Share via

Microsoft DLP Policy: User Unable to Copy Multiple Files to Removable Media on Windows 11

Anonymous
2024-12-05T14:00:03+00:00

We are using Microsoft Endpoint Data Loss Prevention (DLP) policies to monitor and control file transfers to removable media and cloud locations. The policy detects and prompts users for justification when files are copied to these destinations.

On a Windows 11 endpoint (managed by Intune, not a hybrid-joined machine), we are encountering an issue where:

  1. A specific user is unable to copy multiple files to removable media. Single files gets copied.
  2. On the first attempt, the Microsoft Malware Protection Command Line Utility (mpcmdrun.exe) prompts the user for justification as expected.
  3. However, subsequent paste attempts repeatedly show the same justification prompt, and no files are actually copied to the removable media.

Additional details:

  • This behavior affects only this user; other users under the same DLP policy scope are unaffected.
  • We have already tried resetting the endpoint multiple times, which temporarily resolves the issue, but the problem recurs after some time.
  • Has anyone encountered this issue with Microsoft DLP policies before?
  • Are there specific troubleshooting steps or logs I should examine to diagnose why the justification prompt is stuck in a loop for this user?
  • Could this be related to the user profile, Intune device configuration, or some local DLP policy caching?

Any insights or suggestions would be greatly appreciated!

Environment Details:

  • OS: Windows 11 Enterprise
  • Device Management: Intune (not hybrid-joined)
  • DLP Policy Type: Microsoft Endpoint Data Loss Prevention (scope = Device)
  • Tool Involved: mpcmdrun.exe (Justification Prompt)
  • Behavior Consistency: User-specific
Microsoft 365 and Office | Install, redeem, activate | For business | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-12-05T15:41:19+00:00

    Hi Rajesh Khanikar,

    Thank you for reaching out to the Microsoft community.

    According to your description, seems like your concern environment is associated with DLP and Microsoft Intune service platform or Device management, I was consulting your thread with my team members, I would like to share some more specific redirection information with you, actually Microsoft has separate community channel resources where our related most valuable professional and community members can provide possible information for certain different support scope resources platform, so would you mind to contacting and placing your concern on our dedicated separate Microsoft Intune Configuration - Microsoft Q&A community channel?

    Actually, this community does not focus Microsoft Intune service platform related concern, but we are mainly focusing pure Microsoft 365 exchange online license subscription and email flow within Office 365 admin center related scenario on this community

    But, there is an another specific channel for your mentioned concern where you may get some possible information for certain specific resources and platform from our related community members.

    I would greatly appreciate your valuable cooperation and valuable time.

    Was this answer helpful?

    0 comments