User Profile
Afsar_Shariff
Brass Contributor
Joined 6 years ago
User Widgets
Recent Discussions
LitigationHold Delayholdapplied and Managed Folder Assistant
Hello All, I have a set of mailboxes with LitigationHoldEnabled = True, and I need to remove Litigation Hold from them. My understanding is that after I remove Litigation Hold from an Exchange Online mailbox, the next time the Managed Folder Assistant (MFA) processes the mailbox, it will detect the hold removal and then set DelayHoldApplied = True. This begins the 30-day delay hold period. My question is: Will any retention policies delete data in the time window between removing Litigation Hold and the moment MFA processes the mailbox and sets DelayHoldApplied = True My understanding is "Even though DelayHoldApplied is not yet visible (or True) before MFA processes it, Exchange Online automatically protects the mailbox from deletions immediately after hold removal, before MFA applies Delay Hold" I want to ensure that no data is deleted during this transitional period. Kindly advice with supporting article if possible. Regards AfsarRetention policy for Teams chat not working
Hello All, I have created a Teams chat retention policy under data lifecycle management, it is for 1 month retention. However It is not working, the message older then 1 month are still appearing in chat. Please let me know if I have missed any specific setting in the policy or any prerequisite. I have typically waited for more than 7 days after the 30 days of retention.What is Enforcement mode in Activity Explorer
Hello Everyone, In Microsoft purview DLP policy activity explorer, there is field called "Enforcement mode" I see there are entries like Warn, WarnAndBypass and Audit and some blanks. I want to know whether WarnAndBypass gets triggered only for Endpoint workload or it also shows when somebody tries to block with override from Exchange online and SharePoint OneDrive. I have sent sensitive data to test using exchange and override with justification, I do not see any entry with WarnandBypass. Is there any detailed article on this from Microsoft if it is their it will really helpful. ThanksRecommend value not showing under "How applied" Field of activity explorer
Hello All I have the need to monitor how users use the feature that recommends them the application of a specific label in Office Apps (this feature is configured in the specific Sensitivity Label with the "Auto-labeling for files and emails" and recommending users to apply that label). I tried look at the logs generated and appearing in the Activity Explorer. In order to monitor what mentioned above, I tried to filter with Activity "Label Applied" and in "How applied" field I am looking for "Recommended" it is not available, instead I am getting only following options "None", "Auto" and "Manual". Is "Recommended" Value not under "How Applied" Field?Creating content scan jobs in microsoft purview information protection scanner using powershell
Hello Everyone Please let me know what method available to create content scan jobs and add repositories in automated way? Is there any PowerShell method? I do not see commands available to create content scan jobs in Microsoft purview information protection scanner. Thank you in anticipationMicrosoft purview information protection for on-premise exchange , sharepoint and Fileservers
Hello All I have e5 licenses but not using any of the online services in M365 such as exchange online, sharepoint online. I want to use Microsoft purview information protection to protect data in on-premise exchange, SharePoint and File servers. also want to use information protection scanner to classify the date location in on-premise file servers. Do I need to follow any special instructions? Does RMS connector is essential in this case? I have one more query, in the same environment user are using Microsoft 365 Apps for enterprise and users are synced to Entra ID. Five users are able to see the encryption templates in outlook, however all other users are not, it is not controlled through labels for sure. is there any other place where we can check if the 5 users are added ? Thank youSharepoint online override behaviour
Hello All What is actual behavior of sharing a file that is blocked in SharePoint online. My policy allows override after blocking. Once I override the policy, the block symbol gets disappeared. However once i share it to the external recipient after 10 or 20 seconds it is getting blocked and block symbol is appearing. The recipient whom I have shared the file are not getting access denied error. How long the override stays for a user, once we override the file in SharePoint? Kindly provide your feedbackBlocking download of a file in SharePoint with a specific label
Hello Everyone, I have a sharepoint site with many files, there are few files I have labeled as "Internal", "client" and "Important". I want block the download of files that has "Important" Label. I have create the session policy in defender for cloud apps using conditional access app control. However the policy is not taking effect. In conditional access policy, I have selected the app as sharepoint online and in session control I have selected "Use custom Policy" Below is DCA session policy kindly advice. Thank yousharepoint dlp policies not detecting pdf files with label
Hello Everyone, I have a Microsoft purview sharepoint DLP policy with a following condition. I have targeted this to sharepoint online workload and specific site. I have labeled a file using Microsoft purview information protection client in windows explorer and same has been uploaded to sharepoint site(that is in scope of the policy). whenever I am trying to share the pdf file labeled with (confidential / All users encrypted) it is not getting blocked. Please let me know if I am missing something related to sharepoint. Note: There is no encryption settings in label, it is just a name. Conditions Content contains any of these sensitive info types: U.S. Social Security Number (SSN), Credit Card Number, Content contains any of these sensitivity labels: Confidential/All Users (Encrypted) Evaluate predicate for Message or attachment And Content is shared from Microsoft 365 with people outside my organization Actions Notify users with email and policy tips Restrict access to the content for external users Send alerts to Administrator OnDLP Policy with multiple roles.
Hello Everyone, I have a policy with 4 rules. Rule 1 - SSN Personal email M2 If number of SSN instances are 1 to 2 Rule 2 - SSN- up to 2 instances - Not Encypted- Block If number of SSN instances are 1 to 2 SSN greater than 3 block SSN non personal domain Whenever I send mail with SSN and M2 words or phrases in subject or body, I expect rule 1 to trigger. However, rule 2 is triggering and it is blocking without encryption. How to make Rule 1 to work. Kindly advice. Other rules are working. Thank youExact data match hash comparison
Hello Everyone, Please check if this scenario is possible in Exact data match. I have uploaded 3000 rows on week 1, that successfully got hashed and uploaded to the EDM datastore. During week 2, if I upload only 500 rows it should not upload it as number of rows have come down drastically. Have anybody experienced this scenario? any suggestions or advise on this front is much appreciated. ThanksAuto labeling - Data at rest
Hi Team, According to this article, the sensitive information types we select will apply only to content created or modified after these sensitive information types are created or modified. This instruction applies to all custom sensitive information types and any built-in sensitive information types. https://learn.microsoft.com/en-us/purview/apply-sensitivity-label-automatically#how-to-configure-auto-labeling-policies-for-sharepoint-onedrive-and-exchange I am trying to understand if it is for data at rest then this will not help to scan and classify data at rest in sharepoint and onedrive. Please let me know if I am misreading this article or if is it an actual limitation? Thank youDLP workoads
Hello Everyone, I am looking for white paper or document which talks specifically about each workload such as(Exchange online, Endpoint, Onedrive). We have lot of information on docs, However if any one has specific info on DLP workloads, for ex: benefits of targeting each workload and bestpractices for each workload. Thank you
