Pinned Posts
Forum Widgets
Latest Discussions
Microsoft Purview – “Data policy enforcement” toggle missing for AWS S3 source
Hello, In Microsoft Purview, the “Data policy enforcement” toggle does not appear at all for an AWS S3 data source, even though prerequisites seem to be met. Environment Microsoft 365 E5 license Microsoft Purview Data Map enabled AWS S3 registered and scanned successfully Sensitive data classification working Sensitive label schematized option not available - says that it has been moved , but doesn't indicate where Purview Data Policies created and published I have Purview Administrator / Data Source Admin permissions Issue The Data policy enforcement toggle: Does not appear during initial S3 registration Does not appear when editing the S3 data source As a result, Purview data policies cannot be enforced on S3 buckets Expected behavior according to Microsoft documentation indicates that Data policy enforcement must be enabled during or after S3 registration to apply data policies to S3 data. Questions What exact conditions/prerequisites control whether the Data policy enforcement toggle appears for S3? Can the toggle be enabled after initial registration, or only at creation time? If the toggle never appeared, is re-registering the S3 source the only supported fix? Are there any known limitations or portal issues where the toggle is hidden despite E5 licensing and correct permissions? Any clarification on expected behavior or how to surface the toggle would be appreciated. Screen shot from a youtube video that shows the option being available
How to offboarding endpoint from Purview
Hi I'm a fresh user of Purview and after creating policies linked to Exchange, I've enabled the onboarding of computer. Unfortunately, all Defender endpoints have been onboarded, and I've not be able to define which one was concerned. Now, I would like to offboard all those devices from purview and only keep them in Defender without any DLP protection. I tried to remove them with the onboarding script, but my endpoints are still present in Purview. How can I completely remove them? Thanks for your help Yohann
eDiscovery - Issues exploring groups & users related to a hybrid data source
Hi all, first time posting - unusually I could find nothing out there that helped. I work in an organisation has an on-premises domain which syncs to our tenant. I don't manage the domain or the sync, but I'm assured that the settings are vanilla and there are no errors being logged. 99% of our users are hybrid. The tenant is shared across multiple legal entities, so I'm using eDiscovery to fulfil our GDPR subject access requests The issue I am hitting is straightforward. in eDiscovery searches with hybrid users as the data source, I cannot add related objects (manager, direct reports, groups the user is in). The properties are present in Entra, but not visible to Purview, so I'm not investigating sync errors at the moment. For cloud objects, I can see manager, teams, etc. and it works fine. Does anyone have any insights they can share on the "explore and add" mechanics in eDiscovery search data sources? I'm drawing a complete blank on this one. Where should I be looking?
deleted sensitivity label
Hello Everyone I want to identify who deleted a sensitivity label from my information protection blade. Actual scenario is I had one label called Internal-1, it is now disappeared, However if I am trying to create label with same name it says label with same name is already available. In actual that is not showing in GUI. I want to know how to search who deleted the label in Audit. Please advice. Thank you
Issue Using Built in Trainable Classifiers in Auto Labelling Policies - Purview
Over the last few days, I have run into issue while configuring Auto labelling policies in Purview specifically when using built in classifiers for eg: Budget, Agreements These classifiers are parr of ready to use. They have been working well for us until recently but now saving an auto labelling rule that includes any of Trainable classifiers getting client side error: 'Could not find rule pack associated with sensitive information type' this is unexpected because: same classifiers eg: Budget worked perfectly just few weeks ago. No changes have made to roll, permissions on our side. Still not sure why showing issue now. Kindly request you, help me with root cause of the cause. Please feel free to post it comments if someone faced same issue in using trainable classifiers in auto labelling policies. Thanks in advance. Regards, BanuMurali
Email to external(trusted user) not require verify user Identity(with Google or One-time passcode)
Dear Expert and Community, I am starting with MS Purview - Data Loss Prevention. I have one point to clarify and seek your advise / comment / contribute or sharing good practice regarding with below: - Firstly, we can send email to externally user contain sensitive information, it is encryption or blocked (result: worked as expected). If remail encrypt, the external receiver require verify the Identity via sign in with google acc / with a one time password. - Second: we plan sending email to external user (only trusted user / domain). Is it possible, do not require these scope user reverify their Identity again and again? If yes, how to do it? If not - why? Well appreciated for update and supporting. Thanks,How to add glossary term to domain
Does anyone know how to add a glossary term to a domain using the REST API? What is the correct url? None of these work: url = f"{my_purview_endpoint}/unifiedcatalog/domains/{my_glossary_guid}/glossaryTerms" url = f"{my_purview_endpoint}/datagovernance/catalog/businessdomains/{my_glossary_guid}/glossaryTerms" url = f"{my_purview_endpoint}/businessdomains/{my_glossary_guid}/terms"
Rollback Script for Purview Auto Labels Using PnP/Graph – Anyone Done This?
Hi , I have been working on a rollback script using PnP and Microsoft Graph API to remove a sensitivity label from SharePoint and OneDrive documents through an Enterprise App (service principal). The purpose of this is to avoid a common issue in Purview. When a sensitivity label is applied through auto labeling and later changed manually, Purview reclassifies it as a manual label. After that, even if you run another scan, Purview will not automatically apply an auto label again because the file is now considered to have a user applied label. To prevent this problem, the idea is to make all label changes through a service principal so that the change is not treated as a manual action. This gives us a safe way to roll back labels if something goes wrong and lets us return the files to a clean state so that Purview can apply auto labeling again when needed. This approach would be very helpful during testing or when adjusting label priorities or scopes. My question is the following: Has anyone successfully built something like this? I am looking for examples of removing labels in bulk or replacing one label with another, for example replacing Label A with Label B, using PnP or Graph through a service principal. I do have a script somewhat ready but , I am also getting an error when calling some Graph endpoints that says the operation requires a Premium Purview feature (PAYG). If anyone has found a workaround or can confirm which operations require payment, that would be extremely helpful. Thanks!
