Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

The Last Modified date and time value is automatically updated when you close an IRM-protected file without saving it in Word 2003, in Excel 2003, and in PowerPoint 2003


View products that this article applies to.

Symptoms

Consider the following behavior. You open a file that is protected by Information Rights Management (IRM). Then, you close the file without saving it. In this scenario, the Last Modified date and time value of the file is automatically updated. You experience this behavior if the account that you use to open and to close the file differs from the account that was used to grant the Rights Management Services (RMS) permissions on the file.

↑ Back to the top


Cause

This behavior occurs if the RMS license information is stored in the IRM-protected file that you open. Microsoft Office updates the Last Modified date and time values so that you can track file changes. Therefore, this behavior is expected.

Note If you have the Full Control permission to the IRM-protected file, you do not experience this behavior. You experience this behavior only if you have the Read permission and the Change permission to the IRM-protected file.

↑ Back to the top


Workaround

To work around this behavior, use one of the following methods.

Note We recommend that you use Method 1.

Method 1: Enable the "Always require users to connect to verify permission" policy

  1. Open the Microsoft Group Policy snap-in.
  2. Expand User configuration, expand Administrative templates, expand Microsoft Office 2003, and then expand Manage Restricted Permissions.
  3. Click the Always require users to connect to verify permission policy.
When you enable this policy, IRM functions in the same manner it does when the RMS label and licensing information is stored on the RMS server.

Method 2: Grant the "Read and Execute" permission to the account that you are using

To work around this issue, use Microsoft Windows NTFS Security to grant the "Read and Execute" permission.

To do this, follow these steps:
  1. Right-click the file, and then click Properties.
  2. Click the Security tab, click the user account, and then click to select the Allow check box next to Read and Execute.
Note When you grant the "Read and Execute" permission, users are forced to verify credentials on the RMS server every time that they open a document. This workaround works like "Method 1" works. However, when you use this workaround, the user cannot update the file on the share.

↑ Back to the top


More information

The operating system is not aware of the locking functionality that is implemented in Microsoft Office. Typically, the RMS label and license information is stored in the file. However, this information is stored on the RMS server if one of the following conditions is true:
  • The account that you use to access the file is the same account that was used to grant the RMS permissions on the file.
  • The Require a connection to verify a user's permission option is configured in RMS.

    Note When you configure the Require a connection to verify a user's permission option, other users who access the file are forced to connect to the Windows RMS server every time that they open the file. Therefore, all users are verified before they open the file. You may want to configure this option if the permissions to a shared file change over time.
  • Windows NTFS Security disabled the Write permission that is required to access the file.

↑ Back to the top


Keywords: KB922441, kbprb, kbtshoot

↑ Back to the top

Article Info
Article ID : 922441
Revision : 1
Created on : 8/8/2006
Published on : 8/8/2006
Exists online : False
Views : 429