Forum Widgets
Latest Discussions
Block file upload to restricted service domains from mapped network share
We have a mapped network share to a local file server on our laptops and we intend to block the files uploads from the mapped network share to restricted service domains but it does not seem to work. Files uploaded from local folders on the laptops works, meaning the DLP policy is blocking the upload action. I've already turned on the "Network share coverage and exclusions" feature in DLP settings and but when i tried to copy a file to the blocked site, the upload action is not blockedViktorMalumJan 21, 2025Copper Contributor7Views0likes0CommentsOnboarding Devices: "No authenticated user found"
Hi, I am looking to onboard a device in Purview for the purpose of testing some Endpoint DLP policies. I have ran the onboarding script locally and the device successfully appears on the 'Devices' screen. 'Real time protection/RTP' and 'Behavior monitoring/BM' both show as 'enabled' with a green tick, however under 'Valid User' it has a red cross and states: "Invalid: No authenticated user found. Without proper authentication, data classification is impeded. To ensure precise validation, we recommend re-onboarding to Active Directory". The device is in active directory. I have signed into the device with an account that is also in Active Directory. Is there anything additional that I need to do? Any help would be really appreciated - thank you!!!sp1984Jan 19, 2025Copper Contributor40Views0likes0CommentsFailed to ingest relationship with type dataset_process_inputs (Snowflake)
Hi All, Having the above issue when scanning snowflake but A - Only recently (perhaps since the start of the year) B - Only for around 5/2000 objects within snowflake. From the database side, it appears as if Purview is not using the database name within the query for a small subset of relationships between objects (a mix of tables, views and SP's) in two different databases. Any ideas why this could be happening? I've removed some detail from the query below such as our snowflake instance but this is the output in Purview's error logs: Failed to ingest relationship with type dataset_process_inputs between the following two assets due to invalid data payload to data map: asset with type snowflake_table and qualified name 'snowflake://******eu-west-1.snowflakecomputing.com/databases/STAGE/schemas/FULFIL/tables/SUBSCRIPTION', and asset with type snowflake_view_query and qualified name 'snowflake://******.eu-west-1.snowflakecomputing.com/databases/STAGE/schemas/FULFIL/views/ACTIVE_SUBSCRIPTION_PRODUCT_VW/query'. Please contact support for help.jamesgiopJan 19, 2025Copper Contributor7Views0likes0CommentsError 3892
Had anyone encountered Error 3892. The test connection to SQL server is successful via integration runtime and I can see tables and views to scan. However, when trying to scan, it is failing and giving me following error. Error: (3892) Failed to connect to Microsoft Purview managed resources. Please check your network settings and make sure the integration runtime you use for scan can access it. Please can someone have idea about what to do or how to check scan access to IR? ThanksBirenJan 17, 2025Copper Contributor39Views0likes2CommentsIndia Voter ID Card found 172,000 times. How can I disable built-in "Sensitive Info Types"?
When I open up Purview, one of the things I'm greeted with is the image below. I found another forum post and it appears you cannot disable these built-in items. I was also unable to delete them (grayed out). This is insanely frustrating and seems to be a huge security detriment. I could have a hundred United States SSNs but they would be pushed off this list by literally a million things I don't care about (I know for a fact our documents don't have any India Voter ID cards...). Even if I could delete the, one by one, there are HUNDREDS of types that are not relevant to us. Is there any way to just disable all the defaults?ScottCISJan 16, 2025Copper Contributor22Views0likes0CommentsContent Search: Stacking Keyword Groups
I am trying to create a Content Search for a data subject request, and I am having a really hard time building out my KQL. The issue is that I need to stack two sets of keyword searches, but the estimated results are wildly high so I feel I must be doing something wrong. In English, the search requirement is (using example keywords): Find all mail or SharePoint content where: Keywords include (Max OR John OR Sally) AND Keywords include (White OR Black OR Red) AND Date between Jun 2024 and Nov 2024 I have tried all different forms of this KQL, but I've essentially come up with this: ((Max John Sally) AND (White Black Red)) AND (Date=2024-06-01..2024-11-04) Does anybody have an idea where I'm going wrong?Jason E. HeiserJan 16, 2025Iron Contributor105Views0likes6CommentsMicrosoft Purview - Structured Database Management, Governance, Security and Protection
Since Microsoft Purview is a Data Governance and Data Security platform, I need to integrate Microsoft Purview with both structured and non-structured databases hosted in the public cloud and on-premises. The goal is to leverage Microsoft Purview to manage user roles and permissions, enforce data loss prevention policies and rules (e.g., statement-based rules), mask specific columns to restrict certain users from viewing actual data, implement field-level encryption for database fields, and, most importantly, ensure data quality and integrity by preventing unauthorized direct modifications. I am uncertain about the current capabilities of Microsoft Purview to meet the mentioned requirements. I believe that some features may already be available, while others might not be supported yet.shafiqvinalesJan 16, 2025Copper Contributor103Views2likes4CommentsPurview retention policy question
I am looking for assistance with a request from the business that involves Purview Retention Policies. The ask is that all Teams meetings recordings are deleted from all users OneDrive accounts after 20 days of recording. These recordings live the Recordings at the root of the OneDrive account. Based off my findings, a retention policy in Purview can’t target specific folders. It can do the entire OneDrive account… but a retention policy can’t be created to target a specific folder within the OneDrive account. I am just looking for a second opinion to make sure I’m not missing something obvious. If there is away to do this with a retention policy or anything else in the Purview stack would love to hear it. Lastly, I’m aware that there is the Meeting Recording Expiration toggle in Teams admin center. Apparently, that is not a sufficient enough solution. The reason being is that notification emails are sent to the user before and after the expiration date and users could use this as a trigger point/opportunity to move them somewhere else to avoid the meeting being deleted. ThanksladadminJan 16, 2025Copper Contributor26Views0likes1CommentKQL help Exchange Online
Hello, I need help in buildinga KQL Query as I'm fairly new to this. I have a set of 2 keyword list like Set 1 = "A","B","C" Set 2 = "1","2","3" I want a KQL Query that matches any combinations those 2 sets match. I have tried ("A" OR "B" OR "C") AND ("1" OR "2" OR "3") but that does not seem to work. Many Greetings ErikErikVetJan 15, 2025Brass Contributor343Views0likes1CommentQuestion about eDiscovery syntax
What would the appropriate eDiscovery syntax be if I wanted to perform a search on a single Exchange mailbox, capturing all email interactions between the mailbox's owner (i.e. email address removed for privacy reasons) and an external email address (i.e. email address removed for privacy reasons)?OneTechBeyondJan 15, 2025Iron Contributor519Views0likes1Comment
Resources
Tags
- Purview57 Topics
- microsoft purview36 Topics
- DLP23 Topics
- Azure Purview10 Topics
- Retention Labels8 Topics
- Retention Policy8 Topics
- Endpoint DLP8 Topics
- sharepoint7 Topics
- Sensitivity Labels7 Topics
- eDiscovery6 Topics