Forum Discussion

Rime_Razgallah's avatar
Rime_Razgallah
Copper Contributor
Oct 23, 2024

DLP policy stops working when device is joined to the local domain

i have deployed purview in the client environment (M365 E5 lic) the DLP rule presents copy to USB for fils with a certain sensitivity label. DLP agent is deployed on all devices and all devices are i...
Prathista Ilango's avatar
Prathista Ilango
Icon for Microsoft rankMicrosoft
Apr 08, 2026

Hello Rime_Razgallah,

Hope you’ve already been able to get this sorted. If not, here’s a quick clarification that may help based on recent deployment observations.

Endpoint DLP requires the device to be Entra joined or Entra hybrid joined or Entra registered. In case, the device is joined only to local domain and not Entra or not registered with Entra, then endpoint DLP might not work as expected. Refer to the prerequisites for onboarding here: 

https://learn.microsoft.com/en-us/purview/device-onboarding-overview#prepare-your-windows-devices 

Hope this helps!

Please mark as solution, if you find the answer helpful. This will assist others in the community who encounter a similar issue, enabling them to quickly find the solution and benefit from the guidance provided.