Forum Discussion
Activity explorer scoping to AU
Hello
Thank you for your reply
1. I tested two restricted admins that don't have any roles from Entra and from any other Purview role group.
2. The DLP policies are scoped indeed only to the admin unit, no global assignment.
3. I can see all kinds of activities for all workloads for all other AUs. Even I compared with the Purview admin, and I had the same results.
4. The DLP policy targets the three basic workloads (SP, OneDrive, Exchange)
This case is strange because Microsoft says clearly that Activity Explorer is fully scoped and respects AU, but recently I discover lots of mismatching between documentation and the real environment when testing.
I opened a case with Microsoft, but you know, L1 junior support technicians started to talk to me, and they will need 1 month to realize that they need to escalate to L2s ... Karma !!!!
Hello,
Thanks for sharing the details. Based on your tests, this does sound unexpected, especially if the restricted admins have no other Entra or Purview roles, and the DLP policies are scoped only to the AU.
I have not noticed this behavior myself, but I will also try to reproduce it in my environment and compare the results.
It would be interesting to see what Microsoft says after escalation, because this clearly does not align with the expected AU-scoped behavior.