1,652 questions
DLP Exception based on file properties: not working
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 50%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZB%3C/text%3E%3C/svg%3E)
zied berrima
6
Reputation points
Hello,
I tried to add a DLP exception rule: if the file has the custom attribute DLP=non, the file will be excluded from my DLP policy. I am attaching a screenshot of my policy along with the custom attribute that I added to a test Word document.
.
However, the policy did not work
Microsoft Security | Microsoft Purview
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 65%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator2024-11-14T06:41:41.1066667+00:00 Greetings & Welcome to Microsoft Q&A forum! Thanks for posting your query!
It sounds like you're trying to create a Data Loss Prevention (DLP) exception rule in Microsoft 365 based on a custom file property (i.e., DLP=non), but the rule is not functioning as expected. Here are some troubleshooting steps and suggestions that might help you in resolving the issue.
To ensure that your DLP policy works as intended, you may want to verify the following:
- Ensure that the custom attribute is correctly set and recognized by the DLP policy.
- Check if there are any conflicting rules or conditions in your DLP policy that might override the exception.
- Review the documentation on how DLP policies handle exceptions and ensure that the syntax and logic used in your policy are correct.
Please refer to the below thread links discussing a similar issue, as it may provide you with some useful insights: https://learn.microsoft.com/en-us/answers/questions/1823313/dlp-policy-tip-not-working-with-mail-attachment
I hope this information helps. Please do let us know if you have any further queries.
Thank you.
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-11-15T04:32:28.8466667+00:00 We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Thank you.
-
zied berrima 6 Reputation points
2024-11-15T13:22:51.51+00:00 problem persist with the good configuration of the custom attribute and dlp policy
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-11-18T07:14:56.39+00:00 I realize you are encountering issues with the DLP exception rule concerning custom file properties. It appears you have applied the custom attribute DLP=non to your Word document and adjusted your DLP policy accordingly, but it seems it's not working as expected.
Here are some additional considerations that might help you:
Verify Custom Attribute Configuration:
- Check Attribute Setting:
- First, ensure that the custom attribute DLP=non is correctly applied to the document's file properties. You can use the File Properties panel or PowerShell to check if the attribute is indeed set on the document.
- Metadata Sync:
- Make sure the custom metadata or property is properly recognized in Microsoft Purview. Sometimes, metadata or custom properties added through document management tools may not immediately sync with DLP policies unless the document is uploaded to a SharePoint site or OneDrive location that's under management.
DLP Rule Configuration:
- When configuring the DLP policy in Microsoft Purview, ensure you're using the correct condition to check for custom file properties. In DLP policy settings, you may need to specify the "File Properties" or "Sensitive Information Types" conditions appropriately.
- Also, ensure that the rule explicitly checks for the custom property you added (DLP=non). Sometimes, DLP may not automatically recognize custom properties unless specified correctly.
Policy Priority and Conflicts:
- Check if there are any other DLP rules that might be conflicting with your exception rule. Sometimes, other rules with higher priority might override your exception. Review the order of your DLP rules and ensure that the exception rule is correctly positioned.
Logs and Reports:
- After applying the policy, review the DLP incident reports and audit logs to check if the document is being flagged incorrectly or if there are any errors when the policy is applied. These logs can sometimes provide clues on why the exception isn’t being honored.
Testing with Different Files:
- Try applying the custom attribute to a different file type (e.g., Excel, PDF) and see if the exception works with those files. This helps determine if the issue is specific to Word documents.
I hope this information helps. Please do let us know if you have any further queries.
Thank you.
- Check Attribute Setting:
-
zied berrima 6 Reputation points
2024-11-18T08:46:41.8566667+00:00 I checked everything; I even considered that the custom attribute might not be readable by the DLP engine. As a result, I thought about using the comment attribute by adding the string 'dlpnon' to it, but the issue persists.
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-11-20T01:19:01.5966667+00:00 Apologies for the inconvenience.
I agree that this issue looks strange, and I wasn't able to reproduce this issue. If you have a support plan, could you please file a support ticket for deeper investigation and do share the SR# with us?
Thank you.
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-11-21T00:53:58.6433333+00:00 We haven’t heard from you on the last response and was just checking back to see if you've had a chance to submit a support ticket. If you have, a reference to the ticket number would be greatly appreciated. This will allow us to track the progress of your request and ensure you receive the most efficient support possible.
Thank you.
-
zied berrima 6 Reputation points
2024-11-27T13:17:07.72+00:00 hello,
After searching , i just find something important to do this ( loocking for support also) : when we put the properties of a file in the dlp policy , that mean the property of the location of the file ( sharepoint/oneddrive) not the properties of the word file like i thought in my publication , so by this way , i need to create a custom column in the SPO library where the file is stored , and make this colum as managed and crowled property to give me the possibility to call this property in my dlp policy : file property section
So i need from you a support/steps to make this working : create custim colum and make this custom column crawled in the sharepoint schema
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-12-01T16:30:17.82+00:00 Apologies for the delay in response.
Create a Custom Column in SharePoint Document Library - To start, you will first need to create a custom column in the SharePoint document library where your files are stored.
For additional information please refer: Create a column in a list or library
Ensure the Custom Column is Crawled in the SharePoint Search Schema - Once you've created the custom column, you need to make sure that it's crawled and indexed by SharePoint so that it can be used in Microsoft Purview DLP policies. To use the custom column in Microsoft Purview DLP policies, it must be indexed and exposed as a managed property in the SharePoint search schema.
For more details please refer: Create a new managed property
Configure the DLP Policy Using the Custom Column - Once your custom column is crawled and indexed, you can now use it in Microsoft Purview DLP policies.
For details, please refer: Policy creation scenarios
Key Considerations:
- Crawl Time - Full crawls can take several hours, especially if you're indexing large amounts of data, so please be patient.
- Managed Property Settings - Ensure that the managed property is marked as Searchable and Queryable in the schema to be usable in your DLP policies.
- Scope of DLP Policy - Ensure your DLP policy is targeting the correct SharePoint document library where your custom column is located.
I hope this information helps.
Thank you.
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-12-02T09:58:10.4666667+00:00 We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
-
Chandra Boorla 14,685 Reputation points Microsoft External Staff Moderator
2024-12-03T01:04:37.4833333+00:00 Following up to see on the last response and was just checking back to see if you have a resolution yet. In case if you have any resolution, please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Clément BETACORNE 2,496 Reputation points2024-12-03T14:03:15.7933333+00:00 Hi Zied,
I tried on my tenant a configuration with custom attribute into a DLP policy for Exchange Online and it works.
Regards,
Sign in to comment
Sign in to answer