Way to assign a Sensitivity labels policy to all employees (no guests)

Deleted · ‎Feb 09 2020

When I try and assign a sensitivity label policy to users/groups from the Compliance centre I am unable to select a security group. The text description explans I can select from users, office 365 groups, mail enable secuoty group or a distribution group.

I have already set up security groups in Azure AD to manage conditional access policies and had assume I could reuse groups. For example I already have 'all employees - no guests' SG and a 'guests only' SG. Why do I need to create mail enabled SG as I do not want to be able email these groups.

We do no have a Team or Office 365 group for all employee as the organization is too large.

I have read through all the Microsoft docs but cant see to find anything

Any help appreciated

Nip17 · ‎Jul 19 2020

@Deleted

AIP policies requires a ‘mail-enabled’ distribution group
You cannot use a security group (dynamic or static) because this group type doesn't have an email address
You also cannot use a dynamic distribution list from Exchange Online because this group isn't replicated to Azure AD

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Way to assign a Sensitivity labels policy to all employees (no guests)

Way to assign a Sensitivity labels policy to all employees (no guests)

Re: Way to assign a Sensitivity labels policy to all employees (no guests)