Updates from: 07/03/2021 03:10:03
Category Microsoft Docs article Related commit history on GitHub Change details
admin Remove Former Employee Step 7 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/remove-former-employee-step-7.md
If you're using Azure Active Directory, see the [Remove-MsolUser](/powershell/mo
## What you need to know about terminating an employee's email session Here's information about how to get an employee out of email (Exchange).
-
-|||
+
+<br>
+
+****
+
+|What you can do|How you do it|
|:--|:--|
-|**What you can do** <br/> |**How you do it** <br/> |
-|Terminate a session (such as Outlook on the web, Outlook, Exchange active sync, etc.) and force to open a new session <br/> |Reset password <br/> |
-|Terminate a session and block access to future sessions (for all protocols) <br/> |Disable the account. For example, (in the Exchange admin center or using PowerShell): <br/> `Set-Mailbox user@contoso.com -AccountDisabled:$true` <br/> |
-|Terminate the session for a particular protocol (such as ActiveSync) <br/> |Disable the protocol. For example, (in the Exchange admin center or using PowerShell): <br/> `Set-CASMailbox user@contoso.com -ActiveSyncEnabled:$false` <br/> |
+|Terminate a session (such as Outlook on the web, Outlook, Exchange active sync, etc.) and force to open a new session|Reset password|
+|Terminate a session and block access to future sessions (for all protocols)|Disable the account. For example, (in the Exchange admin center or using PowerShell): <p> `Set-Mailbox user@contoso.com -AccountDisabled:$true`|
+|Terminate the session for a particular protocol (such as ActiveSync)|Disable the protocol. For example, (in the Exchange admin center or using PowerShell): <p> `Set-CASMailbox user@contoso.com -ActiveSyncEnabled:$false`|
+|
The above operations can be done in three places:
-|||
-|:--|:--|
-|**If you terminate the session here** <br/> |**How long it takes** <br/> |
-|In the Exchange admin center or using PowerShell <br/> |Expected delay is within 30 min <br/> |
-|In the Azure Active Directory admin center <br/> |Expected delay is 60 min <br/> |
-|In an on-premises environment <br/> |Expected delay is 3 hours or more <br/> |
+<br>
+
+****
+
+|If you terminate the session here|How long it takes|
+|||
+|In the Exchange admin center or using PowerShell|Expected delay is within 30 min|
+|In the Azure Active Directory admin center|Expected delay is 60 min|
+|In an on-premises environment|Expected delay is 3 hours or more|
+|
### How to get fastest response for account termination
- **Fastest**: Use the Exchange admin center (use PowerShell) or Azure Active Directory admin center. In an on-premises environment, it can take several hours to sync the change through DirSync.
+**Fastest**: Use the Exchange admin center (use PowerShell) or Azure Active Directory admin center. In an on-premises environment, it can take several hours to sync the change through DirSync.
- **Fastest for a user with presence on-premises and in the Exchange Datacenter**: Terminate the session using Azure Active Directory admin center/Exchange admin center AND make the change in the on-premises environment as well. Otherwise, the change in Azure Active Directory admin center/Exchange admin center will be overwritten by DirSync.
+**Fastest for a user with presence on-premises and in the Exchange Datacenter**: Terminate the session using Azure Active Directory admin center/Exchange admin center AND make the change in the on-premises environment as well. Otherwise, the change in Azure Active Directory admin center/Exchange admin center will be overwritten by DirSync.
## Related content
admin Remove Former Employee https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/remove-former-employee.md
You need to be a global administrator to complete the steps in this solution.
:::image type="content" source="../../media/delete-user-account.png" alt-text="Screenshot: Steps for removing a former employee from your organization":::
-|||
-|:--|:--|
-|**Step** <br/> |**Why do this** <br/> |
-|[Step 1 - Prevent a former employee from logging in and block access to Microsoft 365 services](remove-former-employee-step-1.md) <br/> |This blocks your former employee from logging in to Microsoft 365 and prevents the person from accessing Microsoft 365 services. <br/> |
-|[Step 2 - Save the contents of a former employee's mailbox](remove-former-employee-step-2.md) <br/> |This is useful for the person who is going to take over the employee's work, or if there is litigation. <br/> |
-|[Step 3 - Forward a former employee's email to another employee or convert to a shared mailbox](remove-former-employee-step-3.md) <br/> |This lets you keep the former employee's email address active. If you have customers or partners still sending email to the former employee's address, this gets them to the person taking over the work. <br/> |
-|[Step 4 - Give another employee access to OneDrive and Outlook data](remove-former-employee-step-4.md) <br/> |If you only remove a user's license but don't delete the account, the content in the user's OneDrive will remain accessible to you even after 30 days. <br/><br/> Before you delete the account, you should give access of their OneDrive and Outlook to another user. After you delete an employee's account, the content in their OneDrive and Outlook is retained for **30** days. During that 30 days, however, you can restore the user's account, and gain access to their content. If you restore the user's account, the OneDrive and Outlook content will remain accessible to you even after 30 days. <br/> |
-|[Step 5 - Wipe and block a former employee's mobile device](remove-former-employee-step-5.md) <br/> |Removes your business data from the phone or tablet. <br/> |
-|[Step 6 - Remove and delete the Microsoft 365 license from a former employee](remove-former-employee-step-6.md) <br/> |When you remove a license, you can assign it to someone else. Or, you can delete the license so you don't pay for it until you hire another person. <br/><br/> When you remove or delete a license, the user's old email, contacts, and calendar are retained for **30 days**, then permanently deleted. If you remove or delete a license but don't delete the account, the content in the user's OneDrive will remain accessible to you even after 30 days. <br/> |
-|[Step 7 - Delete a former employee's user account](remove-former-employee-step-7.md) <br/> |This removes the account from your admin center. Keeps things clean. <br/> |
+<br>
+
+****
+
+|Step|Why do this|
+|||
+|[Step 1 - Prevent a former employee from logging in and block access to Microsoft 365 services](remove-former-employee-step-1.md)|This blocks your former employee from logging in to Microsoft 365 and prevents the person from accessing Microsoft 365 services.|
+|[Step 2 - Save the contents of a former employee's mailbox](remove-former-employee-step-2.md)|This is useful for the person who is going to take over the employee's work, or if there is litigation.|
+|[Step 3 - Forward a former employee's email to another employee or convert to a shared mailbox](remove-former-employee-step-3.md)|This lets you keep the former employee's email address active. If you have customers or partners still sending email to the former employee's address, this gets them to the person taking over the work.|
+|[Step 4 - Give another employee access to OneDrive and Outlook data](remove-former-employee-step-4.md)|If you only remove a user's license but don't delete the account, the content in the user's OneDrive will remain accessible to you even after 30 days. <p> Before you delete the account, you should give access of their OneDrive and Outlook to another user. After you delete an employee's account, the content in their OneDrive and Outlook is retained for **30** days. During that 30 days, however, you can restore the user's account, and gain access to their content. If you restore the user's account, the OneDrive and Outlook content will remain accessible to you even after 30 days.|
+|[Step 5 - Wipe and block a former employee's mobile device](remove-former-employee-step-5.md)|Removes your business data from the phone or tablet.|
+|[Step 6 - Remove and delete the Microsoft 365 license from a former employee](remove-former-employee-step-6.md)|When you remove a license, you can assign it to someone else. Or, you can delete the license so you don't pay for it until you hire another person. <p> When you remove or delete a license, the user's old email, contacts, and calendar are retained for **30 days**, then permanently deleted. If you remove or delete a license but don't delete the account, the content in the user's OneDrive will remain accessible to you even after 30 days.|
+|[Step 7 - Delete a former employee's user account](remove-former-employee-step-7.md)|This removes the account from your admin center. Keeps things clean.|
+|
## Related content
admin Set Password To Never Expire https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/set-password-to-never-expire.md
audience: Admin
localization_priority: Normal--- M365-subscription-management +
+- M365-subscription-management
- Adm_O365 - Adm_TOC
This article explains how to set a password for an individual user to not expire
## Before you begin
-This article is for people who set password expiration policy for a business, school, or nonprofit. To complete these steps, you need to sign in with your Microsoft 365 admin account. [What's an admin account?](../../business-video/admin-center-overview.md).
+This article is for people who set password expiration policy for a business, school, or nonprofit. To complete these steps, you need to sign in with your Microsoft 365 admin account. [What's an admin account?](../../business-video/admin-center-overview.md).
You must be an [global admin or password administrator](about-admin-roles.md) to perform these steps.
-A global admin for a Microsoft cloud service can use the [Azure Active Directory PowerShell for Graph](/powershell/azure/active-directory/install-adv2?view=azureadps-2.0) to set passwords not to expire for specific users. You can also use [AzureAD](/powershell/module/Azuread) cmdlets to remove the never-expires configuration or to see which user passwords are set to never expire.
+A global admin for a Microsoft cloud service can use the [Azure Active Directory PowerShell for Graph](/powershell/azure/active-directory/install-adv2) to set passwords not to expire for specific users. You can also use [AzureAD](/powershell/module/Azuread) cmdlets to remove the never-expires configuration or to see which user passwords are set to never expire.
This guide applies to other providers, such as Intune and Microsoft 365, which also rely on Azure AD for identity and directory services. Password expiration is the only part of the policy that can be changed.
This guide applies to other providers, such as Intune and Microsoft 365, which a
## How to check the expiration policy for a password
-For more information about the Get-AzureADUser command in the AzureAD module, see the reference article [Get-AzureADUser](/powershell/module/Azuread/Get-AzureADUser?view=azureadps-2.0).
+For more information about the Get-AzureADUser command in the AzureAD module, see the reference article [Get-AzureADUser](/powershell/module/Azuread/Get-AzureADUser).
Run one of the following commands:
Run one of the following commands:
Get-AzureADUser -ObjectId userUPN@contoso.com | Select-Object UserprincipalName,@{ N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"} }
- ```
+ ```
- To see the **Password never expires** setting for all users, run the following cmdlet:
Run one of the following commands:
Get-AzureADUser -All $true | Select-Object UserprincipalName,@{ N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"} } | ConvertTo-Html | Out-File $env:userprofile\Desktop\ReportPasswordNeverExpires.html
- ```
+ ```
- To get a report of all the users with PasswordNeverExpires in CSV on the desktop of the current user with name **ReportPasswordNeverExpires.csv**
admin Strong Password https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/strong-password.md
You must also connect to Microsoft 365 with PowerShell.
[How to connect to Microsoft 365 with PowerShell](/office365/enterprise/powershell/connect-to-office-365-powershell#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell)
-[More information on PowerShell MsolUser commands](/powershell/module/msonline/set-msoluser?view=azureadps-1.0)
+[More information on PowerShell MsolUser commands](/powershell/azure/active-directory/install-adv2)
-[More information on password policy](/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts)
+[More information on password policy](/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts)
admin About The Admin Center https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/about-the-admin-center.md
If you found this video helpful, check out the [complete training series for sma
## Admin center features and settings Here are the features and settings you'll find in the left-hand navigation of the admin center. Learn more about admin tasks in [admin help](../../business-video/admin-center-overview.md).
-
-| Menu | What it's for |
+
+<br>
+
+****
+
+|Menu|What it's for|
|--|--|
-|**Home** <br/> |This is the landing page in the admin center. You'll see where to manage users, billing, service health, and reports. <br/> |
-|**Users** <br/> |Create and manage users in your organization, like employees or students. You can also set their permission level or reset their passwords. <br/> |
-|**Groups** <br/> |Create and manage groups in your organization, such as a Microsoft 365 group, distribution group, security group, or shared mailbox. Learn how to [create](../create-groups/create-groups.md) and [manage](../create-groups/manage-groups.md) groups. <br/> |
-|**Resources** <br/> |Create and manage resources, like a SharePoint site collection. Learn how to [create site collections](/sharepoint/create-site-collection). <br/> |
-|**Billing** <br/> |View, purchase, or cancel subscriptions for your organization. View past billing statements or view the number of assigned licenses to individual users. Learn how to [manage billing](../../commerce/index.yml). <br/> |
-|**Support** <br/> | View existing service requests or create new ones. Learn more in [Contact support for business products - Admin Help](../../business-video/get-help-support.md). |
-|**Settings** <br/> |Manage global settings for apps like email, sites, and the Office suite. Change your password policy and expiration date. Add and update domain names like contoso.com. Change your organization profile and release preferences. And choose whether partners can access your admin center. <br/> |
-|**Setup** <br/> |Manage existing domains, turn on and manage multi-factor authentication, manage admin access, migrate user mailboxes to Office 365, manage feature updates, and help users install their Office apps. |
-|**Reports** <br/> |See at a glance how your organization is using Microsoft 365 with detailed reports on email use, Office activations, and more. Learn how to use the new [activity reports](../activity-reports/activity-reports.md). <br/> |
-|**Health** <br/> |View health at a glance. You can also check out more details and the health history. See [How to check service health](../../enterprise/view-service-health.md) and [How to check Windows release health](/windows/deployment/update/check-release-health) for more information. ΓÇï <br/><br/>Use Message center to keep track of upcoming changes to features and services. We post announcements there with information that helps you plan for change and understand how it may affect users. Get more details in [Message center](../manage/message-center.md). <br/> |
-|**Admin centers** <br/> |Open separate admin centers for Exchange, Skype for Business, SharePoint, Yammer, and Azure AD. Each admin center includes all available settings for that service. <br/> For example, in the Exchange admin center, set up and manage email, calendars, distribution groups, and more. In the SharePoint admin center, create and manage site collections, site settings, and OneDrive for Business. In the Skype for Business admin center, set up instant messaging notifications, dial-in conferencing, and online presence. <br/> Learn more about the [Exchange admin center](/exchange/exchange-admin-center) and [SharePoint Admin Center](/sharepoint/sharepoint-online).<br/> **Note:** The admin centers available to you depend on your plan and region. |
-
+|**Home**|This is the landing page in the admin center. You'll see where to manage users, billing, service health, and reports.|
+|**Users**|Create and manage users in your organization, like employees or students. You can also set their permission level or reset their passwords.|
+|**Groups**|Create and manage groups in your organization, such as a Microsoft 365 group, distribution group, security group, or shared mailbox. Learn how to [create](../create-groups/create-groups.md) and [manage](../create-groups/manage-groups.md) groups.|
+|**Resources**|Create and manage resources, like a SharePoint site collection. Learn how to [create site collections](/sharepoint/create-site-collection).|
+|**Billing**|View, purchase, or cancel subscriptions for your organization. View past billing statements or view the number of assigned licenses to individual users. Learn how to [manage billing](../../commerce/index.yml).|
+|**Support**|View existing service requests or create new ones. Learn more in [Contact support for business products - Admin Help](../../business-video/get-help-support.md).|
+|**Settings**|Manage global settings for apps like email, sites, and the Office suite. Change your password policy and expiration date. Add and update domain names like contoso.com. Change your organization profile and release preferences. And choose whether partners can access your admin center.|
+|**Setup**|Manage existing domains, turn on and manage multi-factor authentication, manage admin access, migrate user mailboxes to Office 365, manage feature updates, and help users install their Office apps.|
+|**Reports**|See at a glance how your organization is using Microsoft 365 with detailed reports on email use, Office activations, and more. Learn how to use the new [activity reports](../activity-reports/activity-reports.md).|
+|**Health**|View health at a glance. You can also check out more details and the health history. See [How to check service health](../../enterprise/view-service-health.md) and [How to check Windows release health](/windows/deployment/update/check-release-health) for more information. <p>Use Message center to keep track of upcoming changes to features and services. We post announcements there with information that helps you plan for change and understand how it may affect users. Get more details in [Message center](../manage/message-center.md).|
+|**Admin centers**|Open separate admin centers for Exchange, Skype for Business, SharePoint, Yammer, and Azure AD. Each admin center includes all available settings for that service. <p> For example, in the Exchange admin center, set up and manage email, calendars, distribution groups, and more. In the SharePoint admin center, create and manage site collections, site settings, and OneDrive for Business. In the Skype for Business admin center, set up instant messaging notifications, dial-in conferencing, and online presence. <p> Learn more about the [Exchange admin center](/exchange/exchange-admin-center) and [SharePoint Admin Center](/sharepoint/sharepoint-online). <p> **Note:** The admin centers available to you depend on your plan and region.|
+|
+ ## Common tasks in the admin center - Manage users: [Add users and assign licenses at the same time](../add-users/add-users.md), [Delete or restore users](../add-users/delete-a-user.md), or [Reset a user's password](../add-users/reset-passwords.md).
