Which Windows PowerShell cmdlet should you run?

You have an Office 365 tenant that uses an Enterprise E3 subscription. You activate Azure Rights
Management for the tenant.
You must test the service with the Development security group before you deploy Azure Rights
Management for all users.
You need to enable Azure Rights Management for only the Development security group.
Which Windows PowerShell cmdlet should you run?

You have an Office 365 tenant that uses an Enterprise E3 subscription. You activate Azure Rights
Management for the tenant.
You must test the service with the Development security group before you deploy Azure Rights
Management for all users.
You need to enable Azure Rights Management for only the Development security group.
Which Windows PowerShell cmdlet should you run?

A.
Enable-Aadrm

B.
New-AadrmRightsDefinition

C.
Enable-AadrmSuperUserFeature

D.
Add-AadrmSuperUser

E.
Set-AadrmOnboardingControlPolicy

Explanation:
The Set-AadrmOnboardingControlPolicy cmdlet sets the policy that controls user on-boarding for
Azure Rights Management. This cmdlet supports a gradual deployment by controlling which users in
your organization can protect content by using Azure Rights Management.
Example:
Restrict Azure RMS to users who are members of a specified group
This command allows only users that are members of the security group with the specified object ID
to protect content by using Azure Rights Management. The command applies to Windows clients
and mobile devices.
Windows PowerShell
PS C:\> Set-AadrmOnboardingControlPolicy -UseRmsUserLicense $False -SecurityGroupObjectId “f
Incorrect answers:
Not A: The Enable-Aadrm cmdlet enables the capabilities of Azure Rights Management for your
organization. When you activate Rights Management, you turn on this feature for all rights-enabled
services and applications. You must activate Rights Management before you can begin to use
information rights management (IRM) features with your applications.
Not B: The New-AadrmRightsDefinition cmdlet creates a Rights Definition object. A Rights Definition
object expresses the rights of a user or group to content that Azure Rights Management protects.
Use Rights Definition objects to define rights in a rights policy template.
Not C: The Enable-AadrmSuperUserFeature cmdlet enables the super user feature. With this feature
enabled, you can add or remove super users for Azure Rights Management. By default, the super
users feature is not enabled, and no users are assigned to this feature.
Not D: The Add-AadrmSuperUser cmdlet adds a super user for your organization.

Set-AadrmOnboardingControlPolicy
https://msdn.microsoft.com/en-us/library/dn857521.aspx



Leave a Reply 4

Your email address will not be published. Required fields are marked *


Amr Eid

Amr Eid

The correct answer is “A” Enable-Aadrm

Amr Eid

Amr Eid

Sorry Correct, the right answer is “E”

Amr Eid

Amr Eid

Please ignore my two previous comments, and this one is my last one.

Option E is only used if you want to do a phased approach. A is the correct answer because it will enable for all users.

https://docs.microsoft.com/en-us/powershell/module/aadrm/enable-aadrm?view=azureipps

Molly

Molly

I noticed the wording was a little confusing for this question.
Earlier, it is already stated that “You activate Azure Rights
Management for the tenant.”, so enabling it again is redundant.

Option E is correct because it is going forward with the issue.