Pinned Posts
Forum Widgets
Latest Discussions
Onboard devices in Purview is grayed out
I’m getting started with Microsoft Purview and running into issues onboarding devices. In the Purview portal, no devices appear, and the “Onboard devices” option is grayed out. I have EMS E5 licenses assigned to all users, and I’m signed in as a Global Admin with Purview Administrator and Security Administrator roles. All devices are managed by Intune and run Windows 11 Enterprise with the latest updates. They are Microsoft Entra joined (AAD joined), show up correctly in Defender, and their Defender onboarding status is active and onboarded. What piece am I missing that would prevent these devices from showing in Purview and keep the onboarding option disabled? Any guidance would be appreciated.
Activity explorer scoping to AU
I remember that Activity Explorer can be fully scoped to Admin Units, and that the Restricted admin can see activity explorer and DLP matching events for the scoped AU only, is that correct? Cause I was checking and I found the Restricted admin can see the activities also for the users out of the scoped AU. Does that make sense?Sharing: PDF readers that support Purview labels
As I was researching on Adobe Acrobat reader and Sensitivity labels, I decided to check if the common alternative PDF readers out there are able to support Purview MIP Sensitivity labels. There is already a published documentation on this for SharePoint-Compatible PDF readers that supports Microsoft IRM: https://learn.microsoft.com/en-us/purview/sp-compatible-pdf-readers-for-irm (last updated Nov-2023) but I wanted to see if these same PDF readers supports the ability for end-users to use/ select labels similar to that of Adobe Acrobat As of 11-June-2025; atleast one of them clearly do: Nitro PDF: Yes. Documentation shows that users can see and use the sensitivity labels. PDF -X.change Editor: Yes. Documentation show that users can see and use the sensitivity labels. (check the official website, I can't hyperlink it because the site is blocked. FOX PDF editor: No. Documentation only states RMS and not clear if it show Purview labels. This is for F.O.X.I.T editor (spelled without the ".") but for some reason there is a community ban on that word and it won't allow me to post the full name PDFescape: No. Sumatra PDF: No Okular: No If there are other PDF readers that I've missed, I encourage you list it down in the comment below. Would love to grow this list.
Shared capabilities
I am writing my thesis about Microsoft Purview. And something is not very clear to me about the shared capabilities. So I know Microsoft has the platform and the product shared capabilities. The platform shared capabilities are the foundation for Purview. Like audit logs and retention labels etc. The product shared capabilities are products as Adaptive Protection and OCR. There is a lot information about the product shared capabilities on learn.microsoft.com. But is there anything I can find about the platform shared capabilities like a blogpost or a webinar?
DLP Policy - DSPM Block sensitive info from AI sites
Having issues with this DLP policy not being triggered to block specific SITs from being pasted into ChatGPT, Google Gemine, etc. Spent several hours troubleshooting this issue on Windows 11 VM running in Parallels Desktop. Testing was done in Edge. Troubleshooting\testing done: Built Endpoint DLP policy scoped to Devices and confirmed device is onboarded/visible in Activity Explorer. Created/edited DLP rule to remove sensitivity label dependency and use SIT-based conditions (Credit Card, ABA, SSN, etc.). Set Paste to supported browsers = Block and Upload to restricted cloud service domains = Block in the same rule. Configured Sensitive service domain restrictions and tested priority/order (moved policy/rule to top). Created Sensitive service domain group for AI sites; corrected entries to hostname + prefix wildcard a format (e.g., chatgpt.com + *.chatgpt.com) after wildcard/URL-format constraints were discovered. Validated Target domain = chatgpt.com in Activity Explorer for paste events. Tested multiple SIT payloads (credit card numbers with/without context) and confirmed detection occurs. Confirmed paste events consistently show: Policy = Default Policy, Rule = JIT Fallback Allow Rule, Other matches = 0, Enforcement = Allow (meaning configured rules are not matching the PastedToBrowser activity). Verified Upload enforcement works: “DLP rule matched” events show Block for file upload to ChatGPT/LLM site group—proves domain scoping and endpoint enforcement works for upload. Disabled JIT and retested; paste events still fall back to JIT Fallback Allow Rule with JIT triggered = false. Verified Defender platform prerequisites: AMServiceVersion (Antimalware Client) = 4.18.26020.6 (meets/exceeds requirements).
eDiscovery search: Sites not available when adding a Group data source
Hi, I am attempting to use Purview eDiscovery to search a SharePoint site associated with a Group. When adding the Data Source, I search for the URL of the SharePoint site, and the Group is returned. However, after selecting the group and clicking Manage, it indicates Sites are "Not Available". What causes this, and how do fix it? My user is a member of the "eDiscovery Manager" role group as an "eDiscovery Administrator", and licensed with "Microsoft 365 E3" and "Microsoft Purview Suite". It is also an Owner of the target Group / SP Site.
Label usage rights not working correctly in office web-view
Hello everyone, I’ve created three simple Purview sensitivity labels (PUBLIC, RESTRICTED, CONFIDENTIAL). RESTRICTED and CONFIDENTIAL use usage-rights, so every internal employee and group is the owner of the document. External users are not permitted to open the document. Unfortunately, I can’t export or print my labeled documents in the Office Web View. In Office Desktop, however, the labels work correctly. This issue occurs for various internal users. Tested with Word, Excel, and PowerPoint. Co-authoring is enabled. User access never expires. Offline access is permitted. Do you have any ideas? Label usage rights Web-view Office DesktopUnified Catalog Self-serve analytics integration
I'm hoping someone has gone through the process of setting up the Self-serve analytics in the Unified Catalog settings to push the Unified Catalog information down to a Fabric Lakehouse. I created a Workspace, and then created a lakehouse in this workspace, and created a folder under the files section in the lakehouse. I used the MSI that is shown in Purview when you configure the storage for the connection and granted it contriubutor access to the Workspace. I then went into Purview, settings for Unified Catalog, and in the solution integrations, set up Fabric storage and provided the URL to the File folder I set up on the lakehouse. I tested the connection and it tested successfully. When I set up the scheduler to run, I received the following: The blacked out is the Workspace ID. I'm trying to understand what I'm missing, I'm assuming write permissions are missing somewhere, but I'm not sure. Any assistance is appreciated.