admin Change Nameservers At Any Domain Registrar https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/change-nameservers-at-any-domain-registrar.md
audience: Admin
localization_priority: Normal-+ - M365-subscription-management - Adm_O365 - Adm_TOC - Adm_O365_Setup-+ - okr_smb - AdminSurgePortfolio search.appverid:
description: "Learn how to add and set up your domain in Microsoft 365 so that y
# Change nameservers to set up Microsoft 365 with any domain registrar
- **[Check the Domains FAQ](../setup/domains-faq.yml)** if you don't find what you're looking for.
-
+ **[Check the Domains FAQ](../setup/domains-faq.yml)** if you don't find what you're looking for.
+ Follow these instructions to add and set up your domain in Microsoft 365 so your services like email and Teams will use your own domain name. To do this, you'll verify your domain, and then change your domain's nameservers to Microsoft 365 so the correct DNS records can be set up for you. Follow these steps if the following statements describe your situation:
-
+ - You have your own domain and want to set it up to work with Microsoft 365.
-
+ - You want Microsoft 365 to manage your DNS records for you. (If you prefer, you can [manage your own DNS records](../setup/add-domain.md).)
-
+ ## Add a TXT or MX record for verification > [!NOTE]
-> You will create only one or the other of these records. TXT is the preferred record type, but some DNS hosting providers don't support it, in which case you can create an MX record instead.
-
+> You will create only one or the other of these records. TXT is the preferred record type, but some DNS hosting providers don't support it, in which case you can create an MX record instead.
+ Before you use your domain with Microsoft 365, we have to make sure that you own it. Your ability to log in to your account at your domain registrar and create the DNS record proves to Microsoft 365 that you own the domain.
-
+ > [!NOTE]
-> This record is used only to verify that you own your domain; it doesn't affect anything else. You can delete it later, if you like.
-
+> This record is used only to verify that you own your domain; it doesn't affect anything else. You can delete it later, if you like.
+ ### Find the area on your DNS hosting provider's website where you can create a new record 1. Sign in to your DNS hosting provider's website.
-
+ 2. Choose your domain.
-
+ 3. Find the page where you can edit DNS records for your domain.
-
+ ### Create the record Depending on whether you are creating a TXT record or an MX record, do one of the following:
-
+ **If you create a TXT record, use these values:**
-
-|Record type<br/> |Alias or host name <br/> |Value <br/> |TTL<br/> |
-|:--|:--|:--|:--|
-|TXT <br/> |Do one of the following: Type **@** or leave the field empty or type your domain name. <br/> > [!NOTE]> Different DNS hosts have different requirements for this field.
-|MS=ms *XXXXXXXX* <br/>**Note:** This is an example. Use your specific **Destination or Points to Address** value here, from the table in Microsoft 365. [How do I find this?](../get-help-with-domains/information-for-dns-records.md) |Set this value to **1 hour** or to the equivalent in minutes ( **60** ), seconds ( **3600** ), etc. <br/> |
-
+<br>
+
+****
+
+|Record type|Alias or host name|Value|TTL|
+|||||
+|TXT|Do one of the following: Type **@** or leave the field empty or type your domain name. <p> **Note**: Different DNS hosts have different requirements for this field.|MS=ms *XXXXXXXX* <p> **Note:** This is an example. Use your specific **Destination or Points to Address** value here, from the table in Microsoft 365. [How do I find this?](../get-help-with-domains/information-for-dns-records.md)|Set this value to **1 hour** or to the equivalent in minutes ( **60** ), seconds ( **3600** ), etc.|
+|||||
+ **If you create an MX record, use these values:**
-
+
+<br>
+
+****
+ |Record type|Alias or host name|Value|Priority|TTL|
-|:--|:--|:--|:--|:--|
-|MX|Type either **@** or your domain name. |MS=ms *XXXXXXXX* **Note:** This is an example. Use your specific **Destination or Points to Address** value here, from the table in Microsoft 365. [How do I find this?](../get-help-with-domains/information-for-dns-records.md) |For **Priority**, to avoid conflicts with the MX record used for mail flow, use a lower priority than the priority for any existing MX records. For more information about priority, see [What is MX priority?](../setup/domains-faq.yml) |Set this value to **1 hour** or to the equivalent in minutes ( **60** ), seconds ( **3600** ), etc. |
-
+||||||
+|MX|Type either **@** or your domain name. |MS=ms *XXXXXXXX* **Note:** This is an example. Use your specific **Destination or Points to Address** value here, from the table in Microsoft 365. [How do I find this?](../get-help-with-domains/information-for-dns-records.md)|For **Priority**, to avoid conflicts with the MX record used for mail flow, use a lower priority than the priority for any existing MX records. For more information about priority, see [What is MX priority?](../setup/domains-faq.yml)|Set this value to **1 hour** or to the equivalent in minutes ( **60** ), seconds ( **3600** ), etc.|
+||||||
+ ### Save the record Now that you've added the record at your domain registrar's site, you'll go back to Microsoft 365 and request Microsoft 365 to look for the record.
-
+ When Microsoft 365 finds the correct TXT record, your domain is verified.
-
1. In the admin center, go to the **Settings** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=834818" target="_blank">Domains</a> page.
-
-2. On the **Domains** page, select the domain that you are verifying.
-
-
+
+2. On the **Domains** page, select the domain that you are verifying.
+ 3. On the **Setup** page, select **Start setup**.
-
-
+ 4. On the **Verify domain** page, select **Verify**.
-
+ > [!NOTE]
-> Typically it takes about 15 minutes for DNS changes to take effect. However, it can occasionally take longer for a change you've made to update across the Internet's DNS system. If you're having trouble with mail flow or other issues after adding DNS records, see [Troubleshoot issues after changing your domain name or DNS records](../get-help-with-domains/find-and-fix-issues.md).
-
+> Typically it takes about 15 minutes for DNS changes to take effect. However, it can occasionally take longer for a change you've made to update across the Internet's DNS system. If you're having trouble with mail flow or other issues after adding DNS records, see [Troubleshoot issues after changing your domain name or DNS records](../get-help-with-domains/find-and-fix-issues.md).
+ ## Change your domain's nameserver (NS) records When you get to the last step of the domains setup wizard in Microsoft 365, you have one task remaining. To set up your domain with Microsoft 365 services, like email, you change your domain's nameserver (or NS) records at your domain registrar to point to the Microsoft 365 primary and secondary nameservers. Then, because Microsoft 365 hosts your DNS, the required DNS records for your services are set up automatically for you. You can update the nameserver records yourself by following the steps your domain registrar may provide in the help content at their website. If you're not familiar with DNS, contact support at the domain registrar. ::: moniker range="o365-worldwide"
-
+ To change your domain's nameservers at your domain registrar's website yourself, follow these steps:
-
+ 1. Find the area on the domain registrar's website where you can change the nameservers for your domain or an area where you can use custom nameservers.
-
+ 2. Create nameserver records, or edit the existing nameserver records to match the following values: - First nameserver: ns1.bdm.microsoftonline.com - Second nameserver: ns2.bdm.microsoftonline.com - Third nameserver: ns3.bdm.microsoftonline.com - Fourth nameserver: ns4.bdm.microsoftonline.com
-
-
+ > [!TIP]
- > It's best to add all four records, but if your registrar only supports two, add **ns1.bdm.microsoftonline.com** and **ns2.bdm.microsoftonline.com**.
-
+ > It's best to add all four records, but if your registrar only supports two, add **ns1.bdm.microsoftonline.com** and **ns2.bdm.microsoftonline.com**.
+ 3. Save your changes.
-
+ > [!CAUTION]
-> When you change your domain's NS records to point to the Microsoft 365 nameservers, all the services that are currently associated with your domain are affected. If you skipped any steps of the wizard, such as adding email addresses, or if you're using your domain for blogs, shopping carts, or other services, there are additional steps that are required. Otherwise this change could result in service downtime, such as lack of email access or your current website being inaccessible.
+> When you change your domain's NS records to point to the Microsoft 365 nameservers, all the services that are currently associated with your domain are affected. If you skipped any steps of the wizard, such as adding email addresses, or if you're using your domain for blogs, shopping carts, or other services, there are additional steps that are required. Otherwise this change could result in service downtime, such as lack of email access or your current website being inaccessible.
::: moniker-end ::: moniker range="o365-21vianet"
-
+ 1. Find the area on the domain registrar's website where you can edit the nameservers for your domain.
-
+ 2. Create two nameserver records, or edit the existing nameserver records to match the following values: - First nameserver: ns1.dns.partner.microsoftonline.cn - Second nameserver: ns2.dns.partner.microsoftonline.cn
-
+ > [!TIP]
- > You should use at least two nameserver records. If there are any other nameservers listed, you can either delete them, or change them to **ns3.dns.partner.microsoftonline.cn** and **ns4.dns.partner.microsoftonline.cn**.
-
+ > You should use at least two nameserver records. If there are any other nameservers listed, you can either delete them, or change them to **ns3.dns.partner.microsoftonline.cn** and **ns4.dns.partner.microsoftonline.cn**.
+ 3. Save your changes.
-
+ > [!CAUTION]
-> When you change your domain's NS records to point to the Office 365 operated by 21Vianet nameservers, all the services that are currently associated with your domain are affected. If you skipped any steps of the wizard, such as adding email addresses, or if you're using your domain for blogs, shopping carts, or other services, there are additional steps that are required. Otherwise this change could result in service downtime, such as lack of email access or your current website being inaccessible.
+> When you change your domain's NS records to point to the Office 365 operated by 21Vianet nameservers, all the services that are currently associated with your domain are affected. If you skipped any steps of the wizard, such as adding email addresses, or if you're using your domain for blogs, shopping carts, or other services, there are additional steps that are required. Otherwise this change could result in service downtime, such as lack of email access or your current website being inaccessible.
::: moniker-end
-
+ For example, here are some additional steps that might be required for email and website hosting:
-
+ - Move all email addresses that use your domain to Microsoft 365 before you change your NS records.
-
+ - Want to add a domain that's currently used with a website address, like www.fourthcoffee.com? You can take below steps while you add the domain to keep its website hosted where the site is hosted now so people can still get to the website after you change the domain's NS records to point to Microsoft 365. 1. In the admin center, go to the **Settings** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=834818" target="_blank">Domains</a> page.
For example, here are some additional steps that might be required for email and
2. On the **Domains** page, select a domain. 3. On the domain details page, select the **DNS records** tab.
-
+ 4. Select **Add record**. 5. In the **Add a custom DNS record** pane, from the **Type** dropdown list, select **A (Address)**.
For example, here are some additional steps that might be required for email and
6. In the **Host name or Alias** box, type **@**. 7. In the **IP Address** box, type the static IP address for the website where it's currently hosted. For example, 172.16.140.1.
-
-> [!IMPORTANT]
-> This must be a _static_ IP address for the website, not a _dynamic_ IP address. To make sure you can get a static IP address for your public website, check with the site that hosts your website.
-
+
+ > [!IMPORTANT]
+ > This must be a _static_ IP address for the website, not a _dynamic_ IP address. To make sure you can get a static IP address for your public website, check with the site that hosts your website.
+ 8. If you want to change the TTL setting for the record, select a new length of time from the **TTL** dropdown list. Otherwise, continue to step 9.
-
-9. Select **Save**.
-
+
+9. Select **Save**.
+ In addition, you can create a CNAME record to help customers find your website.
-
-1. Select **Add record**.
-3. In the **Add a custom DNS record** pane, from the **Type** dropdown list, select **CNAME (Alias)**.
-4. In the **Host name or Alias** box, type **www**.
-5. In the **Points to address** box, type the fully qualified domain name (FQDN) for your website. For example, **contoso.com**.
-6. If you want to change the TTL setting for the record, select a new length of time from the **TTL** dropdown list. Otherwise, continue to step 6.
-7. Select **Save**.
+1. Select **Add record**.
+2. In the **Add a custom DNS record** pane, from the **Type** dropdown list, select **CNAME (Alias)**.
+3. In the **Host name or Alias** box, type **www**.
+4. In the **Points to address** box, type the fully qualified domain name (FQDN) for your website. For example, **contoso.5om**.
+5. If you want to change the TTL setting for the record, select a new length of time from the **TTL** dropdown list. Otherwise, continue to step 6.
+6. Select **Save**.
After the nameserver records are updated to point to Microsoft, your domain setup is complete. Email is routed to Microsoft, and traffic to your website address continues to go to your current website host.`
-
+ > [!NOTE]
-> Your nameserver record updates may take up to several hours to update across the Internet's DNS system. Then your Microsoft email and other services will be all set to work with your domain.
-
+> Your nameserver record updates may take up to several hours to update across the Internet's DNS system. Then your Microsoft email and other services will be all set to work with your domain.
