Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Endpoint DLP - Not working for test Tenant user

Copper Contributor

I'm trying to test Endpoint DLP in our test Tenant and so far I have onboarded my device and created a DLP Policy using a sensitivity label as a trigger for block actions but even though files are being audited the alerts/actions are not happening.  I have the Microsoft 365 E5/A5 Information Protection and Governance license  but I'm wondering if it's because i have scoped the policy to my Test tenant user account and logged into office on my device with that one. However, I can only sign into my device as a user with my corporate account. Do you have to sign into the device with the account that the policy is scoped to as well?  I'm unable to do this so this would be a big problem. 

 

Thanks

1 Reply
best response confirmed by GDHUK (Copper Contributor)
Solution

@GDHUK 

 

Thank you for posting your question here regarding Endpoint DLP. To answer your question, yes, you must login to the device with the identity that the policy is scoped to. if the policy is assigned to your test tenant account then you will only have the policy take effect if you login to an onboarded device with your test tenant account.

 

If you're looking to verify the functionality of Endpoint DLP, you may want to see if you can get access to a test/spare device or if you have the ability to build a small VM on your device, which gets signed into by your test tenant account.

1 best response

Accepted Solutions
best response confirmed by GDHUK (Copper Contributor)
Solution

@GDHUK 

 

Thank you for posting your question here regarding Endpoint DLP. To answer your question, yes, you must login to the device with the identity that the policy is scoped to. if the policy is assigned to your test tenant account then you will only have the policy take effect if you login to an onboarded device with your test tenant account.

 

If you're looking to verify the functionality of Endpoint DLP, you may want to see if you can get access to a test/spare device or if you have the ability to build a small VM on your device, which gets signed into by your test tenant account.

View solution in original post