Set-DlpSensitiveInformationType
This cmdlet is available in on-premises Exchange and in the cloud-based service. Some parameters and settings may be exclusive to one environment or the other.
Use the Set-DlpSensitiveInformationType cmdlet to modify sensitive information type rules that use document fingerprints.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
Set-DlpSensitiveInformationType
[-Identity] <SensitiveInformationTypeIdParameter>
[-Confirm]
[-Description <String>]
[-FileData <Byte[]>]
[-Fingerprints <MultiValuedProperty>]
[-IsExact <Boolean>]
[-Locale <CultureInfo>]
[-Name <String>]
[-Threshold <UInt32>]
[-ThresholdConfig <PswsHashtable>]
[-WhatIf]
[<CommonParameters>] Description
Sensitive information type rule packages are used by data loss prevention (DLP) to detect sensitive content in messages.
You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.
Examples
Example 1
Set-DlpSensitiveInformationType "Contoso Confidential" -Locale fr -Name "Contoso Confidentiel" -Description "Ce message contient des informations confidentielles." -IsDefaultThis example adds a French translation to the existing sensitive information type rule named "Contoso Confidential", and sets this French translation as the default.
Example 2
Set-DlpSensitiveInformationType "Contoso Confidential" -Locale es -Name $null -Description $nullThis example removes the existing Spanish translation from the sensitive information type rule named "Contoso Confidential".
Example 3
$Benefits_Template = [System.IO.File]::ReadAllBytes('C:\My Documents\Contoso Benefits Template.docx')
$Benefits_Fingerprint = New-DlpFingerprint -FileData $Benefits_Template -Description "Contoso Benefits Template"
$Contoso_Confidential = Get-DlpSensitiveInformationType "Contoso Confidential"
$Array = [System.Collections.ArrayList]($Contoso_Confidential.Fingerprints)
$Array.Add($Benefits_FingerPrint[0])
Set-DlpSensitiveInformationType $Contoso_Confidential.Identity -FingerPrints $ArrayThis example modifies the existing sensitive information type rule named "Contoso Confidential" by adding a new document fingerprint for the file C:\My Documents\Contoso Benefits Template.docx without affecting any existing document fingerprints that are already defined.
Example 4
$cc = Get-DlpSensitiveInformationType "Contoso Confidential"
$a = [System.Collections.ArrayList]($cc.Fingerprints)
$a
$a.RemoveAt(0)
Set-DlpSensitiveInformationType $cc.Identity -FingerPrints $aThis example modifies the sensitive information type rule named "Contoso Confidential" by removing an existing document fingerprint without affecting other document fingerprints that are already defined.
The first three commands return the list of document fingerprints in the sensitive information type. The first document fingerprint in the list has the index number 0, the second has the index number 1, and so on. You use the index number to specify the document fingerprint that you want to remove. The last two commands remove the first document fingerprint that's displayed in the list.
Parameters
-Confirm
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
This cmdlet has a built-in pause, so use -Confirm:$false to skip the confirmation.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Description
The Description parameter specifies a description for the sensitive information type rule. You use the Description parameter with the Locale and Name parameters to specify descriptions for the sensitive information type rule in different languages. The localized values of Description appear in the AllLocalizedDescriptions property of the sensitive information type rule.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-FileData
{{ Fill FileData Description }}
| Type: | Byte[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Fingerprints
The Fingerprints parameter specifies the byte-encoded document files that are used as fingerprints by the sensitive information type rule. For instructions on how to import documents to use as templates for fingerprints, see New-DlpFingerprint or the Examples section. For instructions on how to add and remove document fingerprints from an existing sensitive information type rule, see the Examples section.
| Type: | MultiValuedProperty |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Identity
The Identity parameter specifies the sensitive information type rule that you want to modify. You can use any value that uniquely identifies the sensitive information type rule. For example:
- Name
- LocalizedName
- Identity GUID value
| Type: | SensitiveInformationTypeIdParameter |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-IsExact
{{ Fill IsExact Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Locale
The Locale parameter adds or removes languages that are associated with the sensitive information type rule.
Valid input for this parameter is a supported culture code value from the Microsoft .NET Framework CultureInfo class. For example, da-DK for Danish or ja-JP for Japanese. For more information, see CultureInfo Class.
Typically, you use the Locale parameter with the Name and Description parameters to add or remove translated names and descriptions for the sensitive information type rule. You can also use the Locale parameter with the IsDefault switch to designate an existing translated name and description as the default. Before you can remove the default translation, you need to set another translation as the default.
| Type: | CultureInfo |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Name
The Name parameter specifies a name for the sensitive information type rule. The value must be less than 256 characters.
You use the Name parameter with the Locale and Description parameters to specify names for the sensitive information type rule in different languages. The localized values of Name appear in the AllLocalizedNames property of the sensitive information type rule.
The value of the Name parameter is used in the Policy Tip that's presented to users in Outlook on the web. When a translated value of the Name parameter matches the client's language, the Policy Tip is displayed in the client's language. If no translated values of the Name parameter match the client's language, the default translation that's specified by the IsDefault parameter is used for the Policy Tip.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Threshold
{{ Fill Threshold Description }}
| Type: | UInt32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ThresholdConfig
{{ Fill ThresholdConfig Description }}
| Type: | PswsHashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-WhatIf
The WhatIf switch doesn't work in Security & Compliance PowerShell.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for