+ ## Related content [Add DNS records to connect your domain](create-dns-records-at-any-dns-hosting-provider.md) (article)\
admin Remove A Domain https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/remove-a-domain.md
audience: Admin
localization_priority: Normal-+ - M365-subscription-management - Adm_O365 - Adm_TOC
description: "Learn how to remove an old domain from Microsoft 365 and move user
# Remove a domain
-
- **[Check the Domains FAQ](../setup/domains-faq.yml)** if you don't find what you're looking for.
-
+
+ **[Check the Domains FAQ](../setup/domains-faq.yml)** if you don't find what you're looking for.
+ Are you removing your domain because you want to add it to a different Microsoft 365 subscription plan? Or do you just want to cancel your subscription? You can [change your plan or subscription](../../commerce/subscriptions/switch-to-a-different-plan.md) or [cancel your subscription](../../commerce/subscriptions/cancel-your-subscription.md).
-
+ ### Step 1: Move users to another domain #### Move users
Are you removing your domain because you want to add it to a different Microsoft
::: moniker range="o365-germany"
-1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=848041" target="_blank">admin center</a>.
+1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=848041" target="_blank">admin center</a>.
::: moniker-end ::: moniker range="o365-21vianet"
-1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=850627" target="_blank">admin center</a>.
+1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=850627" target="_blank">admin center</a>.
::: moniker-end
You'll need to do this for yourself, too, if you're on the domain that you want
::: moniker range="o365-germany"
-1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=848041" target="_blank">admin center</a>.
+1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=848041" target="_blank">admin center</a>.
::: moniker-end ::: moniker range="o365-21vianet"
-1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=850627" target="_blank">admin center</a>.
+1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=850627" target="_blank">admin center</a>.
::: moniker-end 2. Go to **Users** \> **Active Users**, and select your account from the list. 3. On the **Account** tab, select **Manage username**, and then choose a different domain.
-
+ 4. At the top, select your account name, then select **Sign Out**. 5. Sign in with the new domain and your same password.
-You can also use PowerShell to move users to another domain. See [Set-MsolUserPrincipalName](/powershell/module/msonline/set-msoluserprincipalname?view=azureadps-1.0&preserve-view=true) for more information. To set the default domain, use [Set-MsolDomain](/powershell/module/msonline/set-msoldomain?view=azureadps-1.0&preserve-view=true).
+You can also use PowerShell to move users to another domain. See [Set-MsolUserPrincipalName](/powershell/module/msonline/set-msoluserprincipalname) for more information. To set the default domain, use [Set-MsolDomain](/powershell/module/msonline/set-msoldomain).
### Step 2: Move groups to another domain
You can also use PowerShell to move users to another domain. See [Set-MsolUserPr
1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=850627" target="_blank">admin center</a>, go to the **Groups** > **Groups** page. ::: moniker-end
-
+ 2. Select the group name, and then on the **General** tab under **Email address, Primary**, select **Edit**. 3. Use the drop-down list to choose another domain.
You can also use PowerShell to move users to another domain. See [Set-MsolUserPr
1. In the admin center, go to the **Setup** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=2007048" target="_blank">Domains</a> page. ::: moniker-end
-
+ 2. On the **Domains** page, select the domain that you want to remove. 3. In the right pane, select **Remove**.
You can also use PowerShell to move users to another domain. See [Set-MsolUserPr
## How long does it take for a domain to be removed? It can take as little as 5 minutes for Microsoft 365 to remove a domain if it's not referenced in a lot of places such as security groups, distribution lists, users, and Microsoft 365 groups. If there are many references that use the domain it can take several hours (a day) for the domain to be removed.
-
-If you have hundreds or thousands of users, use PowerShell to query for all users and then move them to another domain. Otherwise, it's possible for a handful of users to be missed in the UI, and then when you go to remove the domain, you won't be able to and you won't know why. See [Set-MsolUserPrincipalName](/powershell/module/msonline/set-msoluserprincipalname?view=azureadps-1.0&preserve-view=true) for more information. To set the default domain, use [Set-MsolDomain](/powershell/module/msonline/set-msoldomain?view=azureadps-1.0&preserve-view=true).
-
+
+If you have hundreds or thousands of users, use PowerShell to query for all users and then move them to another domain. Otherwise, it's possible for a handful of users to be missed in the UI, and then when you go to remove the domain, you won't be able to and you won't know why. See [Set-MsolUserPrincipalName](/powershell/module/msonline/set-msoluserprincipalname) for more information. To set the default domain, use [Set-MsolDomain](/powershell/module/msonline/set-msoldomain).
+ ## Still need help? ::: moniker range="o365-worldwide" > [!NOTE] > You can't remove the [".onmicrosoft.com"](../setup/domains-faq.yml) domain from your account. When you remove a domain, user accounts will revert back to the ".onmicrosoft.com" address as the Primary SMTP/UserprincipalName.
-
+ Still not working? Your domain might need to be manually removed. [Give us a call](../../business-video/get-help-support.md) and we'll help you take care of it!
-
+ ::: moniker-end ::: moniker range="o365-germany" > [!NOTE] > You can't remove the [".onmicrosoft.de"](../setup/domains-faq.yml) domain from your account. When you remove a domain, user accounts will revert back to the ".onmicrosoft.de" address as the Primary SMTP/UserprincipalName.
-
+ Still not working? Your domain might need to be manually removed. [Give us a call](../../business-video/get-help-support.md?view=o365-germany&preserve-view=true) and we'll help you take care of it!
-
+ ::: moniker-end ::: moniker range="o365-21vianet" > [!NOTE] > You can't remove the [".partner.onmschina.cn"](../setup/domains-faq.yml) domain from your account. When you remove a domain, user accounts will revert back to the ".partner.onmschina.cn" address as the Primary SMTP/UserprincipalName.
-
+ Still not working? Your domain might need to be manually removed. [Give us a call](../../business-video/get-help-support.md?view=o365-21vianet&preserve-view=true) and we'll help you take care of it!
-
+ ::: moniker-end ## Related content
-[Domains FAQ](../setup/domains-faq.yml) (article)\
-[Switch to a different Microsoft 365 for business plan](../../commerce/subscriptions/switch-to-a-different-plan.md) (article)\
-[Cancel your subscription](../../commerce/subscriptions/cancel-your-subscription.md) (article)
+[Domains FAQ](../setup/domains-faq.yml) (article)
+
+[Switch to a different Microsoft 365 for business plan](../../commerce/subscriptions/switch-to-a-different-plan.md) (article)
+
+[Cancel your subscription](../../commerce/subscriptions/cancel-your-subscription.md) (article)
admin Office365 Admin Content Updates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/includes/office365-admin-content-updates.md
| 1/10/2020 | [What happens if I cancel a subscription?](/Office365/Admin/misc/what-happens-if-i-cancel) | modified | | 1/10/2020 | [Why can't I switch Office 365 for business plans?](/Office365/Admin/misc/why-can-t-i-switch-plans) | modified | | 1/10/2020 | [Set up multi-factor authentication for users](/Office365/Admin/security-and-compliance/set-up-multi-factor-authentication) | modified |
-| 1/10/2020 | [Buy or try subscriptions for Office 365 operated by 21Vianet](/Office365/Admin/services-in-china/buy-or-try-subscriptions?view=o365-21vianet) | modified |
+| 1/10/2020 | [Buy or try subscriptions for Office 365 operated by 21Vianet](/Office365/Admin/services-in-china/buy-or-try-subscriptions?view=o365-21vianet&preserve-view=true) | modified |
| 1/10/2020 | [Create DNS records for Office 365 when you manage your DNS records](/Office365/Admin/services-in-china/create-dns-records-when-you-manage-your-dns-records?view=o365-21vianet) | modified |
-| 1/10/2020 | [What's the purpose of the Office 365 CNAME record for MSOID?](/Office365/Admin/services-in-china/purpose-of-cname?view=o365-21vianet) | modified |
-| 1/10/2020 | [Office 365 operated by 21Vianet](/Office365/Admin/services-in-china/services-in-china?view=o365-21vianet) | modified |
+| 1/10/2020 | [What's the purpose of the Office 365 CNAME record for MSOID?](/Office365/Admin/services-in-china/purpose-of-cname?view=o365-21vianet&preserve-view=true) | modified |
+| 1/10/2020 | [Office 365 operated by 21Vianet](/Office365/Admin/services-in-china/services-in-china?view=o365-21vianet&preserve-view=true) | modified |
| 1/10/2020 | [Add a domain to Office 365](/Office365/Admin/setup/add-domain) | modified | | 1/10/2020 | [Create distribution groups in the Microsoft 365 admin center](/Office365/Admin/setup/create-distribution-lists) | modified | | 1/10/2020 | [Domains FAQ](/Office365/Admin/setup/domains-faq) | modified |
admin Message Center https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/message-center.md
You can also use the [Microsoft 365 Admin app](https://go.microsoft.com/fwlink/p
To unsubscribe from Message center emails, see [Unsubscribe from Message center emails](#unsubscribe-from-message-center-emails) in this article.
-
## Frequently asked questions
-|**Question**|**Answer**|
-|:--|:--|
-|Who can view posts in Message center? <br/> |Most users who have been assigned any admin role in Microsoft 365 can view Message center posts. [Here's a list](#admin-roles-that-dont-have-access-to-the-message-center) of admin roles that don't have access to the Message center. You can also assign the Message center reader role to users who should be able to read and share Message center posts without having any other admin privileges.<br/>|
-|Is this the only way Microsoft will communicate changes about Microsoft 365? <br/> |No, but Message center is the primary way we communicate the timing of individual changes in Microsoft 365. See [Stay on top of Microsoft 365 changes](stay-on-top-of-updates.md) for information about additional resources. <br/> |
-|How can I see posts in my language? <br/> |Message center posts are written in English only, but you can control whether, by default, posts are shown in English or are automatically machine-translated to your preferred language. You can also select to machine-translate posts to any language we support. See [Language translation for Message center posts](language-translation-for-message-center-posts.md) for more details. <br/> |
-|Can I preview changes or features before they are rolled-out to my organization? <br/> |Some changes and new features can be previewed by opting in to the Targeted release program. To opt in, in the admin center, go to **Settings** > **Org settings** > **Organization profile** > **Release preferences**. (In the admin center, you may need to select **Show all** at the bottom of the left navigation pane to see **Settings**.) You can choose Targeted release for your entire organization, or just for selected users. See [Standard or Targeted release options in Microsoft 365](release-options-in-office-365.md) for more information about the program. <br/> |
-|Can I find out the exact date a change will be available to my organization? <br/> |Unfortunately, we can't tell you the exact date a change will be made to your organization. In our Message center post, we will give as much information as we can on the timing of the release, based on our confidence level. We're working on improvements to get better with that level of detail. <br/> |
-|Are these messages specific to my organization? <br/> |We do our best to make sure that you only see Message center posts that affect your organization. The Microsoft 365 Roadmap includes all of the features we are currently working on and rolling out, but not all of these features apply to every organization. <br/> |
-|Can I get message center posts emailed instead? <br/> |Yes! You can select to have a weekly digest emailed to you and up to two other email addresses. The emailed weekly digest is turned on by default. If you aren't getting your weekly digests, check your spam folder. See the [Preferences](#preferences) section of this article for more information on how to set up the weekly digest. <br/> |
-|How do I stop getting the Message center digest? <br/> |Go to Message center in the admin center and select **Preferences**. In the **Email** tab, turn off the option to **Send me email notifications from message center**. <br/> |
-|How can I ensure data privacy notifications are received by the right contacts in my organization? <br/> |As a global admin you will receive data privacy messages for your organization. Additionally, you can assign the Message Center Privacy reader role to people who should see data privacy messages. Other admin roles with access to Message Center cannot view data privacy messages. <br/><br/>For more info, see [Preferences](#preferences) in this article.<br/> |
-|Why canΓÇÖt I see a message that was previously there? <br/> |To manage the number of messages within Message center, each message will expire and be removed after a period of time. Generally, messages expire 30 days post the time period outlined in the message body. <br/> |
+<br>
+
+****
+
+|Question|Answer|
+|||
+|Who can view posts in Message center?|Most users who have been assigned any admin role in Microsoft 365 can view Message center posts. [Here's a list](#admin-roles-that-dont-have-access-to-the-message-center) of admin roles that don't have access to the Message center. You can also assign the Message center reader role to users who should be able to read and share Message center posts without having any other admin privileges.|
+|Is this the only way Microsoft will communicate changes about Microsoft 365?|No, but Message center is the primary way we communicate the timing of individual changes in Microsoft 365. See [Stay on top of Microsoft 365 changes](stay-on-top-of-updates.md) for information about additional resources.|
+|How can I see posts in my language?|Message center posts are written in English only, but you can control whether, by default, posts are shown in English or are automatically machine-translated to your preferred language. You can also select to machine-translate posts to any language we support. See [Language translation for Message center posts](language-translation-for-message-center-posts.md) for more details.|
+|Can I preview changes or features before they are rolled-out to my organization?|Some changes and new features can be previewed by opting in to the Targeted release program. To opt in, in the admin center, go to **Settings** > **Org settings** > **Organization profile** > **Release preferences**. (In the admin center, you may need to select **Show all** at the bottom of the left navigation pane to see **Settings**.) You can choose Targeted release for your entire organization, or just for selected users. See [Standard or Targeted release options in Microsoft 365](release-options-in-office-365.md) for more information about the program.|
+|Can I find out the exact date a change will be available to my organization?|Unfortunately, we can't tell you the exact date a change will be made to your organization. In our Message center post, we will give as much information as we can on the timing of the release, based on our confidence level. We're working on improvements to get better with that level of detail.|
+|Are these messages specific to my organization?|We do our best to make sure that you only see Message center posts that affect your organization. The Microsoft 365 Roadmap includes all of the features we are currently working on and rolling out, but not all of these features apply to every organization.|
+|Can I get message center posts emailed instead?|Yes! You can select to have a weekly digest emailed to you and up to two other email addresses. The emailed weekly digest is turned on by default. If you aren't getting your weekly digests, check your spam folder. See the [Preferences](#preferences) section of this article for more information on how to set up the weekly digest.|
+|How do I stop getting the Message center digest?|Go to Message center in the admin center and select **Preferences**. In the **Email** tab, turn off the option to **Send me email notifications from message center**.|
+|How can I ensure data privacy notifications are received by the right contacts in my organization?|As a global admin you will receive data privacy messages for your organization. Additionally, you can assign the Message Center Privacy reader role to people who should see data privacy messages. Other admin roles with access to Message Center cannot view data privacy messages. <br/><br/>For more info, see [Preferences](#preferences) in this article.|
+|Why canΓÇÖt I see a message that was previously there?|To manage the number of messages within Message center, each message will expire and be removed after a period of time. Generally, messages expire 30 days post the time period outlined in the message body.|
+|
## Filter messages
You can select any column heading, except **Service** and **Tags**, to sort mes
Major updates can be reviewed by selecting the **Major update** from the **Tags** drop-down. Major updates are communicated at least 30 days in advance when an action is required and might include:
-
-- ΓÇïChanges to daily productivity such as inbox, meetings, delegations, sharing, and access
+- Changes to daily productivity such as inbox, meetings, delegations, sharing, and access
- Changes to themes, web parts, and other components that may affect customized features- - Increases or decreases to visible capacity such as storage, number of rules, items, or durations- - Changes to product branding that may:- - Cause end user confusion,- - Result in changes to help desk processes and reference material, or- - Change a URL- - A new service or application- - Changes requiring an admin action (exclusive of prevent or fix issues)- - Changes to where your data is stored ### Preferences
If administration is distributed across your organization, you may not want or n
2. Make sure that the toggle is set to **On** for each service that you want to monitor. Use the toggle to change the setting to **Off** for the services you want to filter out of your Message center view.
