Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. A user can still open an IRM-protected email message after you remove the user from the associated AD RMS rights policy template in an Exchange Server 2010 environment

A user can still open an IRM-protected email message after you remove the user from the associated AD RMS rights policy template in an Exchange Server 2010 environment

View products that this article applies to.

Symptoms

Consider the following scenario:
  • You configure the Active Directory Rights Management Services (AD RMS) service in a Microsoft Exchange Server 2010 environment.
  • You use the Information Rights Management (IRM) feature on the Exchange Server 2010 server that has the Client Access server role installed.
  • You create an AD RMS rights policy template that has the Request a new use license every time content is consumed option enabled. You assign the rights to a user group.
  • You send an IRM-protected email message that uses the RMS template to a user who is a member of the group.
  • The user can open the email message successfully by using Microsoft Office Outlook or by using Microsoft Outlook Web App (OWA).
  • You remove the user from the group.

In this scenario, the user can still open the email message by using Outlook or OWA.

↑ Back to the top

Cause

This issue occurs because the Exchange server pre-fetches the use license and caches it in a property of the email message.

Therefore, the Exchange server does not honor the NoLicCache flag that is set for the Request a new use license every time content is consumed option.

↑ Back to the top

Resolution

To resolve this issue, install the following update rollup:
2645995 Description of Update Rollup 1 for Exchange Server 2010 Service Pack 2

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

More Information

For more information about AD RMS, visit the following Microsoft website:
General information about AD RMS
For more information about how to create a new rights policy template, visit the following Microsoft website:
General information about how to create a new rights policy template
For more information about IRM, visit the following Microsoft website:
General information about IRM
For more information about how to enable or disable IRM on Client Access servers, visit the following Microsoft website:
General information about how to enable or disable IRM on Client Access servers

↑ Back to the top

Keywords: kbsurveynew, kbfix, kbqfe, kbexpertiseinter, kb

↑ Back to the top

Article Info
Article ID : 2600034
Revision : 1
Created on : 1/7/2017
Published on : 2/13/2012
Exists online : False
Views : 320