Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

New-DlpComplianceRule Parameters with SiteAdmin

Copper Contributor

Hello Experts,

 

Using the New-DlpComplianceRule cmdlet, there are three (3) parameters called "-GenerateAlert", "GenerateIndidentReport", and "-NotifyUser" and one of the valid values is "SiteAdmin". See this article (New-DlpComplianceRule (ExchangePowerShell) | Microsoft Docs).  When this parameter is configured (see attached image), where does this alert/notification go to?

 

I tested sending 10 SSN numbers to an external account, the sender gets a "Your email message conflicts with a policy in your organization" email; which is expected.  Global admin did not receive any e-mail. 

 

Part of my script includes:

#High Volume Rule
$HighSensitiveInfo = @(@{Name ="U.S. Social Security Number (SSN)";minCount = "6"},@{Name ="U.S. / U.K. Passport Number";minCount = "6"},@{Name ="U.S. Individual Taxpayer Identification Number (ITIN)";minCount = "6"})
$HighRulevalue = @{
'Name' = 'High Volume Government Data';
'Comment' = "Helps detect the presence of information commonly considered to be subject to the compliance";
'Policy' = $PolicyName;
'ContentContainsSensitiveInformation' = $HighSensitiveInfo
'BlockAccess' = $false;
'ReportSeverityLevel' = 'High';
'AccessScope'='NotInOrganization';
'Disabled'=$false;
'GenerateIncidentReport'='SiteAdmin';
'IncidentReportContent'='All';
'NotifyAllowOverride'='FalsePositive,WithJustification';
'NotifyUser'=@('SiteAdmin', 'LastModifier', 'Owner')
}

 

Thanks in advance!

1 Reply
I have same issue. Did you figure it out?