-3. Digest emails are turned on by default and are sent to your primary email address. To stop receiving the weekly digest, change the **Send a weekly digest of my messages** setting to **Off**.
+3. Digest emails are turned on by default and are sent to your primary email address. To stop receiving the weekly digest, change the **Send a weekly digest of my messages** setting to **Off**.
Email notification for major updates is a separate control. If you want to receive email notices about major updates, verify that **Send me emails for major updates** is **On**. Change the setting to **Off** to stop getting email about major updates.
If administration is distributed across your organization, you may not want or n
You can select or clear your primary email address, but you can't change it. To specify other email addresses to which the weekly email summary is sent, verify that **Send a weekly digest of my messages** is **On**. Enter the email address for a Microsoft 365 group or a distribution list if more than two people should get the digest email.
-4. Select **Save** to keep your changes.<br/>
+4. Select **Save** to keep your changes.
::: moniker-end
If administration is distributed across your organization, you may not want or n
3. Digest emails are turned on by default and are sent to your primary email address. To stop receiving the weekly digest, clear the **Send me email notifications from message center** check box in he **Email tab**.
- You can also enter up to two email addresses, separated by a semicolon. <br><br/>You can also choose the emails you want to get, as well as a weekly digest of services you select.
+ You can also enter up to two email addresses, separated by a semicolon.
+
+ You can also choose the emails you want to get, as well as a weekly digest of services you select.
-4. Select **Save** to keep your changes.<br/>
+4. Select **Save** to keep your changes.
::: moniker-end
Here's a quick overview of the information you'll see in each column.
### Column information
-|**Column**|**Description**|
-|:--|:--|
-|Check mark <br/> |Selecting the check mark in the column heading row will select all messages currently displayed. Selecting the check mark next to one or more messages lets you take action on those messages. <br/> |
-|Message title <br/> |Message titles are brief descriptions of upcoming changes. If the full title doesn't display, hover your cursor over it and the entire title will appear in a pop-up box. <br/> |
-|Service <br/> |Icons indicate the application to which the message applies.<br/> |
-|More options <br/> |More options lets you dismiss a message, mark it as read or unread, or share it with another admin. To restore an archived message, select the **Archive** tab, select the check mark next to the message, and select **Restore**. <br/> |
-|Tags <br/> |You can choose tags from the **Tag** drop-down to filter messages. The available tags are: **Admin impact**, **Major update**, **Data Privacy**, **Feature update**, **New feature**, **Retirement**, and **User impact**. <br/> |
-|Category <br/> | This is not shown by default, but can be specified in the **Choose columns** panel. Messages are identified by one of the following three categories: <br/><br/> **Prevent or fix issues**: Informs you of known issues affecting your organization and may require that you take action to avoid disruptions in service. Prevent or fix issues are different than Service health messages because they prompt you to be proactive to avoid issues. <br/> <br/> **Plan for change**: Informs you of changes to Microsoft 365 that may require you to act to avoid disruptions in service. For example, we'll let you know about changes to system requirements or about features that are being removed. We try to provide at least 30 days' notice of any change that requires an admin to act to keep the service running normally. <br/> <br/> **Stay informed**: Tells you about new or updated features we are turning on in your organization. The features are usually announced first in the [Microsoft 365 Roadmap](https://go.microsoft.com/fwlink/?linkid=2070821). <br/><br/>May also let you know about planned maintenance in accordance with our Service Level Agreement. Planned maintenance may result in down time, where you or your users can't access Microsoft 365, a specific feature, or a service such as email or OneDrive for Business. <br/> |
-|Act by <br/> |We'll only have dates here if we're making a change that requires you to take an action by a certain deadline. Since we rarely use the **Act by** column, if you see something here, you should pay extra attention to it. <br/> |
-|Last updated <br/> |Date that the message was published or last updated. <br/> |
-|Message ID <br/> |Microsoft tracks our Message center posts by message ID. You can refer to this ID if you want to give feedback or if you call Support about a particular message. <br/> |
+<br>
+
+****
+
+|Column|Description|
+|||
+|Check mark|Selecting the check mark in the column heading row will select all messages currently displayed. Selecting the check mark next to one or more messages lets you take action on those messages.|
+|Message title|Message titles are brief descriptions of upcoming changes. If the full title doesn't display, hover your cursor over it and the entire title will appear in a pop-up box.|
+|Service|Icons indicate the application to which the message applies.|
+|More options|More options lets you dismiss a message, mark it as read or unread, or share it with another admin. To restore an archived message, select the **Archive** tab, select the check mark next to the message, and select **Restore**.|
+|Tags|You can choose tags from the **Tag** drop-down to filter messages. The available tags are: **Admin impact**, **Major update**, **Data Privacy**, **Feature update**, **New feature**, **Retirement**, and **User impact**.|
+|Category| This is not shown by default, but can be specified in the **Choose columns** panel. Messages are identified by one of the following three categories: <p> **Prevent or fix issues**: Informs you of known issues affecting your organization and may require that you take action to avoid disruptions in service. Prevent or fix issues are different than Service health messages because they prompt you to be proactive to avoid issues. <p> **Plan for change**: Informs you of changes to Microsoft 365 that may require you to act to avoid disruptions in service. For example, we'll let you know about changes to system requirements or about features that are being removed. We try to provide at least 30 days' notice of any change that requires an admin to act to keep the service running normally. <p> **Stay informed**: Tells you about new or updated features we are turning on in your organization. The features are usually announced first in the [Microsoft 365 Roadmap](https://go.microsoft.com/fwlink/?linkid=2070821). <p> May also let you know about planned maintenance in accordance with our Service Level Agreement. Planned maintenance may result in down time, where you or your users can't access Microsoft 365, a specific feature, or a service such as email or OneDrive for Business.|
+|Act by|We'll only have dates here if we're making a change that requires you to take an action by a certain deadline. Since we rarely use the **Act by** column, if you see something here, you should pay extra attention to it.|
+|Last updated|Date that the message was published or last updated.|
+|Message ID|Microsoft tracks our Message center posts by message ID. You can refer to this ID if you want to give feedback or if you call Support about a particular message.|
+|
### Admin roles that don't have access to the Message center
Need to follow up with another admin to make sure they're aware of a change and
Any message in Message center that is unread will appear in bold. Opening a message marks it as read. You can mark a message as unread. --- On the main page of the message center, select the **More options** ellipses next to a message, and then select **Mark as unread**.
+On the main page of the message center, select the **More options** ellipses next to a message, and then select **Mark as unread**.
You can also open a message and mark it as unread in the details panel.
You can also open a message and mark it as unread in the details panel.
If you see a message that doesn't pertain to you, or maybe you've already acted on it, you can archive the message to remove it from Inbox. The view that you see in the Message center is specific to your user account, so archiving it from your view doesn't affect other admins. There are two ways to archive a message. - On the main page of the Message center, select a message, and then select **Archive** above the list of messages.- - Open the message, and then select **Archive** on the top of the message pane. Need to get an archived message back? No problem. 1. Select the **Archive** tab at the top of the Message center. A list of archived messages appears.
-2. Select the message, select **Restore**, and the message is restored to Inbox.
+1. Select the message, select **Restore**, and the message is restored to Inbox.
## Favorite messages
For an overview of Message center, see [Message center in Microsoft 365](message
1. Digest emails are turned on by default and are sent to your primary email address. To stop receiving the weekly digest, select **Preferences** and then **Email**. - De-select the **Send a weekly digest of my messages** checkbox. - Email notification for major updates is a separate control. If you don't want to receive email notices about major updates, verify that **Send me emails for major updates** checkbox is not selected.
- - To stop receiving email notices about data privacy messages, verify that **Send me emails for data privacy messages** checkbox is not selected. (Data privacy messages are not included in the weekly digest.)
+ - To stop receiving email notices about data privacy messages, verify that **Send me emails for data privacy messages** checkbox is not selected. (Data privacy messages are not included in the weekly digest.)
-2. Select **Save** to keep your changes.<br/>
+2. Select **Save** to keep your changes.
## Related content
admin Set Password Expiration Policy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/set-password-expiration-policy.md
You can set more password policies and restrictions in Azure active directory. C
The Set-MsolPasswordPolicy cmdlet updates the password policy of a specified domain or tenant. Two settings are required; the first is to indicate the length of time that a password remains valid before it must be changed and the second is to indicate the number of days before the password expiration date that will trigger when users will receive their first notification that their password will soon expire.
-To learn how to update password policy for a specific domain or tenant, see [Set-MsolPasswordPolicy](/powershell/module/msonline/set-msolpasswordpolicy?view=azureadps-1.0).
+To learn how to update password policy for a specific domain or tenant, see [Set-MsolPasswordPolicy](/powershell/module/msonline/set-msolpasswordpolicy).
## Related content [Let users reset their own passwords](../add-users/let-users-reset-passwords.md) (article)\
-[Reset passwords](../add-users/reset-passwords.md) (article)
+
+[Reset passwords](../add-users/reset-passwords.md) (article)
admin Use Qr Code Download Outlook https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/use-qr-code-download-outlook.md
In Outlook on the web or other desktop Outlook applications, users may see notif
This feature is on by default. To disable this feature, follow the steps below.
-1. [Connect to Exchange PowerShell](/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps).
+1. [Connect to Exchange PowerShell](/powershell/exchange/connect-to-exchange-online-powershell).
2. Using PowerShell, you can disable the notifications informing your users about the Outlook mobile apps. This also prevents the QR code sign-in flow from being shown. ```powershell
Set-OrganizationConfig -MobileAppEducationEnabled <Boolean>
## Related content [Set up the Standard or Targeted release options](release-options-in-office-365.md) (article)\
-[Set-OrganizationConfig](/powershell/module/exchange/set-organizationconfig?view=exchange-ps) (article)
+[Set-OrganizationConfig](/powershell/module/exchange/set-organizationconfig) (article)
admin Cortana Integration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/cortana-integration.md
description: "Users with valid work or school accounts can get Cortana in Micros
Cortana, your personal productivity assistant, offers AI-powered experiences to save time and focus attention on what matters most. Cortana is designed to deliver features that safely and securely process and reason over Office 365 data like emails, files, chats, etc., to save time, increase efficiency, and enhance your usersΓÇÖ productivity.
-When signed in with valid work or school accounts, users can get cloud-based assistance services with Cortana in Microsoft 365 experiences that meet Office 365ΓÇÖs enterprise-level privacy, security, and compliance promises (ΓÇ£**Cortana enterprise services**ΓÇ¥).
-
+When signed in with valid work or school accounts, users can get cloud-based assistance services with Cortana in Microsoft 365 experiences that meet Office 365ΓÇÖs enterprise-level privacy, security, and compliance promises (ΓÇ£**Cortana enterprise services**ΓÇ¥).
- **Cortana enterprise services include** Cortana in Windows 10 (version 2004 and later), Outlook for iOS and Android, Microsoft Teams mobile apps for iOS and Android and [Microsoft Teams displays](/microsoftteams/devices/teams-displays).
Beginning with Windows 10, version 2004, Cortana is a Universal Windows Platform
Cortana voice assistance in the Teams mobile app and on Microsoft Teams display devices enables Microsoft 365 Enterprise users to streamline communication, collaboration, and meeting-related tasks using spoken natural language. Users can speak to Cortana by selecting the microphone button located in the upper right of the Teams mobile app, or by saying &#8220;Cortana&#8221; in the Microsoft Teams display. To quickly connect with their team hands-free and while on the go, users can say queries such as &#8220;call Megan&#8221; or &#8220;send a message to my next meeting&#8221;. Users can also join meetings by saying &#8220;join my next meeting&#8221; and use voice assistance to share files, check their calendar, and more. These voice assistance experiences are delivered using Cortana enterprise-grade services that fully comply with Office 365's privacy, security, and compliance promises as reflected in the [Online Services Terms (OST)](https://www.microsoft.com/licensing/product-licensing/products).
-**Admin control**
+#### Admin control
Cortana voice assistance will be enabled by default for tenants. Admins can control who in their tenant can use Cortana voice assistance in Teams via a policy (TeamsCortanaPolicy). This policy can be set at either a user account level or tenant level. Admins can also use the CortanaVoiceInvocationMode field within this policy control to determine whether Cortana is disabled, enabled with push button invocation only, or enabled with wake word invocation as well (applicable to devices that support it, like the Microsoft Teams display).
-**User control**
+#### User control
Individual users can try out Cortana voice assistance in the Teams mobile app by clicking on the mic button. They can try out Cortana voice assistance on Microsoft Teams display devices by simply saying &#8220;Cortana.&#8221; They can also control whether Cortana responds to the wake word invocation.
-1. Open Teams mobile
-2. Go to Settings
-3. Select Cortana
-4. Switch the Voice activation toggle
-
+1. Open Teams mobile
+2. Go to Settings
+3. Select Cortana
+4. Switch the Voice activation toggle
[Learn more about Cortana voice assistance in Teams](/microsoftteams/cortana-in-teams)
Play My Emails (as connected to through Outlook mobile) is a voice-driven, hands
Cortana will call out when an email is protected and briefly pause before reading the message to give users enough time to pause playback or skip to the next message. Similar to a private phone call, users should exercise caution when initiating playback in locations where confidential information could potentially be overheard. In these instances, it's recommended that employees of your organization wear headphones in appropriate environments when using Play My Emails in Outlook mobile. - ### How to opt out of Play My Emails Individuals can opt out of Play My Emails using the following steps.
