Forum Discussion
Deleted
Feb 10, 2020Way to assign a Sensitivity labels policy to all employees (no guests)
When I try and assign a sensitivity label policy to users/groups from the Compliance centre I am unable to select a security group. The text description explans I can select from users, office 365 groups, mail enable secuoty group or a distribution group.
I have already set up security groups in Azure AD to manage conditional access policies and had assume I could reuse groups. For example I already have 'all employees - no guests' SG and a 'guests only' SG. Why do I need to create mail enabled SG as I do not want to be able email these groups.
We do no have a Team or Office 365 group for all employee as the organization is too large.
I have read through all the Microsoft docs but cant see to find anything
Any help appreciated
- Nip17Brass Contributor
Deleted
- AIP policies requires a ‘mail-enabled’ distribution group
- You cannot use a security group (dynamic or static) because this group type doesn't have an email address
- You also cannot use a dynamic distribution list from Exchange Online because this group isn't replicated to Azure AD