Microsoft Purview | Microsoft Community Hub

Pinned Posts

Purview Webinars
Feb 12, 2025
RenWoods

Forum Widgets

Latest Discussions

Microsoft purview auto labeling contextual summary
Hello All, I am not able to see the Contextual summary in service side auto labeling of Microsoft purview information protection. I do have "data classification content viewer role" in my ID. Please let me know if I am missing any thing to see the contextual summary.
Solved
Afsar_Shariff
Brass Contributor
Jan 05, 2026
41Views
0likes
2Comments
Microsoft Purview Data Map Approach to scan
I plan to scan Purview data assets owner by owner rather than scanning entire databases in one go because this approach aligns with data governance and RBAC (Role-Based Access Control) principles. By segmenting scans by asset ownership, we ensure that only the designated data asset owners have the ability to edit or update metadata for their respective assets in Purview. This prevents broad, unrestricted access and maintains accountability, as each owner manages the metadata for the tables and datasets they are responsible for. Scanning everything at once would make it harder to enforce these permissions and could lead to unnecessary exposure of metadata management rights. This owner-based scanning strategy keeps governance tight, supports compliance, and ensures that metadata stewardship remains with the right people. This approach also aligns with Microsoft Purview best practices and the RBAC model: Microsoft recommends scoping scans to specific collections or assets rather than ingesting everything at once, allowing different teams or owners to manage their own domains securely and efficiently. Purview supports metadata curation via roles such as Data Owner and Data Curator, ensuring that only users assigned as owners; those with write or owner permissions on specific assets; can edit metadata like descriptions, contacts, or column details. The system adheres to the principle of least privilege, where users with Owner/Write permissions can manage metadata for their assets, while broader curation roles apply only where explicitly granted. Therefore, scanning owner by owner not only enforces governance boundaries but also ensures each data asset owner retains exclusive editing rights over their metadata; supporting accountability, security, and compliance. After scanning by ownership, we can aggregate those assets into a logical data product representing the full database without breaking governance boundaries. Is this considered best practice for managing metadata in Microsoft Purview, and does it confirm that my approach is correct?
Solved
sashakorniakUK
Brass Contributor
Dec 19, 2025
data map
scan
Scanning
97Views
0likes
2Comments
DLP Policy not Working with OCR
Hello Community, i activated the OCR in Microsoft Purview, and scan works fine infact Purview find image that contains sensible data. I have created DLP Policy that not permit print and move to rdp file that containts "Italy Confidential Data" like "Passport Number, Drivers License ecc..." this policy works for xlsx or word that contains data, but if file word contains image with this data not apply the DLP Rule infact i'm able to print or move into rdp this file also only the jpeg file. Policy match correctly i see it into "Activity Explorer" Is this behavior correct? Regards, Guido
Solved
GuidoImpe
Brass Contributor
Dec 14, 2025
data loss prevention
microsoft purview
OCR
60Views
0likes
1Comment
Clarification related to JIT for EDLP
Can someone help clarify how JIT actually works and in which scenario we should enable JIT. The Microsoft documentation is very differently from what I’m observing during hands-on testing. I enabled JIT for a specific user (only 1 user). For that user, no JIT toast notifications appear for stale files when performing EDLP activities such as copying to a network share, etc. However, for all other users even though JIT is not enabled for them their events are still being captured in Activity Explorer. See SS below.
Solved
Mansha
Copper Contributor
Dec 12, 2025
data loss prevention
microsoft purview
purview
82Views
0likes
1Comment
Aggregate alerts not showing up for Email DLP
Hi, I’m unable to see the “Aggregate alerts” option while configuring an Email DLP policy, although the same option is visible for Endpoint DLP. The available license is Microsoft 365 E5 Information Protection and DLP (add-on). If this is a licensing limitation, why am I still able to see the option for Endpoint DLP but not for Email DLP? Screen short showing option for Endpoint DLP alerts
Solved
Mansha
Copper Contributor
Dec 08, 2025
endpoint dlp
microsoft purview
55Views
0likes
2Comments
Purview Unified Catalogue Gov Domains Numeric Prefixing
Has Anyone Tried Numeric Prefixing for Governance Domains in Purview? Context: We introduced a structured numeric prefixing system for governance domains in Microsoft Purview to make hierarchical sorting more intuitive. What we did: Parent domains use a base prefix ending in .00 (e.g., 02.00 Group). Child domains are numbered sequentially (e.g., 02.01 Directorate, 02.01.01 Team). Why: Purview sorts domains alphabetically, which caused child domains (e.g., 02.01) to appear above their parent (02 Group). Adding .00 ensures parents always sort before children, creating a clear hierarchy. How it works: All already have 01.00- Top-level groups: 02.00 Directorates: 02.01, 02.02 Teams/Units: 02.01.01 This approach guarantees correct sorting, clear hierarchy, and scalability for future additions? Question for the community: Has anyone else implemented a similar numeric prefixing approach in Purview? Do you think this is a good idea for maintaining clarity and scalability? Any alternative strategies you’ve found effective?
