Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

DLP Administrative Units

Copper Contributor

Hello,

 

I'm running a project with Microsoft DLP. Need to assign a permission to users that can see some of DLP alerts and activity explorer, but only the part that i want to. Such as, domain name is a.com. When i read about administrative units it sounds like doing this but i tryed to creat one, there is no role that includes DLP or Compliance. 

 

Is there any way to do it ?

For example, finance admin can only see finance users alerts and activity explorer.

 

Thank you.

2 Replies
While there is limited support for administrative units in the Compliance center, DLP and the activity explorer are both supported, so you should be fine. You will have to create custom AU-scoped role groups though. Follow the instructions here: https://learn.microsoft.com/en-us/purview/microsoft-365-compliance-center-permissions#administrative...

@VasilMichev 
Hello, thank you for your response. I tried it. User that i assigned to admin unit can see only policy that i assignd to group it's well but not able to see activity explorer. This is the config;

Burak_MERCAN_0-1695641581301.png

Burak_MERCAN_1-1695641639960.pngBurak_MERCAN_2-1695641658250.png

Burak_MERCAN_3-1695641682471.pngBurak_MERCAN_4-1695641704905.png