Pinned Posts
Forum Widgets
Latest Discussions
Managed VNET Integration Runtime failing with 502 error.
Good afternoon everyone. I'm a DevOps Engineer who is new to Purview. I used Terraform to deploy a Purview account for a POC for a client, however, I'm having a real issue creating a Managed VNET IR. The private endpoints are all visible and approved and if I check in the shell I can see the IR and the Managed VNET both exist (names sanitized). { "name": "SAMPLENAME", "properties": { "managedVirtualNetwork": { "referenceName": "ManagedVnet-name" }, "typeProperties": { "computeProperties": { "location": "WestEurope" } } } } But in the Purview portal the status shows as failed and if I try update it, I get a popup notification stating that the process timed out due to a 502 error. The URL in the error is " https://api.purview-service.microsoft.com/scan/integrationRuntimes/{NAME}?api-version=2022-02-01-preview" I thought this might be an issue with permissions or that I'm not in the admin role group in my client environment so I did the same process in my local purview account (where I'm global admin and in the Purview Administrators role group) and I'm having exactly the same problem. The managed vnet and IR exist when queried in the cloud shell but the state in the portal shows as failed. I am a "Data source Admin" in both purview accounts but I'm wondering if there's some other role assignment or role group assignment that I'm missing? Thanks in advance. Devon Britton.
Terribly lost - what are the basic controlls here?
Hello all. I'm an MSP, looking at methods of securing data in the wake of AI adoption. Obviously, I'm getting pointed to Purview for this. And I've managed to make sense of SOME of it - sensitivity labels, labeling policies, and sensitive info types. The problem I have is that these 'solutions' are spread out amongst 3-4 different 'solutions' - Information Protection, DLP, DSPM (DSPM,, DSPM classic, DSPM for AI 'classic') and it's genuinely just really badly designed. It's done the classic Microsoft move of having the Marketing team build the interface, and caring more about market capture/buzzwords than usability. As is the norm, the documentation quality varies a ton. And between Intune, SharePoint, Entra, Defender, Azure, certifications - I don't actually have time to learn another market-capture tool, which I will use 2% of. We don't license Purview. And I'm not going to license Purview until some effort is put into usability, and the interface is redesigned by native, technical english speakers (no hate, but I've seen first-hand how MBAEnglish-as-a-second-language translates into this sort of opacity). But obviously, we HAVE to use it because a bunch of stuff was pushed into it. Without adding another set of half-automated Microsoft recommendations to my list, and avoiding premium 'solutions' - what are the basic 'solutions' that are required for Data controls, in the face of AI? What exactly was merged into Purview, that existed elsewhere previously? Here is what I've gotten familiar with so far: 1. DLP policies. These are pretty opaque to me, and seem to heavily rely on OTHER 365 products, like Defender for Endpoint, Edge for Business. So again, designed by the marketing team. 2. Sensitivity labels, labeling publishing policies, auto-labeling policies. What am I missing?
Two sensitivity labels on PDF file
Hi everyone, First time poster here. We encountered an interesting issue yesterday where we had a user come to us with a PDF that had two sensitivity labels attached. In Purview activity explorer, we can see the file hit the DLP policy and the two labels, but when trying to replicate the issue cannot do it, or see how this has been done. Has anyone else encountered a similar issue? We were able to remove labels in our PDF editor but in Office suite once a label is applied, I could not see a way to remove it. We tried applying a label to a Doc file, converting to PDF and then seeing if it was there where it was being asked for another label but it was not, it just let us change the original. Many thanks in advance!
Best approach for contractor block policy
Hello there I need some assistance with your best approach for vendor block policy. I am thinking to create one policy with three rules Block all vendors with the block AD group Vendors to allow emails to approved domains only vendors to send email to external to organisation with ability to send to approve domains Do you think this is a good approach by breaking down into three different rules ? Also I am bit confused with the conditions on the rule 2 and rule 3. what would you your approach with complete breakdown ?
