DLP policy stops working when device is joined to the local domain

Question

i have deployed purview in the client environment (M365 E5 lic) the DLP rule presents copy to USB for fils with a certain sensitivity label. DLP agent is deployed on all devices and all devices are in sync. when i test the DLP policy on an Entra joind device it works as intended and prevents copy to USB but when i join the device to the local domain the DLP policy stops working how do i debug this?

prathista ilango · Answer

Hello Rime_Razgallah,
Hope you’ve already been able to get this sorted. If not, here’s a quick clarification that may help based on recent deployment observations.
Endpoint DLP requires the device to be Entra joined or Entra hybrid joined or Entra registered. In case, the device is joined only to local domain and not Entra or not registered with Entra, then endpoint DLP might not work as expected. Refer to the prerequisites for onboarding here:&nbsp;
https://learn.microsoft.com/en-us/purview/device-onboarding-overview#prepare-your-windows-devices&nbsp;
Hope this helps!
Please&nbsp;mark as solution, if you find the answer helpful. This will assist others in the community who encounter a similar issue, enabling them to quickly find the solution and benefit from the guidance provided.

Forum Discussion

DLP policy stops working when device is joined to the local domain

1 Reply