Error in AIP scanner log: MSIP.Scanner (11824) Rule: <DLP Policy Rule Name> contains unsupported action

Andrew VO 146 Reputation points
2023-02-01T23:28:41.31+00:00

Have already opened a SR, but it's not going well so far. Perhaps someone here will have insight!

I've installed two on-prem scanners, which are communicating fine with Azure and the repository. Feel confident the scanner job is configured correctly to work with DLP policy. Enforce = On.

We are doing a very simple test with a DLP policy (configured in Purview) that looks for files with certain sensitivity labels. No action configured, it just emails admin and me. I made sure that the scanner service account is in the scope for the published information protection label policy. Also made sure a few Word documents were out there with the right sensitivity labels checked. The AIP SuperUser role has not been enabled.

This error appears in the scanner log:

Warn     2023-02-01 10:27:32.8691               MSIP.Scanner    MSIP.Scanner (11824) Rule: <DLP Policy Rule> contains unsupported action                        <domain\service account>      7 "Microsoft.InformationProtection.Scanner.ScannerService+<StartScanning>d__42.MoveNext

Microsoft.InformationProtection.Scanner.ScannerService.DownloadDlpPolicy

System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start

Microsoft.InformationProtection.Scanner.ScannerService+<DownloadDlpPolicy>d__34.MoveNext

Microsoft.InformationProtection.Scanner.DLP.DlpPolicy.LoadFromCache

Microsoft.InformationProtection.Scanner.DLP.DlpPolicy..ctor

Microsoft.InformationProtection.Scanner.DLP.DlpSinglePolicy..ctor

Microsoft.InformationProtection.Scanner.DLP.RuleParser.LoadStream

Microsoft.InformationProtection.Scanner.DLP.RuleParser.ParseRules

Microsoft.InformationProtection.Scanner.DLP.RuleParser.ParseRule"

Any insight is greatly appreciated!

Azure Information Protection
Azure Information Protection
An Azure service that is used to control and help secure email, documents, and sensitive data that are shared outside the company.
493 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Givary-MSFT 24,971 Reputation points Microsoft Employee
    2023-02-03T07:41:56.19+00:00

    @Andrew VO I'm glad that you were able to resolve your issue and thank you for posting detailed steps so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Also, send us an email on azcommunity [at] microsoft [dot] com referencing this issue with a subject line "ATTN:Givary" we can connect over email and share the information ( which article needs to be updated ) will work with our content team and have documentation clearly documented for this issue.

    User's image