Turn off Cortana access to your organization's Microsoft hosted data
For services governed by the [Microsoft Services Agreement](https://go.microsoft.com/fwlink/p/?LinkId=2109174) andΓÇ»[Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement), Microsoft is the data controller. As the data controller, Microsoft uses data to improve products and services in accordance with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). - ## Related content [Cortana voice assistance in Teams](/microsoftteams/cortana-in-teams) (article)\ [Configure Cortana in Windows 10](/windows/configuration/cortana-at-work/cortana-at-work-overview) (article)\ [What can you do with Play My Emails from Cortana?](https://support.microsoft.com/help/4558256)-
admin Empower Your Small Business With Remote Work https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/empower-your-small-business-with-remote-work.md
For more information, see [Turn on multi-factor authentication](../../business-v
### Secure your devices
-Remotely manage PCs and phones​ and ensure that they are protected and up-to-date. Requires Microsoft 365 Business.
+Remotely manage PCs and phones and ensure that they are protected and up-to-date. Requires Microsoft 365 Business.
For more information, see [Manage devices](../../business-video/secure-win-10-pro-devices.md).
admin Self Service Sign Up https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/self-service-sign-up.md
audience: Admin
localization_priority: Normal--- M365-subscription-management +
+- M365-subscription-management
- Adm_O365-+ - AdminSurgePortfolio - okr_SMB - commerce_signup
Last updated 03/17/2021
# Using self-service sign-up in your organization Self-service sign-up makes it easier for users in your organization to sign up for online services from Microsoft. We call this sign up process "self-service sign-up" because your users can sign up to use services paid by your subscription, or use free services, without asking you to take action on their behalf.
-
+ ## How self-service sign-up works The following example describes how self-sign up works for a school. The same process works for any organization that has self-service programs enabled in their tenant.
-
+ 1. Students and faculty members have school email addresses that indicate they are associated with your institution. For example, the email address jakob@uw.edu may indicate a student at the University of Washington. 2. Students and faculty go to [our web site](https://go.microsoft.com/fwlink/p/?LinkId=536628), and use their email address to sign up for the services that your organization offers, such Microsoft 365 Apps for enterprise. They can also sign up for other free services that we offer. 3. We validate their email address, and then they can start using Microsoft 365, Power BI, or other services right away.
-4. As the business admin, you can see who has signed up for a subscription by selecting the subscription on the **Licensing** page in the Microsoft 365 admin center. This way you can see when there are new or unrecognized licenses for services in your tenant. To control whether users can sign up for self-service subscriptions, use the [Set-MsolCompanySettings](/powershell/module/msonline/set-msolcompanysettings?view=azureadps-1.0&preserve-view=true) PowerShell cmdlet with the **AllowAdHocSubscriptions** parameter. For more information, see [How do I control self-service settings?](/azure/active-directory/users-groups-roles/directory-self-service-signup#how-do-i-control-self-service-settings)
+4. As the business admin, you can see who has signed up for a subscription by selecting the subscription on the **Licensing** page in the Microsoft 365 admin center. This way you can see when there are new or unrecognized licenses for services in your tenant. To control whether users can sign up for self-service subscriptions, use the [Set-MsolCompanySettings](/powershell/module/msonline/set-msolcompanysettings) PowerShell cmdlet with the **AllowAdHocSubscriptions** parameter. For more information, see [How do I control self-service settings?](/azure/active-directory/users-groups-roles/directory-self-service-signup#how-do-i-control-self-service-settings)
## Available self-service programs Following are the currently available self-service programs. This list will be updated as new programs are added.
-
+ | Program <br/> | Description <br/> | Additional Info <br/> | Website for self-service sign-up <br/> | |:--|:--|:--|:--| |****Office 365 A1**** <br/> |Any student or teacher can use a school email address to sign up for free Office 365 and get Office apps for the web, 1 TB of OneDrive cloud storage and SharePoint Online for class, team and project sites. <br/> |[Office 365 Education Technical FAQ](/microsoft-365/education/deploy/office-365-education-self-sign-up) <br/> |[Office 365 Education](https://go.microsoft.com/fwlink/p/?linkid=140841) <br/> |
admin Communication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/productivity/communication.md
audience: Admin
localization_priority: Normal--- M365-subscription-management +
+- M365-subscription-management
- Adm_O365 - Adm_TOC
For more information, see [assign licenses to users](../manage/assign-licenses-t
After people have been active in the above products at least once in the last 28 days, you will start to see the insights.
-## Why your organizationΓÇÖs Communication score matters
+## Why your organizationΓÇÖs Communication score matters
Microsoft understands that people have different communication needs. To get a quick response to a question, you might choose to send an instant message. If you want to send status updates to your leadership, you may choose an email message. To reach a broader audience, you may choose to post a community message. Microsoft 365 enables this flexibility in communication modes to fit everyone's needs. Research shows that using real-time communication tools creates a more unified organization and builds morale, regardless of location.
Microsoft 365 provides people the flexibility to fit everyone's communication st
- Sending messages through Teams - Posting on communities in Yammer
- This key metric is shown as a percentage of all people who are using two or more of Exchange, Teams, or Yammer.
+ This key metric is shown as a percentage of all people who are using two or more of Exchange, Teams, or Yammer.
2. **Body:** Provides more information on how flexibility in the modes of communication is valuable to people in your org.
Microsoft 365 provides people the flexibility to fit everyone's communication st
### Scoring model
-The communication score for your organization measures at an aggregate (organization) level whether people are consistently communicating using multiple modes among email, chat, and community posts over a 28-day window.
+The communication score for your organization measures at an aggregate (organization) level whether people are consistently communicating using multiple modes among email, chat, and community posts over a 28-day window.
Scores are not provided at the individual user level.
We also provide you with information that helps you gain visibility into how you
3. **Visualization:** The breakdown represents the use for each mode. The colored portion and the fraction on each bar represent the number of people sending emails,messages, or community posts as a percentage of number of people enabled for that mode: - **People sending emails:** The colored portion and the fraction represent the percentage of users enabled for Exchange who are sending emails. This fraction is constructed from:
-
+ - **Numerator**: People sending emails in the last 28 days. - **Denominator**: People enabled for Exchange in the last 28 days.
-
+ - **People sending messages in Microsoft Teams:** The colored portion and the fraction represent the percentage of users enabled for Microsoft Teams who are sending messages. This fraction is constructed from:
-
+ - **Numerator**: People sending messages on Microsoft Teams in the last 28 days. - **Denominator**: People enabled for Microsoft Teams in the last 28 days.
-
+ - **People posting in communities:** The colored portion and the fraction represent the percentage of users enabled for Yammer that are posting in communities. This fraction is constructed from:
-
+ - **Numerator:** People posting in Yammer communities in the last 28 days. - **Denominator:** People enabled for Yammer in the last 28 days.
-
+ 4. **View related content:** Select this link to view collated videos, and other related help content. ### @mentions in emails
We also provide you with information that helps you gain visibility into how you
3. **Visualization:** Breaks down the response rate for new email threads based on whether they had @mentions or not: - **Responses to emails with \@mentions:** The colored portion and the fraction represent the response rate for new email threads containing @mentions. This fraction is constructed from:
-
+ - **Numerator:** New email threads containing @mentions that were started and received a response in the last 28 days. - **Denominator:** New email threads containing @mentions that were started in the last 28 days.
-
+ - **Responses to emails without \@mentions:** The colored portion and the fraction represent the response rate for new email threads containing @mentions. This fraction is constructed from:
-
+ - **Numerator:** New email threads that do not contain @mentions, which were started and also received a response in the last 28 days. - **Denominator:** New email threads not containing @mentions that were started in the last 28 days.
-
+ 4. **View related content:** Select this link to view collated videos, and other related help content.
We also provide you with information that helps you gain visibility into how you
3. **Visualization:** Breaks down the use of chat and channel messages: - **People sending chat messages:** The colored portion and the fraction represent the use of chat messages within people who sent messages on Microsoft Teams. The fraction is constructed from:
-
+ - **Numerator:** People who sent chat messages on Microsoft Teams in the last 28 days. - **Denominator:** People who sent messages on Microsoft Teams in the last 28 days.
-
+ - **People sending Channel messages:** The colored portion and the fraction represent the use of channel messages within people sending messages on Microsoft Teams. The fraction is constructed from:
-
+ - **Numerator:** People who sent channel messages on Microsoft Teams in the last 28 days. - **Denominator:** People who sent messages on Microsoft Teams in the last 28 days.
-
+ 4. **View related content:** Select this link to view collated videos, and other related help content. ### Questions and Answers in Yammer 1. **Header:** Highlights the posts marked as questions on Yammer that have received an answer marked as &quot;Best answer&quot; as a percentage of all posts marked as questions on Yammer in the last 28 days.
We also provide you with information that helps you gain visibility into how you
- **Questions:** The colored portion of the bar and associated number represents the total number of posts marked as questions in the last 28 days. - **Questions with answers:** The colored portion of the bar and the associated number represents the number of posts marked as questions and have received answers in the last 28 days. - **Questions with best answers:** The colored portion of the bar and the associated number represents the number of posts that were marked as questions and have also received a &quot;best answer&quot; in the last 28 days.
-
+ 4. **View related content:** Select this link to view collated videos, and other related help content. ## Related content
admin Priority Accounts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/priority-accounts.md
The **Priority account protection** feature that's described in this topic is av
The **Premium Mail Flow Monitoring** feature that's described in this topic is available only to organizations that meet the following requirements: -- Your organization needs to have a license count of at least 10,000, from either one of, or a combination of the following products: Office 365 E3, Microsoft 365 E3, Office 365 E5, Microsoft 365 E5. For example, your organization can have 3000 Office 365 E3 licenses and 8500 Microsoft 365 E5, for a total of 11,500 licenses from the qualifying products.
+- Your organization needs to have a license count of at least 5,000, from either one of, or a combination of the following products: Office 365 E3, Microsoft 365 E3, Office 365 E5, Microsoft 365 E5. For example, your organization can have 3,000 Office 365 E3 licenses and 2,500 Microsoft 365 E5, for a total of 5,500 licenses from the qualifying products.
- Your organization needs to have at least 50 monthly active Exchange Online users. > [!NOTE]
admin Customize Reports https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/usage-analytics/customize-reports.md
audience: Admin
localization_priority: Normal--- M365-subscription-management +
+- M365-subscription-management
- Adm_O365 - Adm_TOC
description: "Learn to customize reports in the browser and Power BI Desktop."
# Customize the reports in Microsoft 365 usage analytics Microsoft 365 usage analytics provides a dashboard in Power BI that offers insights into how users adopt and use Microsoft 365. The dashboard is just a starting point to interact with the usage data. The reports can be customized for more personalized insights.
-
+ You can also use the Power BI desktop to further customize your reports by connecting them to other data sources to gain richer insights about your business.
-
+ ## Customizing reports in the browser The following two examples show how to modify an existing visual and how to create a new visual.
-
+ ### Modify an existing visual
-This example shows how to modify the **Activation** tab within the **Activation/Licensing** report.
-
+This example shows how to modify the **Activation** tab within the **Activation/Licensing** report.
+ 1. Within the **Activation/Licensing** report, select the **Activation** tab.
-
-2. Enter the edit mode by choosing the **Edit** button on the top through the ![The more page button in Power BI](../../media/d8da3c19-3f2d-4bf6-811e-faa804f74770.png) button.
-
+
+2. Enter the edit mode by choosing the **Edit** button on the top through the ![The more page button in Power BI](../../media/d8da3c19-3f2d-4bf6-811e-faa804f74770.png) button.
+ ![Click Edit report on the top right navigation](../../media/e2c16663-1fbd-4d7f-887c-0cbb891d3b3d.png)
-
+ 3. On the top right, choose **Duplicate this page**.
-
+ ![Choose Duplicate this page](../../media/b2d18dcd-6b82-4ce7-ab79-1b24e3721309.png)
-
+ 4. In the bottom right, choose any of the bar-charts showing the count of users activating based on the OS such as Android, iOS, Mac, etc.
-
+ 5. In the **Visualizations** area to the right, in order to remove **Mac Count** from the visual, select the **X** next to it.
- ![Remove Mac Count](../../media/ce3d8358-df57-4f64-bd25-ac5be7fc8713.png)
-
+ ![Remove Mac Count](../../media/ce3d8358-df57-4f64-bd25-ac5be7fc8713.png)
+ ### Create a new visual The following example shows how to create a new visual to track new Yammer users on monthly basis.
-
+ 1. Go to the **Product Usage** report using the left nav and select the **Yammer** tab.
-
-2. Switch to edit mode by choosing ![The more page button in Power BI](../../media/d8da3c19-3f2d-4bf6-811e-faa804f74770.png) and **Edit**.
-
+
+2. Switch to edit mode by choosing ![The more page button in Power BI](../../media/d8da3c19-3f2d-4bf6-811e-faa804f74770.png) and **Edit**.
+ 3. At the bottom of the page, select the ![The add page button in Power BI](../../media/d3b8c117-17d4-4f53-b078-8fefc2155b24.png) to create a new page.
-
+ 4. In the **Visualizations** area to the right, choose the **Stacked bar chart** (top row, first from left). ![Select Bar Chart](../../media/214c3fed-6eae-43e6-83fb-708a2d74406e.png)
-
+ 5. Select the bottom right of that visualization and drag to make it larger. 6. In the **Fields** area to the right, expand the **Calendar** table. 7. Drag **MonthName** to the fields area, directly below the **Axis** heading in the **Visualizations** area.
-
+ ![Drag Month Name](../../media/bff99987-8c4b-4618-89fd-47df557b0ed7.png)
-
+ 8. In the **Fields** area to the right, expand the **TenantProductUsage** table. 9. Drag **FirstTimeUsers** to the fields area, directly below the **Value** heading.
The following example shows how to create a new visual to track new Yammer users
11. In the **Filter Type** area that appears, select the **Yammer** check box. ![Select Yammer checkbox](../../media/82e99730-0de9-42da-928a-76aab0c3e609.png)
-
+ 12. Just below the list of visualizations, choose the **Format** icon ![Format icon in Power BI Visualizaions](../../media/ee0602f3-3df5-4930-b862-db1d90ae4ae2.png). 13. Expand Title and change the **Title Text** value to **First-Time Yammer Users by Month**.
-
+ 14. Change the **Text Size** value to **12**.
-
-15. Change the title of the new page by editing the name of the page on bottom right.
-16. Save out the report by Clicking on **Reading View** on top and then **Save**.
-
+15. Change the title of the new page by editing the name of the page on bottom right.
+
+16. Save out the report by Clicking on **Reading View** on top and then **Save**.
