Clarification related to JIT for EDLP
Can someone help clarify how JIT actually works and in which scenario we should enable JIT. The Microsoft documentation is very differently from what I’m observing during hands-on testing. I enabled JIT for a specific user (only 1 user). For that user, no JIT toast notifications appear for stale files when performing EDLP activities such as copying to a network share, etc. However, for all other users even though JIT is not enabled for them their events are still being captured in Activity Explorer. See SS below.
Test DLP Policy: On-Prem
We have DLP policies based on SIT and it is working well for various locations such as Sharepoint, Exchange and Endpoint devices. But the DLP policy for On-Prem Nas shares is not matching when used with Microsoft Information Protection Scanner. DLP Rule: Conditions Content contains any of these sensitive info types: Credit Card Number U.S. Bank Account Number U.S. Driver's License Number U.S. Individual Taxpayer Identification Number (ITIN) U.S. Social Security Number (SSN) The policy is visible to the Scanner and it is being logged as being executed MSIP.Lib MSIP.Scanner (30548) Executing policy: Data Discovery On-Prem, policyId: 85........................ and the MIP reports are listing files with these SITs The results Information Type Name - Credit Card Number U.S. Social Security Number (SSN) U.S. Bank Account Number Action - Classified Dlp Mode -- Test Dlp Status -- Skipped Dlp Comment -- No match There is no other information in logs. Why is the DLP policy not matching and how can I test the policy ? thanksAggregate alerts not showing up for Email DLP
Hi, I’m unable to see the “Aggregate alerts” option while configuring an Email DLP policy, although the same option is visible for Endpoint DLP. The available license is Microsoft 365 E5 Information Protection and DLP (add-on). If this is a licensing limitation, why am I still able to see the option for Endpoint DLP but not for Email DLP? Screen short showing option for Endpoint DLP alerts
How to apply sensitivity labels to external emails received in my Outlook?
I have created a sensitivity label and an auto-labeling policy that applies the label when an email contains sensitive information. When an internal user sends the email, the label is applied correctly. But when I receive an email with sensitive information from an external user, the label is not applied. How can I apply the sensitivity label to emails that come from external users?Customized Oversharing Dialog not working for Exchange DLP
Hi Team, When I'm enabling policy tip as a dialog for custom content. This is not working. I'm testing this option on new outlook. and this is my JSON file { "LocalizationData": [ { "Language": "en-us", "Title": "Add a title", "Body": "Add the body", "Options": [ "I have a business justification", "This message doesn't contain sensitive information", "Business justification" ] } ], "HasFreeTextOption": "true", "DefaultLanguage": "en-us" } For old outlook it's not working there too. No policy tips, no override option My old outlook version
Cross-Tenant Purview Scan of Fabric Lakehouse fails to ingest Sub-items (Delta Tables)
Environment: Tenant 1 (Consumer): Azure Purview (Microsoft Purview Data Map). Tenant 2 (Provider): Microsoft Fabric (Capacity + Workspaces). Architecture: Purview in Tenant 1 is scanning Fabric in Tenant 2 via the "Fabric" Data Source using Azure Auto-Resolve Integration Runtime. The Issue: I can successfully scan and see Item-level metadata (e.g., Workspace Name, Lakehouse Name). However, I am getting Zero sub-item visibility. No Delta Tables, no Columns, and no sub-item lineage are being ingested into Purview. Configuration Verified: Service Principal (SPN): Created an App Registration in Tenant 2 (Fabric Tenant). Permissions: The SPN is a Member (and I tested Admin) of the target Fabric Workspace. Fabric Admin Settings (Tenant 2): Allow service principals to use read-only admin APIs: Enabled for the SPN's Security Group. Enhance admin APIs responses with detailed metadata: Enabled. Enhance admin APIs responses with DAX and mashup expressions: Enabled. My Specific Questions for the Product Team / MVPs/Members: Authentication Flow: For sub-item ingestion (Delta Tables) to work cross-tenant, is it sufficient for the SPN to be a standard App Registration in Tenant 2 (Provider), or does Fabric require the "Cross-Tenant Access" (Guest User) flow where a shadow SPN is created via the specific trusted external tenants configuration? API Limitation: Is the "Enhanced Metadata" API payload (metadata/subartifacts) restricted to Same-Tenant calls only during the current Preview? I suspect the API is returning a standard payload instead of the enhanced one due to the cross-tenant boundary. Workaround: Has anyone successfully forced ingestion of Delta Tables cross-tenant by using the Apache Atlas REST API to manually inject the schema entities, or is there a specific hidden toggle in the Fabric Admin Portal (perhaps specifically for "External Principals") that I am missing?
Purview Unified Catalogue Gov Domains Numeric Prefixing
Has Anyone Tried Numeric Prefixing for Governance Domains in Purview? Context: We introduced a structured numeric prefixing system for governance domains in Microsoft Purview to make hierarchical sorting more intuitive. What we did: Parent domains use a base prefix ending in .00 (e.g., 02.00 Group). Child domains are numbered sequentially (e.g., 02.01 Directorate, 02.01.01 Team). Why: Purview sorts domains alphabetically, which caused child domains (e.g., 02.01) to appear above their parent (02 Group). Adding .00 ensures parents always sort before children, creating a clear hierarchy. How it works: All already have 01.00- Top-level groups: 02.00 Directorates: 02.01, 02.02 Teams/Units: 02.01.01 This approach guarantees correct sorting, clear hierarchy, and scalability for future additions? Question for the community: Has anyone else implemented a similar numeric prefixing approach in Purview? Do you think this is a good idea for maintaining clarity and scalability? Any alternative strategies you’ve found effective?