Solved
sashakorniakUK
Brass Contributor
Dec 04, 2025
Governance domains
microsoft purview
Pretixing
purview
58Views
1like
1Comment
Workaround Enabling Purview Data Quality & Profiling for Cross-Tenant Microsoft Fabric Assets
The Challenge: Cross-Tenant Data Quality Blockers Like many of you, I have been managing a complex architecture where Microsoft Purview sits in Tenant A and Microsoft Fabric resides in Tenant B. While we can achieve basic metadata scanning (with some configuration), I hit a hard wall when trying to enable Data Quality (DQ) scanning. Purview's native Data Quality scan for Fabric currently faces limitations in cross-tenant scenarios, preventing us from running Profiling or applying DQ Rules directly on the remote Delta tables. The Experiment: "Governance Staging" Architecture rather than waiting for a native API fix, I conducted an experiment to bridge this gap using a "Data Staging" approach. The goal was to bring the data's "physicality" into the same tenant as Purview to unlock the full DQ engine. The Solution Steps: Data Movement (Tenant B to Tenant A): Inside the Fabric Workspace (Tenant B), I created a Fabric Data Pipeline. I used this to export the critical Delta Tables as Parquet files to an ADLS Gen2 account located in Tenant A (the same tenant as Purview). Note: You can schedule this to run daily to keep the "Governance Copy" fresh. Native Scanning (Tenant A): I registered this ADLS Gen2 account as a source in Purview. Because both Purview and the ADLS account are in the same tenant, the scan was seamless, instantaneous, and required no complex authentication hurdles. Activating Data Quality: Once the Parquet files were scanned, I attached these assets to a Data Product in the Purview Data Governance portal. The Results: The results were immediate and successful. Because the data now resides on a fully supported, same-tenant ADLS Gen2 surface: ✅ Data Profiling: I could instantly see column statistics, null distributions, and value patterns. ✅ DQ Rules: I was able to apply custom logic and business rules to the data. ✅ Scans: The DQ scan ran successfully, generating a Data Quality Score for our Fabric data. Conclusion: While we await native cross-tenant "Live View" support for DQ in Fabric, this workaround works today. It allows you to leverage the full power of Microsoft Purview's Data Quality engine immediately. If you are blocked by tenant boundaries, I highly recommend setting up a lightweight "Governance Staging" container in your primary tenant. Has anyone else experimented with similar staging patterns for Governance? Let's discuss below.
Solved
pranavsabnis
Copper Contributor
Dec 03, 2025
Azure Purview
data governance
data quality
microsoft purview
Unified catalog
126Views
1like
2Comments
Customized Oversharing Dialog not working for Exchange DLP
Hi Team, When I'm enabling policy tip as a dialog for custom content. This is not working. I'm testing this option on new outlook. and this is my JSON file { "LocalizationData": [ { "Language": "en-us", "Title": "Add a title", "Body": "Add the body", "Options": [ "I have a business justification", "This message doesn't contain sensitive information", "Business justification" ] } ], "HasFreeTextOption": "true", "DefaultLanguage": "en-us" } For old outlook it's not working there too. No policy tips, no override option My old outlook version
Solved
Mansha
Copper Contributor
Dec 02, 2025
data loss prevention
microsoft purview
purview
92Views
0likes
1Comment
Application filter in the activity explorer no longer populated correctly?
To distinguish between discovery findings in a setup that has both endpoint DLP and the Information Protection Scanner deployed, typically the "Application" filter in the activity explorer is used: It seems that recently the filter behavior changed and the list of applications the filter can use is built incorrectly. 'Microsoft Purview Information Protection Scanner' is no longer listed although documents with that property are present: The filter options are typically populated by the properties from documents within range and I have verified documents discovered by the MIP scanner exist: I am wondering if more people are seeing this and if a possible workaround is available.
Solved
François van Hemert
Microsoft
Dec 02, 2025
Information Protection
Information protection scanner
purview
scanner
106Views
0likes
2Comments
Migrating DLP Policies from one tenant to other
Has anyone successfully migrated DLP policies from a dev tenant (like contoso.onmicrosoft.com) to a production tenant (paid license with custom domain) in Microsoft Purview without third-party tools? We're open to using PowerShell, Power Automate, or other Microsoft technologies—such as exporting policies via PowerShell cmdlets from the source tenant, then importing/recreating them in the target tenant using the Microsoft Purview compliance portal or Security & Compliance PowerShell module. Details: The dev tenant has several active DLP policies across Exchange, Teams, and endpoints that we need to replicate exactly in prod, including sensitive info types, actions, and conditions. Is there a built-in export/import feature, a sample script, or Power Automate flow for cross-tenant migration? Any gotchas with licensing or tenant-specific configs?
Solved
AtharvaTheMaverics
Copper Contributor
Dec 01, 2025
data loss prevention
dlp
microsoft purview
Migrate
purview
183Views
0likes
4Comments

Resources

Tags

purview130 Topics
microsoft purview78 Topics
Information Protection22 Topics
Sensitivity Labels21 Topics
ediscovery16 Topics
Azure Purview15 Topics
data loss prevention13 Topics
Retention Policy12 Topics
endpoint dlp11 Topics
api10 Topics