+ ## Customizing the reports in Power BI Desktop
-For most customers modifying the reports and chart visuals in Power BI web will be sufficient. For some however, there may be a need to join this data with other data sources to gain richer insights contextual to their own business, in which case they can customize and build additional reports using Power BI Desktop. You can download [Power BI Desktop](https://go.microsoft.com/fwlink/p/?linkid=849797) for free.
-
+For most customers modifying the reports and chart visuals in Power BI web will be sufficient. For some however, there may be a need to join this data with other data sources to gain richer insights contextual to their own business, in which case they can customize and build additional reports using Power BI Desktop. You can download [Power BI Desktop](https://go.microsoft.com/fwlink/p/?linkid=849797) for free.
+ ### Use the reporting APIs You can start by connecting directly to the ODATA reporting APIs from Microsoft 365 that power these reports.
-
+ 1. Go to **get data** \> **Other** \> **ODATA Feed** \> **Connect**.
-
+ 2. In the URL window enter "https://<i></i>reports.office.com/pbi/v1.0/\<tenantid\>"
-
+ **NOTE:**
- The reporting APIs are in preview and are subject to change until they go into production.
-
+ The reporting APIs are in preview and are subject to change until they go into production.
+ ![OData feed URL for Power BI desktop](../../media/c0ef967e-a454-4eba-bc8e-61e113170053.png)
-
+ 3. Enter your Microsoft 365 (organization or school) admin credentials to authenticate to Microsoft 365 when prompted.
-
- See the [FAQ](usage-analytics.md#faq) for more information about who is allowed to access the Microsoft 365 Adoption template app reports.
-
+
+ See the [FAQ](usage-analytics.md#faq) for more information about who is allowed to access the Microsoft 365 Adoption template app reports.
+ 4. Once the connection is authorized, you will see the Navigator window that shows the datasets available to connect to.
-
+ Select all and choose **Load**.
-
+ This will download the data into your Power BI Desktop. Save this file and then you can start creating the reports you need.
-
+ ![ODATA values available in the reporting API](../../media/545b4d17-dbbd-4cfc-b75a-a8b27283d438.png)
-
+ ### Use the Microsoft 365 usage analytics template You can also use the Power BI template file that corresponds to the Microsoft 365 usage analytics reports as a starting point to connect to the data. The advantage of using the pbit file is that it has the connection string already established. You can also take advantage of all the custom measures that are created, on top of the data that the base schema returns and build on it further.
-
+ You can download the Power BI template file from the [Microsoft Download Center](https://download.microsoft.com/download/7/8/2/782ba8a7-8d89-4958-a315-dab04c3b620c/Microsoft%20365%20Usage%20Analytics.pbit). After you download the Power BI template file, follow these steps to get started:
-
+ 1. Open the pbit file.
-
+ 2. Enter your tenant id value in the dialog.
-
+ ![Enter your tenant ID to open the pbit file](../../media/071ed0bf-8b9d-49c6-81fc-fd4c6cc85bd3.png)
-
+ 3. Enter your admin credentials to authenticate to Microsoft 365 when prompted.
-
- for more information about who is allowed to access the Microsoft 365 usage analytics reports.
-
+
+ for more information about who is allowed to access the Microsoft 365 usage analytics reports.
+ Once authorized, the data will be refreshed in the Power BI file.
-
+ Data load may take some time, once complete, you can save the file as a .pbix file and continue to customize the reports or bring an additional data source into this report.
-
-4. Follow [Getting started with Power BI](/power-bi/fundamentals/desktop-getting-started) documentation to understand how to build reports, publish them to the Power BI service, and share with your organization. Following this path for customization and sharing may require additional Power BI licenses. See Power BI [licensing guidance](https://go.microsoft.com/fwlink/p/?linkid=849803) for details.
+
+4. Follow [Getting started with Power BI](/power-bi/fundamentals/desktop-getting-started) documentation to understand how to build reports, publish them to the Power BI service, and share with your organization. Following this path for customization and sharing may require additional Power BI licenses. See Power BI [licensing guidance](https://go.microsoft.com/fwlink/p/?linkid=849803) for details.
admin Enable Usage Analytics https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/usage-analytics/enable-usage-analytics.md
audience: Admin
localization_priority: Normal--- M365-subscription-management +
+- M365-subscription-management
- Adm_O365 - Adm_TOC
description: "Learn how to start collecting data for your tenant by using the Mi
# Enable Microsoft 365 usage analytics Microsoft 365 usage analytics is not yet available for Microsoft 365 US Government Community.
-
+ ## Before you begin To get started with Microsoft 365 usage analytics you must first make the data available in the Microsoft 365 admin center, then initiate the template app in Power BI.
-
+ ## Get Power BI If you don't already have Power BI, you can [sign up for Power BI Pro](https://go.microsoft.com/fwlink/p/?linkid=845347). Select **Try free** to sign up for a trial, or **Buy now** to get Power BI Pro.
-
-
-You can also expand **Products** to buy a version of Power BI.
++
+You can also expand **Products** to buy a version of Power BI.
> [!NOTE] > You need a Power BI Pro license to install, customize, and distribute a template app. For more information, please see [Prerequisites](/power-bi/service-template-apps-install-distribute?source=docs#prerequisites).
-To share your data, both you and the people who you share the data with, need a Power BI Pro license, or the content needs to be in a workspace in a [Power BI premium service](/power-bi/service-premium-what-is).
-
+To share your data, both you and the people who you share the data with, need a Power BI Pro license, or the content needs to be in a workspace in a [Power BI premium service](/power-bi/service-premium-what-is).
+ ## Enable the template app To enable the template app, you have to be a **Global administrator**.
-
-See [about admin roles](../add-users/about-admin-roles.md) for more information.
-
-1. In the admin center, go to the **Settings** \> **Org settings** \> **Services** tab.
-
+
+See [about admin roles](../add-users/about-admin-roles.md) for more information.
+
+1. In the admin center, go to the **Settings** \> **Org settings** \> **Services** tab.
+ 2. On the **Services** tab, select **Reports**.
-
-3. On the Reports panel that opens, set **Make report data available to Microsoft 365 usage analytics for Power BI** to **On** \> **Save**.
-
-The data collection process will complete in two to 48 hours depending on the size of your tenant. The **Go to Power BI** button will be enabled (no longer gray) when data collection is complete.
-
+
+3. On the Reports panel that opens, set **Make report data available to Microsoft 365 usage analytics for Power BI** to **On** \> **Save**.
+
+The data collection process will complete in two to 48 hours depending on the size of your tenant. The **Go to Power BI** button will be enabled (no longer gray) when data collection is complete.
+ ## Start the template app
-To start the template app, you have to be either a **global administrator**, **report reader**, **Exchange administrator**, **Skype for Business administrator**, or **SharePoint administrator**.
-
+To start the template app, you have to be either a **global administrator**, **report reader**, **Exchange administrator**, **Skype for Business administrator**, or **SharePoint administrator**.
+ 1. Copy the tenant ID and select **Go to Power BI**.
-
-2. When you get to Power BI, sign in. Then **Select Apps**->**Get apps** from the navigation menu.
-
+
+2. When you get to Power BI, sign in. Then **Select Apps**->**Get apps** from the navigation menu.
+ 3. In the **Apps** tab, type Microsoft 365 in the search box and then select **Microsoft 365 usage analytics** \> **Get it now**. [![Select Get it now](../../media/78102250-9874-4a32-8365-436f13560b52.png)](https://app.powerbi.com/groups/me/getapps/services/cia_microsoft365.microsoft-365-usage-analytics)
-
-4. Once the app is installed. Select the tile to open it.
-5. Select **Explore app** to view the app with sample data. Choose **Connect** to connect the app to your organizationΓÇÖs data.
+4. Once the app is installed. Select the tile to open it.
+
+5. Select **Explore app** to view the app with sample data. Choose **Connect** to connect the app to your organizationΓÇÖs data.
+
+6. Choose **Connect**, on the **Connect to Microsoft 365 usage analytics** screen, then type in the tenant ID (without dashes) you copied in step (1), and select **Next**.
-6. Choose **Connect**, on the **Connect to Microsoft 365 usage analytics** screen, then type in the tenant ID (without dashes) you copied in step (1), and select **Next**.
-
7. On the next screen, select **OAuth2** as the **Authentication method** \> **Sign in**. If you choose any other authentication method, the connection to the template app will fail.
-
+ ![Choose Microsoft account as authentication method](../../media/ab6f0463-c3f7-4088-a605-67c699fa86adnew.png)
-
+ 8. After the template app is instantiated the Microsoft 365 usage analytics dashboard will be available in Power BI on the web. The initial loading of the dashboard will take between 2 to 30 minutes.
-
+ Tenant level aggregates will be available in all reports after opting in. **User-level details will only become available around the 5th of the next calendar month after opting in**. This will impact all reports under User Activity (See [Navigate and utilize the reports in Microsoft 365 usage analytics](navigate-and-utilize-reports.md) for tips on how to view and use these reports).
-
+ ## Make the collected data anonymous To make the data that is collected for all reports anonymous, you have to be a global administrator. This will hide identifiable information such as user, group and site names in reports and in the template app .
-
+ 1. In the admin center, go to the **Settings** \> **Org Settings**, and under **Services** tab, choose **Reports**.
-
+ 2. Select **Reports**, and then choose to **Display anonymous identifiers**. This setting gets applied both to the usage reports as well as to the template app.
-
+ 3. Select **Save changes**. ## Related content
bookings Delete Calendar https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/delete-calendar.md
The booking calendar is where all relevant information about that booking calend
## Delete a booking calendar using Exchange Online PowerShell
-See [Connect to Exchange Online PowerShell](/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps) for prerequisites and guidance for connecting to Exchange Online PowerShell.
+See [Connect to Exchange Online PowerShell](/powershell/exchange/exchange-online-powershell-v2) for prerequisites and guidance for connecting to Exchange Online PowerShell.
To perform these steps, you must be using an active Microsoft PowerShell command window that you ran by choosing the ΓÇ£Run as administratorΓÇ¥ option.
To perform these steps, you must be using an active Microsoft PowerShell command
``` > [!NOTE]
- > If you've already [installed the EXO V2 module](/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps#install-and-maintain-the-exo-v2-module), the previous command will work as written.
+ > If you've already [installed the EXO V2 module](/powershell/exchange/exchange-online-powershell-v2#install-and-maintain-the-exo-v2-module), the previous command will work as written.
2. The command that you need to run uses the following syntax:
business Manage Windows Devices https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business/manage-windows-devices.md
The first command will establish a connection with the Microsoft cloud, and when
If you do not see the policy **Enable automatic MDM enrollment using default Azure AD credentials**, it may be because you donΓÇÖt have the ADMX installed for Windows 10, version 1803, or later. To fix the issue, follow these steps (Note: the latest MDM.admx is backwards compatible):
-1. Download: [Administrative Templates (.admx) for Windows 10 October 2020 Update (20H2)](https://www.microsoft.com/download/102157).
-2. Install the package on a Domain Controller.
-3. Navigate, depending on the Administrative Templates version to the folder: **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2020 Update (20H2)**.
-4. Rename the **Policy Definitions** folder in the above path to **PolicyDefinitions**.
-5. Copy the **PolicyDefinitions** folder to your SYSVOL share, by default located at **C:\Windows\SYSVOL\domain\Policies**.
- - If you plan to use a central policy store for your entire domain, add the contents of PolicyDefinitions there.
-6. In case you have several Domain Controllers, wait for SYSVOL to replicate for the policies to be available. This procedure will work for any future version of the Administrative Templates as well.
+1. Download: [Administrative Templates (.admx) for Windows 10 October 2020 Update (20H2)](https://www.microsoft.com/download/102157).
+2. Install the package on a Domain Controller.
+3. Navigate, depending on the Administrative Templates version to the folder: **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2020 Update (20H2)**.
+4. Rename the **Policy Definitions** folder in the above path to **PolicyDefinitions**.
+5. Copy the **PolicyDefinitions** folder to your SYSVOL share, by default located at **C:\Windows\SYSVOL\domain\Policies**.
+ - If you plan to use a central policy store for your entire domain, add the contents of PolicyDefinitions there.
+6. In case you have several Domain Controllers, wait for SYSVOL to replicate for the policies to be available. This procedure will work for any future version of the Administrative Templates as well.
At this point you should be able to see the policy **Enable automatic MDM enrollment using default Azure AD credentials** available.
business Microsoft 365 Business Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business/microsoft-365-business-overview.md
audience: Admin
localization_priority: Normal-+ - Adm_O365-- M365-subscription-management
+- M365-subscription-management
- TRN_SMB - Adm_O365
Microsoft 365 Business Premium (formerly Microsoft 365 Business) is a comprehens
## Watch: What is Microsoft 365 Business Premium
-> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE2mhaA]
-
-If you found this video helpful, check out the [complete training series for small businesses and those new to Microsoft 365](../business-video/index.yml).
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE2mhaA]
+
+If you found this video helpful, check out the [complete training series for small businesses and those new to Microsoft 365](../business-video/index.yml).
Microsoft 365 Business Premium is meant for up to 300 licenses. If you need more licenses, see [Microsoft 365 Enterprise](../enterprise/index.yml) documentation for more information. See the [Microsoft 365 Business Premium service description](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-business-service-description) for the entire list of features.
-
+ ## Small business security needs Your business data can be compromised in many ways. You and your users can compromise your organization's security when you sign in with compromised credentials or view organization data on different devices and applications. More specifically, your organization is at risk from: - Compromised or weak sign-in credentials. - Compromised device with a weak pin, or a user owned device.-- Users who can copy/paste/save your organization's data to personal appsΓÇï.-- Users who install and use third-party apps with weak securityΓÇï.
+- Users who can copy/paste/save your organization's data to personal apps.
+- Users who install and use third-party apps with weak security.
- Email vulnerabilities, including sharing sensitive data, phishing attempts, malware, and so on. - When people who should not, can access documents with sensitive information.
Microsoft 365 Business Premium helps **defended against threats** by:
- Scanning links in emails and documents in real time to block unsafe web sites (Safe Links). -- Performing advanced analysis of email attachments in a sandbox environment to detect newly developed malware (Safe Attachments).
+- Performing advanced analysis of email attachments in a sandbox environment to detect newly developed malware (Safe Attachments).
-- Enabling anti-phishing policies that use machine learning models and impersonation detection to provide protection against advanced attacks (Anti-phishing in Defender for Office 365 intelligence).
+- Enabling anti-phishing policies that use machine learning models and impersonation detection to provide protection against advanced attacks (Anti-phishing in Defender for Office 365 intelligence).
-- Setting up advanced policies that disable access from untrusted locations or bypass multifactor authentication from trusted places such as your office network (Azure MFA including trusted IPs, and Conditional Access).
