Getting sensitivity label working for specific domain
Good morning all I am trying to setup a sensitivity label to work so anyone with '@mail.com' will have access to a document that has this label. I have attempted to apply this in the control access settings with the label under 'Add specific email addresses or domains' However for the life of me, I cannot get this to work, I have tried "*@mail.com. mail.com, mail.com", nothing seems to work. I have run through the MS material on this and can't see anything specific to setting this up. Has anyone been successful in setting this up? Is there a trick I am missing? Grateful for anyone who can help on this!
Label Inheritance in outlook.
When an attachment with a higher-priority sensitivity label is added, the email initially inherits that label. However, after the attachment is removed, the email reverts to the default label, and if another attachment with a different (higher priority) label is subsequently added, the email does not automatically inherit the new label. Is this correct behavior and any MS doc related to this?When the default sensitivity label is applied, an asterisk (*) appears next to the label.
When I open a Word document and the default sensitivity label (e.g., INTERNAL) is applied, an asterisk appears next to the label along with a message indicating that the file hasn’t been saved yet. Is there any detail Microsoft documentation that explains this behavior? This only occur for default label if I try to remove default label (without saving word file) and apply any other label then * mark is not there.
AADSTS50020: protected PDF issue for external users
I have been recently (don't know when it was started) observed getting error from protected PDF (sensitivity label with user defined permission) file while trying to open that pdf via AIP viewer mobile app (Android/iOS) AS external user (who has permission to open/view). No issue with Office file types protected. external (not internal, not guest) user (currently testing with gmail.com account, other O365 tenant user) getting error as attached from AIP view mobile app. We do have AIP excluded at conditional access policy which helped so far to avoid this problem for external users. Is there been any recent change in behavior around user defined protected PDF? Since user having problem is external, have no clue where to look for log and start investigation. Error code: AADSTS50020
Auto-Apply Sensitivity Label
I am working on DLP and Information Protection feature of Purview to utilize the Sensitive Info Types. In DLP, I made a policy to send alerts when the SITs are found. In Information Protection, I have sensitivity label and configured to auto apply it once it detects the SIT. I use the same SIT on alert and in sensitivity label. Upon doing tests on several documents, I am receiving alerts via email because the SIT is found. However, the automatic application of SIT on the document does not persist, even it's been 2 weeks since I have created the document. Other information: *Upon publishing other labels, i did not configure any default labels on documents. *Tenant is US *Im working in the Philippines Here is the email i am receiving coming from the DLP policy. Here is my configuration of the sensitivity label.
Restrict sharing of Power BI Data to limited users
In the Power BI admin center, we have enabled the setting: "Restrict content with protected labels from being shared via link with everyone in your organization". As expected, this prevents users from generating "People in your organization" sharing links for content protected with sensitivity labels. We only have one sensitivity label with protection enabled. However, due to Power BI’s limitations with labels that include "Do Not Forward" or user-defined permissions, this label is not usable in Power BI. Our Power BI team wants to restrict sensitive data from being shared org-wide and instead limit access to specific individuals. One idea was to create another sensitivity label with encryption that works with Power BI and use that to enforce the restriction. However, such a label would also affect other Microsoft 365 apps like Word, Excel, and Outlook — which we want to avoid. I looked into using DLP, but MS documentation mentions below limitations, that makes me unsure if this will meet the requirement. 1. DLP either restricts access to the data owner or to the entire organization. 2. DLP rules apply to workspaces, not individual dashboards or reports. My question: Is there any way to restrict sharing of Power BI (or Fabric) content to specific users within the organization without changing our existing sensitivity label configurations or creating a new encryption-enabled label that could impact other apps?
Can MS Purview mask data in CE
Hi Can MS Purview enable data masking in Dynamics Customer Engagement / Service, If yes how this can be achieved? if No, Can we expect this feature in near future? Note: We would not enable any mask (Field Security Profile) features directly in CE, would like to happen using MS PurviewAuto-label cannot scope to Synapse Analytics Database
After testing some Purview functionality I have discovered that any Synapse Analytics Serverless SQL Database cannot be handled by Purview when scoped to the individual database. You get the following error: As the "AppliedScope" is just a tick box for the user, I am presuming there is a long FQDN in the Azure backend causing this error. The synapse workspace name and database name are not particularly long as well. We were testing this for a customer and know that their own Synapse workspace names and database names will be more characters than our test scenario. The scenario was an Auto-Label policy for a sensitivity label against a data source in data map. This data source was a single Synapse Workspace with a single serverless SQL database. All names for these were around 8-10 characters. Can anyone in the Purview team confirm if this is a known error at all and if there is a fix incoming anytime soon?Does SharePoint Classic sites support Sensitivity Labels?
Hi there, I am implementing Sensitivity Labels for an organization. They have a couple of SharePoint Classic sites that are required to be labelled. These sites have the old UI and as a result have no Site Information option to choose a label. Does anyone know if we can apply a label to classic sites from Admin Center or using PowerShell?
Microsoft Purview - Sensitivity Auto-Label email attachments
I feel like this shouldn't be that hard. I have a shared mailbox, and all email attachments in/out of the mailbox need auto labeled. I have an auto-label policy/rule setup for email in/out of the mailbox, and it works like charm (email gets the label, but not attachment). How (or is it possible) can I auto-label email attachments? I somehow cannot land on the right rule config for this. Thanks for any direction!
