Error Importing RMStrustedPublishingDomain Azure RMS

Failed to get Trusted publishing Domain from the RMS Online Service. The error was : RMS Online returned an error for tenant with external directory organization ID.

We running the following cmdlet to import the Azure RMS Publishing domain you receive the above mentioned  error. To verify the service and make sure that Azure RMS is indeed enabled for the tenant run the following cmdlet.

Get-AadrmConfiguration

If we look at the status we can see that the Azure RMS Service is Enabled for the tenant.  To continue our troubleshooting steps lets verify where the tenant location is, we can check this by running the below cmdlet and focus on OriginatingServer.

Get-OrganizationalUnit |select OriginatingServer

Lets also confirm the RMS Shared key Location by running the below cmdlet.

Get-IRMConfiguration

From what I can see is that there is a misconfiguration between the tenant location and the RMS shared key location ,  to try and resolve the error I will change the  shared key location to Europe which is the same location as the tenant. To change the location I will run the following cmdlet with the URL of European Union.

Url: https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc

Set-IRMConfiguration -RMSOnlineKeySharingLocation "https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc"

Next we can run a test to verify if all is correct 

Test-IRMConfiguration -RMSOnline

After running the test we can see that all tests was passed, now lets go ahead and run the Import-RMSTrustedPublishingDomain cmdlet.

Import-RMSTrustedPublishingDomain -RMSOnline -Name "RMS Online"

After changing the RMS shared key location the Import-TrustedPublishingDomain cmdlet completed successfully.

#ThatLazyAdmin