Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,247 questions
DLP Exception based on file properties: not working
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 50%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZB%3C/text%3E%3C/svg%3E)
zied berrima
6
Reputation points
Hello,
I tried to add a DLP exception rule: if the file has the custom attribute DLP=non, the file will be excluded from my DLP policy. I am attaching a screenshot of my policy along with the custom attribute that I added to a test Word document.
.
However, the policy did not work
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 65%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Chandra Boorla 3,460 Reputation points Microsoft Vendor2024-11-14T06:41:41.1066667+00:00 Greetings & Welcome to Microsoft Q&A forum! Thanks for posting your query!
It sounds like you're trying to create a Data Loss Prevention (DLP) exception rule in Microsoft 365 based on a custom file property (i.e., DLP=non), but the rule is not functioning as expected. Here are some troubleshooting steps and suggestions that might help you in resolving the issue.
To ensure that your DLP policy works as intended, you may want to verify the following:
- Ensure that the custom attribute is correctly set and recognized by the DLP policy.
- Check if there are any conflicting rules or conditions in your DLP policy that might override the exception.
- Review the documentation on how DLP policies handle exceptions and ensure that the syntax and logic used in your policy are correct.
Please refer to the below thread links discussing a similar issue, as it may provide you with some useful insights: https://learn.microsoft.com/en-us/answers/questions/1823313/dlp-policy-tip-not-working-with-mail-attachment
I hope this information helps. Please do let us know if you have any further queries.
Thank you.
-
Chandra Boorla 3,460 Reputation points Microsoft Vendor
2024-11-15T04:32:28.8466667+00:00 We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Thank you.
-
zied berrima 6 Reputation points
2024-11-15T13:22:51.51+00:00 problem persist with the good configuration of the custom attribute and dlp policy
-
Chandra Boorla 3,460 Reputation points Microsoft Vendor
2024-11-18T07:14:56.39+00:00 I realize you are encountering issues with the DLP exception rule concerning custom file properties. It appears you have applied the custom attribute DLP=non to your Word document and adjusted your DLP policy accordingly, but it seems it's not working as expected.
Here are some additional considerations that might help you:
Verify Custom Attribute Configuration:
- Check Attribute Setting:
- First, ensure that the custom attribute DLP=non is correctly applied to the document's file properties. You can use the File Properties panel or PowerShell to check if the attribute is indeed set on the document.
- Metadata Sync:
- Make sure the custom metadata or property is properly recognized in Microsoft Purview. Sometimes, metadata or custom properties added through document management tools may not immediately sync with DLP policies unless the document is uploaded to a SharePoint site or OneDrive location that's under management.
DLP Rule Configuration:
- When configuring the DLP policy in Microsoft Purview, ensure you're using the correct condition to check for custom file properties. In DLP policy settings, you may need to specify the "File Properties" or "Sensitive Information Types" conditions appropriately.
- Also, ensure that the rule explicitly checks for the custom property you added (DLP=non). Sometimes, DLP may not automatically recognize custom properties unless specified correctly.
Policy Priority and Conflicts:
- Check if there are any other DLP rules that might be conflicting with your exception rule. Sometimes, other rules with higher priority might override your exception. Review the order of your DLP rules and ensure that the exception rule is correctly positioned.
Logs and Reports:
- After applying the policy, review the DLP incident reports and audit logs to check if the document is being flagged incorrectly or if there are any errors when the policy is applied. These logs can sometimes provide clues on why the exception isn’t being honored.
Testing with Different Files:
- Try applying the custom attribute to a different file type (e.g., Excel, PDF) and see if the exception works with those files. This helps determine if the issue is specific to Word documents.
I hope this information helps. Please do let us know if you have any further queries.
Thank you.
- Check Attribute Setting:
-
zied berrima 6 Reputation points
2024-11-18T08:46:41.8566667+00:00 I checked everything; I even considered that the custom attribute might not be readable by the DLP engine. As a result, I thought about using the comment attribute by adding the string 'dlpnon' to it, but the issue persists.
-
Chandra Boorla 3,460 Reputation points Microsoft Vendor
2024-11-20T01:19:01.5966667+00:00 Apologies for the inconvenience.
I agree that this issue looks strange, and I wasn't able to reproduce this issue. If you have a support plan, could you please file a support ticket for deeper investigation and do share the SR# with us?
Thank you.
-
Chandra Boorla 3,460 Reputation points Microsoft Vendor
2024-11-21T00:53:58.6433333+00:00 We haven’t heard from you on the last response and was just checking back to see if you've had a chance to submit a support ticket. If you have, a reference to the ticket number would be greatly appreciated. This will allow us to track the progress of your request and ensure you receive the most efficient support possible.
Thank you.
Sign in to comment
Sign in to answer