Posted by Reading time: 3 minutes
As we all know, you can track and trace documents when they have been configured for User Defined Permissions. Right? 🙂 The current portal is being moved to Microsoft Purview. So let’s see how this looks.
RMS portal
One of the benefits of working with User Defined Permissions or UDP in sensitivity labels (and I know some of the ill effects as well) is the option to track & trace documents. When you use UDP, the Azure RMS platform will track who has accessed the document and from which location. It also allows you to revoke the access to the document.
At this moment, the way to access this “track & trace” function is to go to https://portal.azurerms.com and login using you Microsoft 365 account. This will show you the documents you have shared using UDD and who you have shared these with.
The timeline offers great insights. In previous versions, you also get to see the geo-locations used to access the file. But this is no longer the case. From here you can revoke access or, by using the Settings option, be notified when the document is accessed.
New portal in Purview
In 2023 Microsoft announced that this portal would be moved to Microsoft Purview. And in this blog I’m describing how this works, as far as I can see. Do note however that Microsoft states it is reevaluating the functionality. So everything in this article is based on current experiences. See: https://www.microsoft.com/en-ww/microsoft-365/roadmap?filters=Microsoft%20Purview%20compliance%20portal&searchterms=track%2Crevoke
Now, do note that this function only works for documents that have been downloaded and are locally stored. Also known as Local files. This is not the same as downloaded for editing from SharePoint or OneDrive. As Microsoft mentioned this:
This is important because the new portal will show an error when trying to track and trace these documents. But I have a feeling that this will be solved very soon.
How to get to the new portal? Well, first off: the current portal still works. But when a document has been labeled using UDP, it will show the option for the Track & Revoke Access portal. When selecting this option, you will be redirected to Microsoft Purview.
Note: when using a document that you have opened from SharePoint Online or OneDrive, expect the message above 🙂 For local Office documents, the option will open this location:
Not the last part of this URL. Something is coming to change this to “True”?
Using the new portal
As this is very new functionality and still under consideration by Microsoft, I could not access a lot of detail. Information on the shared document is here, the settings as well and of-course the revoke option. But no dashboard of shared documents or the option to switch to “admin” mode, as the current portal does provide.
Like I said, this function is still under development. And the current portal is still in use and offers the required functions. I do like the fact that Microsoft wants to move towards one portal. And to be fair: the current portal does lack some “style” 😉
So we will see what the future brings us.
Information security and compliance 
Could you please verify if it is possible to “track and revoke” also PDF Files?
In older Versions this was possible, but it wasn’t possible anymore with later versions.
Did this function come back with the new Pureview Portal?
Thank you
Regards
Simon
Hi there Simon,
I’m afraid this is not possible. Al least, according to Microsoft documentation: https://learn.microsoft.com/en-us/azure/information-protection/rms-client/track-and-revoke-admin. “Note – Track and revoke features are supported for Office file types only.”