cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

AIP phased deployment

JSlei
Brass Contributor

‎Oct 02 2019 08:03 PM - last edited on ‎May 24 2021 02:07 PM by

‎Oct 02 2019 08:03 PM - last edited on ‎May 24 2021 02:07 PM by

AIP phased deployment

I'm working on deploying AIP for a pilot group. I followed this article

https://docs.microsoft.com/en-us/azure/information-protection/activate-service#configuring-onboardin...

and used a security group that contains all my pilot users. Now, I'm at the point where I'm ready to publish my labels, if I publish to ALL users in tenant, will only the users in my security group see the labels? is that how this works? or should I only publish labels to the security group?

 

 

 

1,105 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by JSlei (Brass Contributor)
Pål Winther

‎Oct 03 2019 12:34 AM

‎Oct 03 2019 12:34 AM

Solution

Re: AIP phased deployment

Hi@JSlei : You are correct: The onboarding controls are there for just such a case. Making sure you are onboarding only the specified users. And I understand why you ask, since the article isn't really clear on this (just says that other users won't be able to protect). I haven't tried this for a while but last time I did this the users who were not in the onboarding policy would still see the protection templates, but would not be able to apply. If they selected a template, they would see the following message: Azure Information Protection cannot apply this label. If this problem persists, contact your administrator. And it didn't matter if it was a scoped policy or not. The labels however should be hidden. And if you want to be sure, you could publish only to the pilot group.

 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by JSlei (Brass Contributor)
Pål Winther

‎Oct 03 2019 12:34 AM

‎Oct 03 2019 12:34 AM

Solution

Re: AIP phased deployment

Hi@JSlei : You are correct: The onboarding controls are there for just such a case. Making sure you are onboarding only the specified users. And I understand why you ask, since the article isn't really clear on this (just says that other users won't be able to protect). I haven't tried this for a while but last time I did this the users who were not in the onboarding policy would still see the protection templates, but would not be able to apply. If they selected a template, they would see the following message: Azure Information Protection cannot apply this label. If this problem persists, contact your administrator. And it didn't matter if it was a scoped policy or not. The labels however should be hidden. And if you want to be sure, you could publish only to the pilot group.

 

View solution in original post

0 Likes
Reply