+- Setting up advanced policies that disable access from untrusted locations or bypass multifactor authentication from trusted places such as your office network (Azure MFA including trusted IPs, and Conditional Access).
- Enforcing malware protection across all your organization's Windows 10 devices and protecting files in key system folders from changes made by ransomware (Windows Defender) Your **business data is protected** by: -- Using automatic detection to help prevent sensitive information such as Social Security numbers or credit cards from leaking outside your business (data loss prevention).
+- Using automatic detection to help prevent sensitive information such as Social Security numbers or credit cards from leaking outside your business (data loss prevention).
- Encrypting sensitive emails so you can communicate securely with customers or other people outside your organization. This ensures that only the intended recipient can read the message (Office 365 Message Encryption).
To see the full list of security features, see [Microsoft 365 Business Premium s
## Related content
-[Microsoft 365 Business Premium training videos](../business-video/index.yml) (link page)
+[Microsoft 365 Business Premium training videos](../business-video/index.yml) (link page)
commerce Canada https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/pay/canada.md
localization_priority: Normal description: Learn where to send the payment for your subscription.
-
+ # Payment information for Canada
If you have an invoice billed by **Microsoft Corporation**, use this bank information:
-**Bank:** Bank of America, Toronto
-**SWIFT Code:** BOFACATT
-**Account Number:** 45571239
-**Account Name:** MICROSOFT
-**Bank ID:** 241
-**Branch:** 56792
+**Bank:** Bank of America, Toronto
+**SWIFT Code:** BOFACATT
+**Account Number:** 45571239
+**Account Name:** MICROSOFT
+**Bank ID:** 241
+**Branch:** 56792
**Account Name:** MICROSOFT If you have an invoice billed by **Microsoft Canada Inc.** for orders and consumption starting March 1, 2021, use this bank information:
-**Bank:** Citibank N.A., Canadian Branch​
-**Routing Number:** 032820012
-**BIC/SWIFT Code:** CITICATTBCH
-**Account Number:** 3003600001
+**Bank:** Citibank N.A., Canadian Branch
+**Routing Number:** 032820012
+**BIC/SWIFT Code:** CITICATTBCH
+**Account Number:** 3003600001
**Account Name:** MICROSOFT Invoices issued from a local Microsoft Subsidiary are issued with the standard rate of VAT/Sales Tax/GST and deemed a domestic supply of services for VAT/Sales Tax/GST purposes.
compliance Apply Retention Labels Automatically https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md
Note that this final example uses the best practice of always including operato
To identify Microsoft Teams meeting recordings that are stored in users' OneDrive accounts or in SharePoint, specify the following for the **Keyword query editor**:
-```
+```
ProgID:Media AND ProgID:Meeting ```
compliance Archive 17A 4 Servicenow Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-servicenow-data.md
Title: "Set up a connector to archive ServiceNow data in Microsoft 365"
+ Title: "Set up a connector to archive ServiceNow 17a-4 DataParser data in Microsoft 365"
f1.keywords: - NOCSH
compliance Archive Ringcentral Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ringcentral-data.md
description: "Admins can set up a connector to import and archive RingCentral data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data."
-# Set up a connector to archive RingCentral data
+# Set up a connector to archive RingCentral data (preview)
Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the RingCentral platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [RingCentral](https://www.veritas.com/insights/merge1/ringcentral) connector that is configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from RingCentral to an email message format and then imports those items to the user mailboxes in Microsoft 365.
compliance Archiving Third Party Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archiving-third-party-data.md
The table in this section lists the third-party data connectors available in par
Before you can archive third-party data in Microsoft 365, you have to work with TeleMessage to set up their archiving service for your organization. For more information, click the link in the **Third-party data** column to go the step-by-step instructions for creating a connector for that data type.
-TeleMessage data connectors are also available in GCC environments in the Microsoft 365 US Government cloud. For more information, see the Data connectors in the US Government cloud section in this article.
+TeleMessage data connectors are also available in GCC environments in the Microsoft 365 US Government cloud. For more information, see the [Data connectors in the US Government cloud](#data-connectors-in-the-us-government-cloud) section in this article.
|Third-party data |Litigation hold|eDiscovery |Retention settings |Records management |Communication compliance |Insider risk management | |:|:|:|:|:|:|:|
compliance Auditing Solutions Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-solutions-overview.md
For more detailed instructions, see [Set up Advanced Audit](set-up-advanced-audi
## Training
-Training your security operations team, IT administrators, and compliance investigators team in Basic Audit and Advanced Audit can help your organization get started more quickly using auditing to help with your investigations. Microsoft 365 provides the following resource to help these users in your organization getting started with auditing: [Describe the audit capabilities in Microsoft 365](/learn/modules/describe-audit-capabilities-microsoft-365).
+Training your security operations team, IT administrators, and compliance investigators team in the fundamentals for Basic Audit and Advanced Audit can help your organization get started more quickly using auditing to help with your investigations. Microsoft 365 provides the following resource to help these users in your organization getting started with auditing: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365).
compliance Classifier Get Started With https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/classifier-get-started-with.md
Once the trainable classifier has processed enough positive samples to build a p
16. When the trainable classifier is done processing your test files, the status on the details page will change to `Ready to review`. If you need to increase the test sample size, choose `Add items to test` and allow the trainable classifier to process the additional items. > [!div class="mx-imgBorder"]
- > ![ready to review screenshot](../media/classifier-trainable-ready-to-review-detail.png)
+ > ![ready to review screenshot](../media/classifier-trainable-ready-to-review-detail.png)
17. Choose `Tested items to review` tab to review items. 18. Microsoft 365 will present 30 items at a time. Review them and in the `We predict this item is "Relevant". Do you agree?` box choose either `Yes` or `No` or `Not sure, skip to next item`. Model accuracy is automatically updated after every 30 items. > [!div class="mx-imgBorder"]
- > ![review items box](../media/classifier-trainable-review-detail.png)
+ > ![review items box](../media/classifier-trainable-review-detail.png)
19. Review *at least* 200 items. Once the accuracy score has stabilized, the **publish** option will become available and the classifier status will say `Ready to use`. > [!div class="mx-imgBorder"]
- > ![accuracy score and ready to publish](../media/classifier-trainable-review-ready-to-publish.png)
+ > ![accuracy score and ready to publish](../media/classifier-trainable-review-ready-to-publish.png)
20. Publish the classifier.
-21. Once published your classifier will be available as a condition in [Office auto-labeling with sensitivity labels](apply-sensitivity-label-automatically.md), [auto-apply retention label policy based on a condition](apply-retention-labels-automatically.md#configuring-conditions-for-auto-apply-retention-labels) and in [Communication compliance](communication-compliance.md).
+21. Once published your classifier will be available as a condition in [Office auto-labeling with sensitivity labels](apply-sensitivity-label-automatically.md), [auto-apply retention label policy based on a condition](apply-retention-labels-automatically.md#configuring-conditions-for-auto-apply-retention-labels) and in [Communication compliance](communication-compliance.md).
compliance Commit Draft Collection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/commit-draft-collection.md
When you're satisfied with the items you've collected in a draft collection and
1. Select **Collect items and add to review set**.
- 2. Decide whether to add the collection to a new review set (which is created after you submit the collection) or to an existing review set. Complete this section based on your decision.
+ 2. Decide whether to add the collection to a new review set (which is created after you submit the collection) or add it to an existing review set. Complete this section based on your decision.
3. Configure the additional collection settings:
When you're satisfied with the items you've collected in a draft collection and
When you commit a draft collection to a review set, the following things happen:
+- If you created a new review set to commit the collection to, the review set is created and displayed on the **Review sets** tab in the case. The status of the new review set is **Ready**. This status value means the review set has been created; it doesn't mean that the collection has been added to the review set. The status of adding items in the collection to the review set is displayed on the **Collections** tab.
+ - The collection search query is run again. This means the actual search results copied to the review set may be different than the estimated results that were returned when the collection search was last run. - All items in the search results are copied from the original data source in the live service, and copied to a secure Azure Storage location in the Microsoft cloud.
compliance Communication Compliance Case Study https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-case-study.md
Contoso decides to use the *Communication Compliance* role group assign all the
| **Communication Compliance Investigator** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an Advanced eDiscovery case, send notifications to users, and resolve the alert. | | **Communication Compliance Viewer** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
-1. Contoso IT administrators sign into the **Office 365 Security & Compliance center** permissions page [(https://protection.office.com/permissions)](https://protection.office.com/permissions) using credentials for a global administrator account and select the link to view and manage roles in Microsoft 365.
+1. Contoso IT administrators sign into the **Office 365 Security & Compliance center** permissions page [(https://compliance.microsoft.com/permissions)](https://compliance.microsoft.com/permissions) using credentials for a global administrator account and select the link to view and manage roles in Microsoft 365.
2. In the **Security & Compliance Center**, they go to **Permissions** and select the link to view and manage roles in Office 365. 3. The administrators select the *Communication Compliance* role group, then select **Edit role group**. 4. The administrators select **Choose members** from the left navigation pane, then select **Edit**.
compliance Communication Compliance Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-configure.md
Choose from these role group options when configuring communication compliance:
### Option 1: Assign all compliance users to the Communication Compliance role group
-1. Sign into [https://protection.office.com/permissions](https://protection.office.com/permissions) using credentials for an admin account in your Microsoft 365 organization.
+1. Sign into [https://compliance.microsoft.com/permissions](https://compliance.microsoft.com/permissions) using credentials for an admin account in your Microsoft 365 organization.
2. In the Security &amp; Compliance Center, go to **Permissions**. Select the link to view and manage roles in Office 365.
Choose from these role group options when configuring communication compliance:
Use this option to assign users to specific role groups to segment communication compliance access and responsibilities among different users in your organization.
-1. Sign into [https://protection.office.com/permissions](https://protection.office.com/permissions) using credentials for an admin account in your Microsoft 365 organization.
+1. Sign into [https://compliance.microsoft.com/permissions](https://compliance.microsoft.com/permissions) using credentials for an admin account in your Microsoft 365 organization.
2. In the Security &amp; Compliance Center, go to **Permissions**. Select the link to view and manage roles in Office 365.
compliance Compliance Manager Mcca https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-mcca.md
Select the dropdown next to the **Recommendation** label to the right of the imp
For more detailed information on installing, setting up, and using MCCA, see the [README instructions on GitHub](https://github.com/OfficeDev/MCCA#overview) (no GitHub account required).
-For more information on Windows PowerShell, start at [How to use the PowerShell documentation](/powershell/scripting/how-to-use-docs?view=powershell-7). See also [Starting Windows PowerShell](/powershell/scripting/windows-powershell/starting-windows-powershell?view=powershell-7).
+For more information on Windows PowerShell, start at [How to use the PowerShell documentation](/powershell/scripting/how-to-use-docs). See also [Starting Windows PowerShell](/powershell/scripting/windows-powershell/starting-windows-powershell).
compliance Create A Custom Sensitive Information Type In Scc Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell.md
Here's the sample XML of the rule package that we'll create in this topic. Eleme
<?xml version="1.0" encoding="UTF-16"?> <RulePackage xmlns="http://schemas.microsoft.com/office/2011/mce"> <RulePack id="DAD86A92-AB18-43BB-AB35-96F7C594ADAA">
- <Version build="0" major="1" minor="0" revision="0"/>
- <Publisher id="619DD8C3-7B80-4998-A312-4DF0402BAC04"/>
- <Details defaultLangCode="en-us">
- <LocalizedDetails langcode="en-us">
- <PublisherName>Contoso</PublisherName>
- <Name>Employee ID Custom Rule Pack</Name>
- <Description>
- This rule package contains the custom Employee ID entity.
- </Description>
- </LocalizedDetails>
- </Details>
+ <Version build="0" major="1" minor="0" revision="0"/>
+ <Publisher id="619DD8C3-7B80-4998-A312-4DF0402BAC04"/>
+ <Details defaultLangCode="en-us">
+ <LocalizedDetails langcode="en-us">
+ <PublisherName>Contoso</PublisherName>
+ <Name>Employee ID Custom Rule Pack</Name>
+ <Description>
+ This rule package contains the custom Employee ID entity.
+ </Description>
+ </LocalizedDetails>
+ </Details>
</RulePack> <Rules> <!-- Employee ID -->
- <Entity id="E1CC861E-3FE9-4A58-82DF-4BD259EAB378" patternsProximity="300" recommendedConfidence="75">
- <Pattern confidenceLevel="65">
- <IdMatch idRef="Regex_employee_id"/>
- </Pattern>
- <Pattern confidenceLevel="75">
- <IdMatch idRef="Regex_employee_id"/>
- <Match idRef="Func_us_date"/>
- </Pattern>
- <Pattern confidenceLevel="85">
- <IdMatch idRef="Regex_employee_id"/>
- <Match idRef="Func_us_date"/>
- <Any minMatches="1">
- <Match idRef="Keyword_badge" minCount="2"/>
- <Match idRef="Keyword_employee"/>
- </Any>
- <Any minMatches="0" maxMatches="0">
- <Match idRef="Keyword_false_positives_local"/>
- <Match idRef="Keyword_false_positives_intl"/>
- </Any>
- </Pattern>
- </Entity>
- <Regex id="Regex_employee_id">(\s)(\d{9})(\s)</Regex>
- <Keyword id="Keyword_employee">
- <Group matchStyle="word">
- <Term>Identification</Term>
- <Term>Contoso Employee</Term>
- </Group>
- </Keyword>
- <Keyword id="Keyword_badge">
- <Group matchStyle="string">
- <Term>card</Term>
- <Term>badge</Term>
- <Term caseSensitive="true">ID</Term>
- </Group>
- </Keyword>
- <Keyword id="Keyword_false_positives_local">
- <Group matchStyle="word">
- <Term>credit card</Term>
- <Term>national ID</Term>
- </Group>
- </Keyword>
- <Keyword id="Keyword_false_positives_intl">
- <Group matchStyle="word">
- <Term>identity card</Term>
- <Term>national ID</Term>
- <Term>EU debit card</Term>
- </Group>
- </Keyword>
- <LocalizedStrings>
- <Resource idRef="E1CC861E-3FE9-4A58-82DF-4BD259EAB378">
- <Name default="true" langcode="en-us">Employee ID</Name>
- <Description default="true" langcode="en-us">
- A custom classification for detecting Employee IDs.
- </Description>
- <Description default="false" langcode="de-de">
- Description for German locale.
