Enabling Email Encryption in M365 (S/MIME ERROR)

Last Updated: August 1st, 2024/Published On: May 8th, 2023/By /Views: 1751/

If you have a client that is attempting to encrypt emails using the built in Office365 email encryption but users are getting an error about now having an S/Mime certificate, please follow the steps below.

First, you want to make sure the users have the correct license. This license is included in E3 and above. Alternatively, you can purchase the Azure Information Protection Premium P1 license for $2/user/mo.

Next we need to enable it in powershell. You need to connect powershell to Azure. Please follow the steps below.

  1. Open powershell as admin
  2. enter “Install-Module -Name AIPService”
  3. If you get a warning about “install-module : The ‘install-module’ command was found in the module ‘PowerShellGet’, but the module could not be”
    Run “Set-ExecutionPolicy Unrestricted”
  4. Run “Install-Module -Name AIPService” again, hit a
  5. Run “Connect-AipService”
  6. type “Get-AIPService” to see if it is enabled or disabled. If disabled, run “Enable-AIPService

if you want to ensure that only users who are correctly licensed to use Azure Information Protection can protect content:

Run “Set-AipServiceOnboardingControlPolicy -UseRmsUserLicense $True”

Done.

1.Open powershell as admin

2.enter Import-Module ExchangeOnlineManagement

3.Connect-ExchangeOnline -UserPrincipalName rmttadmin@clientdomain.com

4.Get-IRMConfiguration

5.Verify that AzureRMSLicensingEnabled is true and if not enter

set-irmconfiguration -AzureRMSLicensingEnabled $True

6. Verify that SimplifiedClientAccessEnabled is set to True and if not enter

set-irmconfiguration -SimplifiedClientAccessEnabled $True

Table of Contents