Native DLP Failed on Mar 4, 2020, 3:29:13 PM. Error details: Download error
Hi i am facing issue with applying Sensitivity label on SharePoint files using MCAS, first i am able to apply the label but after that MCAS unable to scan the file, also creating rule to remove the label failed with native DLP failed error. i have a support request opened for more than a month and there is no solution. regards
Connecting to multiple Microsoft services with the same session
Hi guys. Working on a script that needs to connect to ExchangeOnlineManagement, TeamsOnlineManagement, SharePointOnlineManagement.... The script will be used across many different tenants, and I also plan to make it publicly available, so 1) I don't really want to pre-configure some complicated key setup and 2) I don't really want to have login pop-ups over and over again... For ExchangeOnline, I learned (accidentally), if I do this: $upn = Read-Host -Prompt "input yer wahawha" Connect-ExchangeOnline -userprimaryname $upn Connect-IPPSsession -userprimaryname $upn And login to MY tenant, I don't get prompted for login. I think likely because my device is Entra-joined, and it's using my Microsoft account. But even if I use a different account, it will only prompt me once - reusing it for the other. This is great, and exactly how I wanted things to flow - but now I'm trying to do Connect-SPOService (sharepoint) and Connect-MicrosoftTeams... and while both of these are part of the tenant, they don't take the -userprimaryname param - so I can specify to use the account I'm logged into my PC with.. The end-goal is to have this script run with minimal user input. I've SORT OF found a workaround for SharePoint, where I can get the SharePointSite from ExchangeOnline, then modify it a bit and use it as input for Connect-SPOService... but Teams, while it doesn't have the URL param requirement, DOES prompt me to login again. Is there a way to use the existing session for either of these, like I've done with ExchangeOnline / IPPSSession? We have MFA enabled, though not required from within our company network - but when I try to use Get-Credential, it errors me out because it wants MFA.Using MCAS to block file upload to SharePoint Online based on (external) file property?
Hi, With MCAS (by file policy or by Conditional Access App Control), would it be possible to act on single file if specific file property matches search criteria? E.g. if any value in multivalued property "Tags" in Office file matches "testtag01" or if any value in multivalued property "Keywords" in PDF file matches "testtag01". I've tried with O365 DLP, but with traditional Office 365 DLP issue is that those properties are not indexed in SharePoint search index by default and therefore DLP wont detect those.
CAS / MIP / DLP Secure Whatsapp session
Hello guys, I am looking for a way to enable users from my company to use whatsapp web and control the session using CAS, MIP and DLP to prevent data exfiltration, is there a way to do that? I'm new to that solutions and wasn't able to find any documentation about that. thanks a lot!
MCAS API Connector - Connect GCP - Error: Failed to create sink via Stackdriver Logging API
Hi Everyone, I follow the Microsoft official procedure (Link: https://docs.microsoft.com/en-us/cloud-app-security/connect-google-gcp-to-microsoft-cloud-app-security) to connect GCP to MCAS through API Connector. Unfortunately when I'm going to connect GCP the MCAS report the following error: Error: Failed to create sink via Stackdriver Logging API. Any suggestion? Is there a way to solve this issue? Thanks in advance. Regards, Vittorio (Security Team Lead)Lag in Cloud App Security
Does anyone else notice/experience a lag in the logging within Microsoft Cloud App Security? It's more noticeable with connections to other cloud services but even processing rules around revoking rights to for example files flagged as sensitive seems to take longer than what I would describe as acceptable to process (so more than 30 minutes). As a small team, ideally we would like to trust the reporting and actions that this product generates and takes but it just doesn't seem to be consistent.How to get Sharepoint online into Conditional Access app Control
Hello What are the steps to add sharepoint online into Conditional Access app Control ? When i add a new app then search for Sharepoint i get the message below. When i click on the "start wizard" its asking me for saml xml data. Is this the proper way to add SharePoint online to Conditional Access app Control ?
Allow Copy paste only within Office365 in Browser
Hi all, We have a session policy in place to Block Copy and paste in a Browser session, but we would like to allow Copy and paste within Office 365 documents in the browser but Block outside of office 365 and non browser apps. I played around with the settings but can't find the right set of settings. Anyone has any experience with this? Putting it to: Activity: Paste App Does not Equal Office 365 Does not work. Cheers, Hans
