setup the back end commands needed complete the Encryption Set-up"
    Write-Host "`n `t Press Q at the end to start over"
    Start-Sleep -s 3
    #Check To see if they actually activated it
    $activationCheck=Read-Host "`n Have you installed the AADRM Module? (y/n)"
    
        if($activationCheck -eq "y"){
            #Exchange Shell login
            $i = 0
                for(){
                    Try{
                        if($i -ne 0){
                            Write-Host -NoNewLine 'You messed something up, login again...'
                            $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown')
                        }
                        $UserCredential = Get-Credential
                        
                        $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection -ErrorAction Stop
                        Import-PSSession $Session
                        break
                    }
                        catch [System.Management.Automation.Remoting.PSRemotingTransportException],[System.Management.Automation.ParameterBindingException]{
                        
                        if($i -eq 3){
                                    return
                        }
                    }
                    $i = $i + 1
                }
                
                Connect-aadrmService -Credential $userCredential
                Enable-aadrm
            }
            #if the user Selected 'n' then they will still need to activate it on their azure portal. This will open to the page.
            if($activationCheck -eq "n"){
                Write-Host "`n Redirecting, be sure to relaunch this script after you have downloaded the module."
                $IE=new-object -com internetexplorer.application
                $IE.navigate2("https://www.microsoft.com/en-us/download/confirmation.aspx?id=30339")
                $IE.visible=$true
                exit
            }
    
    #Configures the RMS Online key sharing location for the customer
    Set-IRMConfiguration -RMSOnlineKeySharingLocation $location
    Write-Host "`n `n Location Set"
    
    #import the Trusted Publishing Domain (TPD) from RMS Online
    Import-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online"
    Write-Host "`n `n Successfully Imported Trusted Publishing Domain"
    
    $userEmail=$usercredentials.username
    
    Write-Host "`n `n Disabling IRM Templates"
    
    Set-IRMConfiguration -ClientAccessServerEnabled $false
    Write-Host "`n `n Enabling IRM for Office 365 Encryption"
    
    Set-IRMConfiguration -InternalLicensingEnabled $true
    
    Test-IRMConfiguration -sender $useremail
    
    Write-Host "`n `n Setup Complete. You did it. Great Job. Keep up the good work."
    exit
    
}
locationMenu
Encryption