Allow granular protection within custom protection option of the the AIP client
Within the AIP client custom permissions, currently this only allows for one type of access to be granted to a group/user/domain. Having the ability to set one group at one level different to another. Currently this requires an AIP admin to create a specific protection label to achieve.
Document Owner can add multiple permissions per document
User A - Read Only
User B - Co-Author
kojima kazunori commented
AIP users would like to set detailed permission against each users at custom permission.
User1 > “view, print”,
User2 > “view, edit, copy”...
Greg Tate commented
95% of the AD RMS files we have use various permissions sets from File | Info | Restrict Access.
Applying the Custom Permissions label overwrites these permissions. And our company does not want to re-assign permissions just for documents to be labeled.
Please provide an option to inherit existing permissions for the Custom Permissions label.
This feature would help drive adoption of AIP for our company.
Ed Williams commented
Please make a decision on this, we've been waiting for a long time. This was working in the old client, we were ready to roll out, when everything changed.
Andrew Yam commented
On the user case, 1 file may not be only for 1 permission group user. For confidential document may be for this group is view only. For some user can full edit.
Sherif Talaat commented
Add the ability to define multiple permissions to different users/groups in the custom permissions of the AIP client. For example, groupX has Read-only while groupY has Editor. Today, we have to assign different permissions to different versions of the same file, or do it via IRM template which is available only for admins not the users.
When can we get an answer to this, please Dan Plastina, we need your help to push Microsoft to get this Granular Control added.
Andrew McMurray commented
From within the Custom Permission Dialog, allow picking from individual RMS Permissions rather than just the default permission sets.
R. Eberhard commented
Am I right in understanding that the access control could be extended in way that new groups could be added to existing group/user/domain protected data? This would be a requirement from our customers w.r.t. e-discovery. A new group (not a group that has been initially added to the template) needs to be added to a number of documents to be investigated.
The goal is to give the auditors just access to a specific amount of data to be investigated but not to the entire set that has been protected with that specific template.
Ed Williams commented
PLEASE, this would be my #1 highest request, followed closely by Global Address Book connectivity inside Office applications. I hope this implies the concept of applying a template directly to a document without needing a label. If it doesn't, then that's what I need most! Can't describe to you how frustrating it was to have RMS Add-On ready to roll out when they replaced it with AIP and I still can't get the same functionality back.