Searching documents with "Sensitivity" Label-ID
Well we have made the field "InformationProtectionLabelId" as Managed Property. So as a App or a User if you want a list of files having a specific label you can simply search using the label's GUID. Like below: Use like below in SharePoint search box InformationProtectionLabelId: 2702e115-d7fc-4912-b15b-a9b7662b1476 To use search API do below: https://<your domain>/_api/search/query?Querytext=%27InformationProtectionLabelId=<guid of the label> That's how you use the search API to search for ALL contents with a specific labelImpact of Deleting old Label in Compliance Portal
Hi All, I wanted a help to understanding the impact of deleting old label/labels which are not using as of now. However, those labels might be used in previously and because of that I need to understand is there any impact of Data loss. as of now we have too many labels in our environment and purpose is reducing the number of labels. appreciate the help. Thanks, Dilan
Trouble in Opening MIP Files (Azure information Protected Files)
The latest Microsoft Edge stable version 109 for Windows and Mac has issues opening MIP files. We receive a message stating "Something went Wrong" When we downgraded Edge to the Version 108 we are able to open the MIP files in Windows and Mac Is anyone else having the same issue?Live Security and Compliance Ask Me Anything (AMA) with Microsoft Product Experts
Tuesday, June 1, 2021, 11:00 AM – 11:45 AM CDT Live Security and Compliance Ask Me Anything (AMA) with Microsoft Product Experts Register Now Microsoft Security and Compliance thought leaders Matthew Littleton (Microsoft Global Advanced Compliance Specialist, and Retired Navy Captain) and Matt Soseman (Microsoft Senior Security Architect) will offer unique insights and a depth of knowledge around the Microsoft Security product suite during this 45 minute open forum Q&A. These leaders will bring nearly 25 years at Microsoft to bear while answering questions pertaining to product capabilities and updates, feature availability, and applications for federal cybersecurity mandates such as the Cybersecurity Maturity Model Certification (CMMC) and DFARS 7012. Questions may cover the following and much more: Data Loss Prevention Microsoft Intune Azure Active Directory and Conditional Access Microsoft Cloud App Security Microsoft 365 GCC & GCC High In this Ask Me Anything (AMA) style session, Matt and Matt will address audience members and their respective scenarios deploying in the Microsoft Government Cloud to better prepare teams looking to protect corporate and US Government Data. The goal of this session is to address contractors questions in light of the recent Cloud Security and Compliance Series event where both Matt and Matt have addressed topics such as “CMMC Compliance in the Microsoft Sovereign Cloud” and “Meeting CMMC Level 3 with Microsoft Intune / Meeting CMMC with Microsoft Information Protection (MIP)”. Register for live event here.
Not able to Move the file from one site collection to another due to Sensitivity label
Hello Members, I have developed a console application in C# to move the document from one site collection to another. The code fails with message “Exception from HRESULT: 0x87FA0010” and ServerErrorTypeName as “System.UnauthorizedAccessException”. I tried to resolve the issue and came to know that this is happening because of sensitivity label assigned to SharePoint online site from where the code is trying to read the document that needs to be moved. The site collection have sensitivity label "C2" attached to it. When I move the sensitivity label to "C1", the code was able the move the document to another site collection. The reason seems to because of the fact that the code is not passing "Trusted Device" information while it is trying to move the document. Due to this SharePoint is considering the request is coming from a non-trusted device and not allowing the request to read the document. I need to know how can I pass the "Trusted Device" information from my C# code. Please help! Reagrds, RatneshError Information Rights Management not configured
Hi Team. I deploy Microsoft Information Protection with sensitivity labels. After create labels, in both, Office clients and Web, show error: Information Rights Management not configured. For configure IRM, sign in Office, create message or document protected by IRM existing (Attach message in spanish). Trobleshooting: Migrate service Azure Information Protection to Microsoft Information Protection. Delete all labels migrated from AIP to MIP. Create new labels in MIP. Test in Word, Outlook client. Test in Word, Outlook web. Ideas for troubleshooting? Thanks,Purview Webinars
