The reasons for using AD RMS are very compelling from a DLP perspective. I have been struggling to find adequate documentation for configuring AD RMS for Server 2012 R2 to include the ability to protect documents internally and protect against external access (unless authorized). I do not need to integrate with AD FS and other federated/trusted domains; I am just looking to protect our internal content and have control over how it is accessed outside of our domain. I do want to be able to make content available externally (but protected), so assuming some type of Extranet is needed, but everything I am finding online is for Server 2008 R2, not 2012 R2.

Using Office and Exchange 2010, but changing to Office 365 soon, so both options would be nice to see. I want to evaluate this fully before going through the pain of trying to implement. Also would need info on rolling back AD RMS for organizations wishing to get rid of it.

Please let me know if you have any worthwhile resources you can point me to.