Co Authoring with Sensitivity Labels
Hello, I am working with sensitivity labels with my organization. We currently have Standard, Confidential, and Highly Confidential which all are encrypted. I have Co-Authoring turned on but I have some trouble with. We a lot of documents being collaborated on. Standard: Co-Authoring functions normal and Auto-Save is toggled on. Highly Confidential: Custom Permission in Sensitivity Label (View, Edit, Reply, Forward) I asked copilot and it stated even though my permissions are selected custom I have "Edit" on their for my internal users it is reading it as Co authoring; Co-Authoring is on and functioning but internal end users Auto-Save is toggled off and they are being asked to save a copy of the document or excel sheet then upload it again to SharePoint. Why isn't "Auto-Save" toggled on for "Highly Confidential" label? Can it be adjusted so it can be on? Do I have to make adjustments to my permissions in the Sensitivity label? Any help is appreciated. Thank you!
Anthropic Claude Purview Data Connector showing all users as Guests..
It appears this connector is not mapping fields properly causing internal users to be mapped as "guests", and since prompts/data isn't maintained for guest users the connector is effectively not gathering anything but noise. Unlike the other data connectors, one cannot create field mappings. Also the app being named using the guid of Microsoft's own "dataassessments" service principal I don't think is intended either. Has anybody else experienced this? See below for an example.Crowdstrike Agent with Microsoft Purview DLP
Could we use CrowdStrike as the main (Active) EDR while also enrolling the same machine into the agent-based Purview DLP? We have currently deployed MDE (passive) through the MDE Portal Onboarding, with RTP (Real-Time Protection) and BM (Behavioral Monitoring) enabled in the policy settings. While testing policies against user devices, we are unable to generate any alerts that match a rule based on conditions (e.g. PII, CC Data - where a user tries to copy and print sensitive information in a document), and the action based on the rule should be to BLOCK. This is not happening because there seems to be a disconnect from the workstation receiving the policies from Purview.
Performance in scanning
We are trying to search for CUI data on internal file stores. Last week, I decided to run another discovery scan, this time using ALL instead of Policy Only. It took much longer and left the scanner server in an almost unusable state and didn’t give really any more information than the first one did. Based on my research, we need to define and set the policy before we run scans. This is the information tip from the Purview scanner settings: Scan started at: 2026-05-20 22:54:06Z Scan ended at: 2026-05-24 16:16:51Z Scan duration: 3 days, 17 hours, 22 minutes, 45 seconds Scan id: 93acb922-e2ac-4fb7-b259-d6184e7aa434 Repository: \\cab-filesrv-01.fg.com\Departments. Enforce mode is Off Scanned files:3509640 Actions: Classified:3369456 Classified as Public:14 Classified as Fg Private:3369442 Labeled:0 Remove label:0 Protected:0 Remove protection:0 Files with matched information types:572895 Skipped due to - No match:0 Skipped due to - Not supported:0 Skipped due to - Already labeled:0 Skipped due to - Already scanned:0 Skipped due to - Require justification:0 Skipped due to - Unknown reason:0 Skipped due to - Excluded:98833 Skipped due to - Attribute:0 Failed:41318Purview DLP Behaviours in Outlook Desktop
We are currently testing Microsoft Purview DLP policies for user awareness, where sensitive information shared externally triggers a policy tip, with override allowed (justification options enabled) and no blocking action configured. We are observing the following behaviours in Outlook Desktop: Inconsistent policy tip display (across Outlook Desktop Windows clients) – For some users, the policy tip renders correctly, while for others it appears with duplicated/stacked lines of text. This is occurring across users with similar configurations. Override without justification – Users are able to click “Send Anyway/Confirm and send” without selecting any justification option (e.g. business justification, manager approval, etc.), which bypasses the intended control. New Outlook: Classic Outlook: This has been observed on Outlook Desktop (Microsoft 365 Apps), including: Version 2602 (Build 19725.20170 Click-to-Run) Version 2602 (Build 16.0.19725.20126 MSO) Has anyone experienced similar behaviour with DLP policy tips or override enforcement in Outlook Desktop? Keen to understand if this is a known issue or if there are any recommended fixes or workarounds.
