DLP for Endpoint With Client Windows Local AD Join Notworking ?

Question

Hi Every One

I appreciate your assistance with this issue. The PCs Windows 11 Pro I manage with Intune are not experiencing any problems and are functioning properly. However, there are some PCs that have joined the Local AD where the DLP for endpoints is not working Detect i need know Can Support Client Local AD Join ?

 

Answer 1

Hi @TECHIT SRIWICHAI

Based on the information you provided, it seems that your devices are not hybrid Azure AD joined, and you have onboarded them to Microsoft Endpoint DLP using local scripts. However, you are still experiencing issues with DLP for endpoints.

DLP for endpoints is supported for devices that are not Azure AD joined. However, it is recommended to have your devices hybrid Azure AD joined to ensure efficient enforcement of DLP policies.

Steps to Ensure Proper Configuration:

Verify Onboarding: Ensure that the local script used for onboarding the devices to Microsoft Endpoint DLP has been executed correctly. You can verify onboarding status in the Microsoft 365 compliance center.

Reference link: Onboard Windows devices using a local script

Update Policies: If the policies are not syncing or being enforced, try updating them manually: Open the Microsoft 365 compliance center. Navigate to the Data Loss Prevention section. Ensure that the policies are correctly defined and applied to the appropriate groups or devices.

For more details, please refer: Onboarding Windows 10 or Windows 11 devices

To troubleshoot the issue you are facing, you can start by checking if the DLP policies are configured correctly and if the devices are receiving the policies. You can also check the event logs on the devices to see if there are any errors related to DLP.

I hope this information helps, please do let us know if you have any further queries.

Thank you.