Trying to turn on Office365 message encryption and getting this dumb error? Yet another “one part of O365 didn’t get the message from another part”

Here are the secret PowerShell commands to fix this! Hit <enter> after each bold line. Not sure what all these do but it fixed it for me about 20 minutes after running them (and two weeks of messing around)

  1. Run PowerShell as administrator
  2. Set-ExecutionPolicy RemoteSigned
  3. Hit A for “Yes to All”
  4. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
  5. Import-PSSession $Session -DisableNameChecking
  6. Set-IRMConfiguration -RMSOnlineKeySharingLocation “https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc”
  7. Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”
  8. Test-IRMConfiguration -RMSOnline
  9. (Everything should pass after the above command)
  10. Set-IRMConfiguration -InternalLicensingEnabled $true 

    That’s it! About 20 minutes later I was able to select templates when creating an outbound encryption rule.