Forum Discussion

saravanan82's avatar
saravanan82
Copper Contributor
Jan 18, 2024

DLP policy is not syncing with endpoints for more than 5 days

We are in the process of deploying endpoint DLP policies to devices onboarded to Purview. However the policy status remains not updated for more than 5 days. Is there any way to force update the policy to endpoints.

 

Can anyone assist on this issue.

Yet to get a response from Microsoft Support. 

  • slytherin_corp's avatar
    slytherin_corp
    Copper Contributor
    Hi There! This might sound like a stpd question, but do I need to onboard devices from Defender and Compliance separately? I'm trying to make a DLP policy for device as a location but it's not working as expected. The devices were onboarded in MDE but not in Compliance, I cannot see the Device Onboarding option from Compliance either.
    • andrerocha1450's avatar
      andrerocha1450
      Copper Contributor
      Hi there, no, as soon as the devices are onboarded into Defender, they are considered as onboarded for compliance.
      Keep in mind that microsoft has now split the agents (starting from june).
      MpDlpService.exe” for Microsoft Purview DLP and “MsMpEng.exe” exclusively for Microsoft Defender for Endpoint
  • jdlavallee's avatar
    jdlavallee
    Copper Contributor
    we have same exact issue... Policy sync is greyed out. But in our case, the policy NEVER actually synced....
  • Hey saravanan82 

     

    If you're leveraging endpoint dlp and have onboarded devices to Microsoft Purview, you will be able to tell a specific device to sync with purview to receive it's assigned policies, but only if the device is reporting as being out of sync. To do this, you can:

    • login to compliance.microsoft.com
    • Select "Settings" from the menu on the left
    • Select "Device onboarding"
    • Find and select any out of sync device

    if that doesn't work, try forcing a sync from in security.microsoft.com

    • Select "Devices"
    • Find the Device in your device inventory
    • Click on the 3 dots and select policy sync

    This will be dependent on if you are using the MDE attach method with your device fleet or not

    • saravanan82's avatar
      saravanan82
      Copper Contributor

      Hi BillClarksonAntill,

       

      The policy sync option is greyed out in the defender portal.  The last DLP policy sync occurred on Jan 13th, post that we have made many changes to endpoint DLP policies and none of them enforced to  devices.

Resources