Pinned Posts
Forum Widgets
Latest Discussions
[HELP]"Action required for browser protections" alert
Hello! I have an Endpoint DLP policy with the Devices location. After multiple scoping changes (device groups, inclusions/exclusions) to narrow it to a specific target group, the alert appeared: Action required for browser protections. One or more policies were not applied in Edge for Business. This could be due to a policy sync issue, lack of required permissions, or an issue with the server. Either resync these policies or contact an admin with the required permissions to resync. After resyncing, you might still see this message for up to 1 day while the system completes the sync and activates protections. The policies were working before. Clicked Resync multiple times, banner disappears briefly, only to return. Please help![HELP] "Action required for browser protections" alert
Hello! I have an Endpoint DLP policy with Device location. After several scoping changes (device groups, inclusions/exclusions) to narrow it to a specific target group, the orange alert appeared: Action required for browser protections. One or more policies were not applied in Edge for Business. This could be due to a policy sync issue, lack of required permissions, or an issue with the server. Either resync these policies or contact an admin with the required permissions to resync. After resyncing, you might still see this message for up to 1 day while the system completes the sync and activates protections. The policies were working before. Clicked Resync multiple times, only for the error to return. Please help!
eDiscovery - Issues exploring groups & users related to a hybrid data source
Hi all, first time posting - unusually I could find nothing out there that helped. I work in an organisation has an on-premises domain which syncs to our tenant. I don't manage the domain or the sync, but I'm assured that the settings are vanilla and there are no errors being logged. 99% of our users are hybrid. The tenant is shared across multiple legal entities, so I'm using eDiscovery to fulfil our GDPR subject access requests The issue I am hitting is straightforward. in eDiscovery searches with hybrid users as the data source, I cannot add related objects (manager, direct reports, groups the user is in). The properties are present in Entra, but not visible to Purview, so I'm not investigating sync errors at the moment. For cloud objects, I can see manager, teams, etc. and it works fine. Does anyone have any insights they can share on the "explore and add" mechanics in eDiscovery search data sources? I'm drawing a complete blank on this one. Where should I be looking?
Datascan not picking up the schema of .parquet files ParquetFormat JavaInvocationException happened
Since about a week we have a problem with our datascan on ADLS not picking up the schema of .parquet files. It does pick up on the asset but not on the schema of said asset. The parquet files are perfectly readable and writeable with Fabric/spark. Purview had no issue picking them up before last week, but it seems that something has changed on the Microsoft side? Anyone else facing these issues recently? 2026-02-02T06:21:47.116Z,SystemError,ReadData,https://xxx.dfs.core.windows.net/landingzone/masterdata/someotherfile.parquet,ParquetFormat JavaInvocationException happened,ScanErr0000Automatic sensitivity label on existing labeled documents and emails
If I enable today automatic sensitivity labeling for label "Confidential" on behalf on sensitive information type "Credit Card" and 1000 documents are labeled with the label "Confidential". What happend if I remove the sensitive information type "Credit Card" from the label "Confidential", and put it on the Automatic sensitivity label "Highly Confidential". What happend to the 1000 documents which already have the label "Confidential"? Will it be modified to "Highly Confidential" or not?
Classification on DataBricks
Hello everyone, I would like to request an updated confirmation regarding the correct functioning of custom classification for Databricks Unity Catalog data sources. Here is my current setup: The data source is active. Source scanning is working correctly. I created the custom classification in “Annotation management / Classifications”. I created and successfully tested the regular expression under “Annotation management / Classification Rules”. I generated the Custom Scan Rule Set in “Source management / Scan Rule Sets”, associated to Databricks and selecting the custom rule. However, when running the scan on Databricks: I do not find any option to select my Scan Rule Set (for another source like Teradata, this option is visible). No classification findings are generated based on my custom rule. Other tests do produce findings (system-generated). Does anyone have insights on what I should verify? Or is this custom classification functionality not supported for Databricks?
Email to external(trusted user) not require verify user Identity(with Google or One-time passcode)
Dear Expert and Community, I am starting with MS Purview - Data Loss Prevention. I have one point to clarify and seek your advise / comment / contribute or sharing good practice regarding with below: - Firstly, we can send email to externally user contain sensitive information, it is encryption or blocked (result: worked as expected). If remail encrypt, the external receiver require verify the Identity via sign in with google acc / with a one time password. - Second: we plan sending email to external user (only trusted user / domain). Is it possible, do not require these scope user reverify their Identity again and again? If yes, how to do it? If not - why? Well appreciated for update and supporting. Thanks,
Onboard devices in Purview is grayed out
I’m getting started with Microsoft Purview and running into issues onboarding devices. In the Purview portal, no devices appear, and the “Onboard devices” option is grayed out. I have EMS E5 licenses assigned to all users, and I’m signed in as a Global Admin with Purview Administrator and Security Administrator roles. All devices are managed by Intune and run Windows 11 Enterprise with the latest updates. They are Microsoft Entra joined (AAD joined), show up correctly in Defender, and their Defender onboarding status is active and onboarded. What piece am I missing that would prevent these devices from showing in Purview and keep the onboarding option disabled? Any guidance would be appreciated.M365 Compliance connector error in Power Automate flow with retention label action
Hi everyone, I've been troubleshooting this issue for some time now but haven't found a solution yet. I'm configuring retention labels in Purview that trigger a 'Run a Power Automate Flow' action at the end of the retention period. This functionality is outlined in this Microsoft Learn article: https://learn.microsoft.com/en-us/purview/retention-label-flow The issue arises on the Power Automate side. To set up the flow that integrates with the retention label, the Compliance 365 Connector must be used. This connector requires a Power Automate Premium license, which I have on my account. The flows are also set up in the Default Power Automate environment, as required. Despite following all the necessary steps, the flows won't launch. I keep encountering the same error each time. I've even tried creating multiple retention labels and corresponding flows, each using the compliance connector, but the result is always the same. I've attached documentation with screenshots for reference: First error in flow checker: When opening the flow I see ‘Forbidden Error’ and ‘The response is not in JSON format’ These are the inputs: These are the outputs: For test purposes I created multiple retention labels with each time configured to start the flow 1-5 days after the label is applied. Each time getting the same errors. I know it can sometimes take some time for a labels action to be run, but has been a few months now. Please help
Purview Data Map scanning Microsoft Fabric and no classifications applied or scan rule sets
Microsoft Purview cannot currently apply built-in or custom classifications (including sensitive information types) to metadata discovered from Microsoft Fabric workspace scans. While Purview can register Fabric workspaces and extract structural metadata (workspaces, Lakehouses, Warehouses, tables, columns, and limited lineage), classification rules are not executed against Fabric assets in the same way they are for supported sources such as Azure SQL, ADLS Gen2, or on-prem databases. This results in classification gaps across a core enterprise analytics platform. Why This Is a Significant Service Omission 1. Breaks the Core Value Proposition of Purview 2. Undermines Regulatory and Risk Management Controls 3. Creates an Inconsistent Governance Experience 4. Blocks Downstream Purview Capabilities 5. Forces Anti-Patterns and Workarounds The lack of automated classification support for Microsoft Fabric workspace data represents a material service omission in Microsoft Purview, significantly limiting its effectiveness as a unified data governance platform and introducing avoidable compliance, operational, and assurance risks—particularly in regulated environments. Are there plans to improve this and if so what are the timescales?