REGISTER FOR ALL WEBINARS HERE Upcoming Microsoft Purview Webinars JULY 15 (8:00 AM) Microsoft Purview | How to Improve Copilot Responses Using Microsoft Purview Data Lifecycle Management Join our non-technical webinar and hear the unique, real life case study of how a large global energy company successfully implemented Microsoft automated retention and deletion across the entire M365 landscape. You will learn how the company used Microsoft Purview Data Lifecyle Management to achieve a step up in information governance and retention management across a complex matrix organization. Paving the way for the safe introduction of Gen AI tools such as Microsoft Copilot. 2025 Past Recordings JUNE 10 Unlock the Power of Data Security Investigations with Microsoft Purview MAY 8 Data Security - Insider Threats: Are They Real? MAY 7 Data Security - What's New in DLP? MAY 6 What's New in MIP? APR 22 eDiscovery New User Experience and Retirement of Classic MAR 19 Unlocking the Power of Microsoft Purview for ChatGPT Enterprise MAR 18 Inheriting Sensitivity Labels from Shared Files to Teams Meetings MAR 12 Microsoft Purview AMA - Data Security, Compliance, and Governance JAN 8 Microsoft Purview AMA | Blog Post 📺 Subscribe to our Microsoft Security Community YouTube channel for ALL Microsoft Security webinar recordings, and more!Sharing: PDF readers that support Purview labels
As I was researching on Adobe Acrobat reader and Sensitivity labels, I decided to check if the common alternative PDF readers out there are able to support Purview MIP Sensitivity labels. There is already a published documentation on this for SharePoint-Compatible PDF readers that supports Microsoft IRM: https://learn.microsoft.com/en-us/purview/sp-compatible-pdf-readers-for-irm (last updated Nov-2023) but I wanted to see if these same PDF readers supports the ability for end-users to use/ select labels similar to that of Adobe Acrobat As of 11-June-2025; atleast one of them clearly do: Nitro PDF: Yes. Documentation shows that users can see and use the sensitivity labels. PDF -X.change Editor: Yes. Documentation show that users can see and use the sensitivity labels. (check the official website, I can't hyperlink it because the site is blocked. FOX PDF editor: No. Documentation only states RMS and not clear if it show Purview labels. This is for F.O.X.I.T editor (spelled without the ".") but for some reason there is a community ban on that word and it won't allow me to post the full name PDFescape: No. Sumatra PDF: No Okular: No If there are other PDF readers that I've missed, I encourage you list it down in the comment below. Would love to grow this list.
Java MIP SDK 1.17.154: commitAsync() TemplateNotFoundError (C# OK; Java fails Win & Ubuntu)
TL;DR Java SDK 1.17.154: calling setLabel() then commitAsync() fails with TemplateNotFoundError (TemplateId=2ea3c830-...). Same label/code works on Java 1.16.x and C# 1.17.154. Policy cache cleared, templates/labels verified, token/tenant checked—issue persists. Environment SDK (Java): 1.16.x (OK), 1.17.154 (FAIL) SDK (C#): 1.17.154 (OK) OS (Java): Windows 10/11 (win32 build), Ubuntu 20.04 / 22.04 / 24.04 Java: OpenJDK 17.0.16 (x64) Service/Tenant: Microsoft Purview Information Protection Auth: (e.g., user delegated token / app-only token) Code Snippet (Java) // Label apply options LabelingOptions labelingOptions = new LabelingOptions(); labelingOptions.setAssignmentMethod(AssignmentMethod.PRIVILEGED); labelingOptions.setDowngradeJustified(true); labelingOptions.setJustificationMessage("Label Apply"); // Get label Label label = fileEngine.getLabelById(labelId); // Apply label (no explicit template handling) fileHandler.setLabel(label, labelingOptions, new ProtectionSettings()); // Commit File workFile = new File(domainFolder, UidUtil.makeUid()); CompletableFuture<Boolean> commitFuture = fileHandler.commitAsync(workFile.getAbsolutePath()); commitFuture.get(); // <-- Throws TemplateNotFoundError on 1.17.154 Stack trace excerpt: Caused by: com.microsoft.informationprotection.internal.gen.Error: TemplateNotFoundError: Could not find template with id: 2ea3c830-5a0e-4eea-b48b-c72186d453c0, BadInputError.Code=General, CorrelationId=42ffaad4-3a0f-4986-ba9d-b5a79c5fd076 (ProtectionEngine), CorrelationId=16819f70-e419-473f-9895-c756f3dd5e4b (FileHandler) at com.microsoft.informationprotection.internal.gen.SdkWrapperJNI.SwigDirector_FileHandler_Observer_OnCommitFailure(SdkWrapperJNI.java:2688) Expected Behavior setLabel() should apply the label (and its protection) and commit successfully, as it does in Java 1.16 and C# 1.17.154. Actual Behavior commitAsync() fails with TemplateNotFoundError for the GUID referenced by the label’s ApplyProtectionAction. What I’ve Tried Policy/cache refresh: Deleted %LOCALAPPDATA%\Microsoft\MSIP\ / ~/.mip/, reloaded engine. Template/label verification: Confirmed existence and publish scope in Purview portal & via PowerShell/Graph. Label actions check: policyEngine.getLabelActions(labelId) shows an ApplyProtectionAction with that GUID. Token/tenant sanity check: Correct scopes and same tenant. Rollback test: Java 1.16 works; C# 1.17.154 works. Questions Any breaking change in Java 1.17 regarding how protection templates are resolved during setLabel()? Is this a known issue specific to Java SDK 1.17.154 (win32 & Ubuntu 20/22/24 builds)? Should we now explicitly use ProtectionDescriptor / SetProtection() in Java? Can someone review the service logs using the CorrelationIds above? Happy to provide additional logs, PowerShell/Graph queries, or action dumps if needed. Thanks!
