What’s the difference between Windows Server FCI and the Azure Information Protection scanner?

Marilee Turscak-MSFT 36,901 Reputation points Microsoft Employee
2019-10-30T22:02:25.607+00:00

What’s the difference between Windows Server FCI and the Azure Information Protection scanner?

Sourced from FAQ

Azure Information Protection
Azure Information Protection
An Azure service that is used to control and help secure email, documents, and sensitive data that are shared outside the company.
552 questions
0 comments No comments
{count} votes

Accepted answer
  1. Grmacjon-MSFT 18,471 Reputation points
    2019-10-30T23:41:07.8+00:00

    Windows Server File Classification Infrastructure has historically been an option to classify documents and then protect them by using the Rights Management connector (Office documents only) or a PowerShell script (all file types).

    We now recommend you use the Azure Information Protection scanner. The scanner uses the Azure Information Protection client and your Azure Information Protection policy to label documents (all file types) so that these documents are then classified and optionally, protected.

    alt text

    There is a difference in setting the Rights Management owner for files that are protected on a local folder or network share. By default, for both solutions, the Rights Management owner is set to the account that protects the file but you can override this setting:

    For Windows Server FCI: You can set the Rights Management owner to be a single account for all files, or dynamically set the Rights Management owner for each file. To dynamically set the Rights Management owner, use the -OwnerMail [Source File Owner Email] parameter and value. This configuration retrieves the user's email address from Active Directory by using the user account name in the file's Owner property.

    For the Azure Information Protection scanner: For newly protected files, you can set the Rights Management owner to be a single account for all files on a specified data store, but you cannot dynamically set the Rights Management owner for each file. The Rights Management owner is not changed for previously protected files. To set the account for newly protected files, specify the -Default owner setting in the scanner profile.

    When the scanner protects files on SharePoint sites and libraries, the Rights Management owner is dynamically set for each file by using the SharePoint Editor value.

    Sourced from FAQ

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.