- </Description>
- </Resource>
- </LocalizedStrings>
+ <Entity id="E1CC861E-3FE9-4A58-82DF-4BD259EAB378" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="65">
+ <IdMatch idRef="Regex_employee_id"/>
+ </Pattern>
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Regex_employee_id"/>
+ <Match idRef="Func_us_date"/>
+ </Pattern>
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Regex_employee_id"/>
+ <Match idRef="Func_us_date"/>
+ <Any minMatches="1">
+ <Match idRef="Keyword_badge" minCount="2"/>
+ <Match idRef="Keyword_employee"/>
+ </Any>
+ <Any minMatches="0" maxMatches="0">
+ <Match idRef="Keyword_false_positives_local"/>
+ <Match idRef="Keyword_false_positives_intl"/>
+ </Any>
+ </Pattern>
+ </Entity>
+ <Regex id="Regex_employee_id">(\s)(\d{9})(\s)</Regex>
+ <Keyword id="Keyword_employee">
+ <Group matchStyle="word">
+ <Term>Identification</Term>
+ <Term>Contoso Employee</Term>
+ </Group>
+ </Keyword>
+ <Keyword id="Keyword_badge">
+ <Group matchStyle="string">
+ <Term>card</Term>
+ <Term>badge</Term>
+ <Term caseSensitive="true">ID</Term>
+ </Group>
+ </Keyword>
+ <Keyword id="Keyword_false_positives_local">
+ <Group matchStyle="word">
+ <Term>credit card</Term>
+ <Term>national ID</Term>
+ </Group>
+ </Keyword>
+ <Keyword id="Keyword_false_positives_intl">
+ <Group matchStyle="word">
+ <Term>identity card</Term>
+ <Term>national ID</Term>
+ <Term>EU debit card</Term>
+ </Group>
+ </Keyword>
+ <LocalizedStrings>
+ <Resource idRef="E1CC861E-3FE9-4A58-82DF-4BD259EAB378">
+ <Name default="true" langcode="en-us">Employee ID</Name>
+ <Description default="true" langcode="en-us">
+ A custom classification for detecting Employee IDs.
+ </Description>
+ <Description default="false" langcode="de-de">
+ Description for German locale.
+ </Description>
+ </Resource>
+ </LocalizedStrings>
</Rules> </RulePackage> ```
The Version element is also important. When you upload your rule package for the
</RulePack> <Rules>
- . . .
+ . . .
</Rules> </RulePackage>
To connect to Compliance Center PowerShell, see [Connect to Compliance Center Po
$rulepak = Get-DlpSensitiveInformationTypeRulePackage -Identity "Employee ID Custom Rule Pack" ```
-3. Use the [Set-Content](/powershell/module/microsoft.powershell.management/set-content?view=powershell-6) cmdlet to export the custom rule package to an XML file:
+3. Use the [Set-Content](/powershell/module/microsoft.powershell.management/set-content) cmdlet to export the custom rule package to an XML file:
```powershell Set-Content -Path "XMLFileAndPath" -Encoding Byte -Value $rulepak.SerializedClassificationRuleCollection
compliance Create A Custom Sensitive Information Type https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-custom-sensitive-information-type.md
You can also create custom sensitive information types by using PowerShell and E
### Checksum validator If you need to run a checksum on a digit in a regular expression, you can use the *checksum validator*. For example, say you need to create a SIT for an eight digit license number where the last digit is a checksum digit that is validated using a mod 9 calculation. You've set up the checksum algorithm like this:
-
+ Sum = digit 1 * Weight 1 + digit 2 * weight 2 + digit 3 * weight 3 + digit 4 * weight 4 + digit 5 * weight 5 + digit 6 * weight 6 + digit 7 * weight 7 + digit 8 * weight 8 Mod value = Sum % 9 If Mod value == digit 8
- Account number is valid
+ Account number is valid
If Mod value != digit 8
- Account number is invalid
+ Account number is invalid
1. Define the primary element with this regular expression:
-`\d{8}`
+ ```console
+ \d{8}
+ ```
2. Then add the checksum validator. 3. Add the weight values separated by commas, the position of the check digit and the Mod value. For more information on the Modulo operation, see [Modulo operation](https://en.wikipedia.org/wiki/Modulo_operation).
If Mod value != digit 8
### Date validator
-If a date value that is embedded in regular expression is part of a new pattern you are creating, you can use the *date validator* to test that it meets your criteria. For example, say you want to create a SIT for a nine digit employee identification number. The first six digits are the date of hire in DDMMYY format and the last three are randomly generated numbers. To validate that the first six digits are in the correct format.
+If a date value that is embedded in regular expression is part of a new pattern you are creating, you can use the *date validator* to test that it meets your criteria. For example, say you want to create a SIT for a nine digit employee identification number. The first six digits are the date of hire in DDMMYY format and the last three are randomly generated numbers. To validate that the first six digits are in the correct format.
1. Define the primary element with this regular expression:
-`\d{9}`
+ ```console
+ \d{9}
+ ```
2. Then add the date validator. 3. Select the date format and the start offset. Since the date string is the first six digits, the offset is `0`.
Here are the definitions and some examples for the available additional checks.
> [!TIP] > To detect patterns containing Chinese/Japanese characters and single byte characters or to detect patterns containing Chinese/Japanese and English, define two variants of the keyword or regex. > For example, to detect a keyword like "机密的document", use two variants of the keyword; one with a space between the Japanese and English text and another without a space between the Japanese and English text. So, the keywords to be added in the SIT should be "机密的 document" and "机密的document". Similarly, to detect a phrase "東京オリンピック2020", two variants should be used; "東京オリンピック 2020" and "東京オリンピック2020".
-
-> While creating a regex using a double byte hyphen or a double byte period, make sure to escape both the characters like one would escape a hyphen or period in a regex. Here is a sample regex for reference:
+ > While creating a regex using a double byte hyphen or a double byte period, make sure to escape both the characters like one would escape a hyphen or period in a regex. Here is a sample regex for reference:
- (?<!\d)([4][0-9]{3}[\-?\-\t]*[0-9]{4}- > We recommend using a string match instead of a word match in a keyword list.
compliance Create A Keyword Dictionary https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-keyword-dictionary.md
Paste the identity into your custom sensitive information type's XML and upload
> [!TIP] > To detect patterns containing Chinese/Japanese characters and single byte characters or to detect patterns containing Chinese/Japanese and English, define two variants of the keyword or regex. > For example, to detect a keyword like "机密的document", use two variants of the keyword; one with a space between the Japanese and English text and another without a space between the Japanese and English text. So, the keywords to be added in the SIT should be "机密的 document" and "机密的document". Similarly, to detect a phrase "東京オリンピック2020", two variants should be used; "東京オリンピック 2020" and "東京オリンピック2020".
-
-> While creating a regex using a double byte hyphen or a double byte period, make sure to escape both the characters like one would escape a hyphen or period in a regex. Here is a sample regex for reference:
+ > While creating a regex using a double byte hyphen or a double byte period, make sure to escape both the characters like one would escape a hyphen or period in a regex. Here is a sample regex for reference:
- (?<!\d)([4][0-9]{3}[\-?\-\t]*[0-9]{4}- > We recommend using a string match instead of a word match in a keyword list.
compliance Create Custom Sensitive Information Types With Exact Data Match Based Classification https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-custom-sensitive-information-types-with-exact-data-match-based-classification.md
audience: Admin Previously updated : Last updated : localization_priority: Normal-+ - M365-security-compliance
+search.appverid:
- MOE150 - MET150 description: Learn how to create custom sensitive information types with Exact Data Match based classification.
-# Create custom sensitive information types with Exact Data Match based classification
-
+# Create custom sensitive information types with Exact Data Match based classification
[Custom sensitive information types](sensitive-information-type-learn-about.md) are used to help identify sensitive items so that you can prevent them from being inadvertently or inappropriately shared. You define a custom sensitive information type (SIT)based on:
EDM-based classification enables you to create custom sensitive information type
> [!NOTE] > Microsoft 365 Information Protection supports double byte character set languages for:
+>
> - Chinese (simplified) > - Chinese (traditional) > - Korean > - Japanese
->
+>
> This support is available for sensitive information types. See, [Information protection support for double byte character sets release notes (preview)](mip-dbcs-relnotes.md) for more information. - ## Required licenses and permissions You must be a global admin, compliance administrator, or Exchange Online administrator to perform the tasks described in this article. To learn more about DLP permissions, see [Permissions](data-loss-prevention-policies.md#permissions).
EDM-based classification is included in these subscriptions
## Portal links for your subscription -
-|Portal |World Wide/GCC |GCC-High |DOD |
-|||||
-|Office SCC | protection.office.com |scc.office365.us |scc.protection.apps.mil |
-|Microsoft 365 Security center |security.microsoft.com |security.microsoft.us |security.apps.mil|
-|Microsoft 365 Compliance center |compliance.microsoft.com |compliance.microsoft.us |compliance.apps.mil|
-
+|Portal|World Wide/GCC|GCC-High|DOD|
+|||||
+|Office SCC|protection.office.com|scc.office365.us|scc.protection.apps.mil|
+|Microsoft 365 Security center|security.microsoft.com|security.microsoft.us|security.apps.mil|
+|Microsoft 365 Compliance center|compliance.microsoft.com|compliance.microsoft.us|compliance.apps.mil|
## The work flow at a glance
-|Phase |What's needed |
-|||
-|[Part 1: Set up EDM-based classification](#part-1-set-up-edm-based-classification)<br/><br/>(As needed)<br/>- [Edit the database schema](#editing-the-schema-for-edm-based-classification) <br/>- [Remove the schema](#removing-the-schema-for-edm-based-classification) |- Read access to the sensitive data<br/>- Database schema in XML format (example provided)<br/>- Rule package in XML format (example provided)<br/>- Admin permissions to the Security & Compliance Center (using PowerShell) |
-|[Part 2: Hash and upload the sensitive data](#part-2-hash-and-upload-the-sensitive-data)<br/><br/>(As needed)<br/>[Refresh the data](#refreshing-your-sensitive-information-database) |- Custom security group and user account<br/>- Local admin access to machine with EDM Upload Agent<br/>- Read access to the sensitive data<br/>- Process and schedule for refreshing the data|
-|[Part 3: Use EDM-based classification with your Microsoft cloud services](#part-3-use-edm-based-classification-with-your-microsoft-cloud-services) |- Microsoft 365 subscription with DLP<br/>- EDM-based classification feature enabled |
+|Phase|What's needed|
+|||
+|[Part 1: Set up EDM-based classification](#part-1-set-up-edm-based-classification)<br/><br/>(As needed)<br/>- [Edit the database schema](#editing-the-schema-for-edm-based-classification) <br/>- [Remove the schema](#removing-the-schema-for-edm-based-classification)|- Read access to the sensitive data<br/>- Database schema in XML format (example provided)<br/>- Rule package in XML format (example provided)<br/>- Admin permissions to the Security & Compliance Center (using PowerShell)|
+|[Part 2: Hash and upload the sensitive data](#part-2-hash-and-upload-the-sensitive-data)<br/><br/>(As needed)<br/>[Refresh the data](#refreshing-your-sensitive-information-database)|- Custom security group and user account<br/>- Local admin access to machine with EDM Upload Agent<br/>- Read access to the sensitive data<br/>- Process and schedule for refreshing the data|
+|[Part 3: Use EDM-based classification with your Microsoft cloud services](#part-3-use-edm-based-classification-with-your-microsoft-cloud-services)|- Microsoft 365 subscription with DLP<br/>- EDM-based classification feature enabled|
### Part 1: Set up EDM-based classification
Setting up and configuring EDM-based classification involves:
2. [Define your sensitive information database schema](#define-the-schema-for-your-database-of-sensitive-information) 3. [Create a rule package](#set-up-a-rule-package) - #### Save sensitive data in .csv or .tsv format 1. Identify the sensitive information you want to use. Export the data to an app, such as Microsoft Excel, and save the file in a text file. The file can be saved in .csv (comma-separated values), .tsv (tab-separated values), or pipe-separated (|) format. The .tsv format is recommended in cases where your data values may included commas, such as street addresses. The data file can include a maximum of:
- - Up to 100 million rows of sensitive data
- - Up to 32 columns (fields) per data source
- - Up to 5 columns (fields) marked as searchable
+ - Up to 100 million rows of sensitive data
+ - Up to 32 columns (fields) per data source
+ - Up to 5 columns (fields) marked as searchable
2. Structure the sensitive data in the .csv or .tsv file such that the first row includes the names of the fields used for EDM-based classification. In your file you might have field names such as "ssn", "birthdate", "firstname", "lastname". The column header names can't include spaces or underscores. For example, the sample .csv file that we use in this article is named *PatientRecords.csv*, and its columns include *PatientID*, *MRN*, *LastName*, *FirstName*, *SSN*, and more.
If for business or technical reasons, you prefer not to use PowerShell or comman
> [!NOTE] > The Exact Data Match Schema and Sensitive Information Type Wizard is only available for the World Wide and GCC clouds only.
-1. Define the schema for the database of sensitive information in XML format (similar to our example below). Name this schema file **edm.xml**, and configure it such that for each column in the database, there is a line that uses the syntax: 
+1. Define the schema for the database of sensitive information in XML format (similar to our example below). Name this schema file **edm.xml**, and configure it such that for each column in the database, there is a line that uses the syntax:
`\<Field name="" searchable=""/\>`.
If for business or technical reasons, you prefer not to use PowerShell or comman
##### Configurable match using the caseInsensitive and ignoredDelimiters fields
-The above XML sample makes use of the `caseInsensitive` and the `ignoredDelimiters` fields.
+The above XML sample makes use of the `caseInsensitive` and the `ignoredDelimiters` fields.
When you include the ***caseInsensitive*** field set to the value of `true` in your schema definition, EDM will not exclude an item based on case differences for `PatientID` field. So EDM will see, `PatientID` **FOO-1234** and **fOo-1234** as being identical. When you include the ***ignoredDelimiters*** field with supported characters, EDM will ignore those characters in the `PatientID`. So EDM will see, `PatientID` **FOO-1234** and `PatientID` **FOO#1234** as being identical. The `ignoredDelimiters` flag supports any non-alphanumeric character, here are some examples:+ - \. - \- - \/
When you include the ***ignoredDelimiters*** field with supported characters, E
- \} - \\ - \~-- \;
+- \;
The `ignoredDelimiters` flag doesn't support:+ - characters 0-9 - A-Z - a-z - \" - \,
-In this example, where both `caseInsensitive` and `ignoredDelimiters` are used, EDM would see **FOO-1234** and **fOo#1234** as identical and classify the item as a patient record sensitive information type.
+In this example, where both `caseInsensitive` and `ignoredDelimiters` are used, EDM would see **FOO-1234** and **fOo#1234** as identical and classify the item as a patient record sensitive information type.
-4. Connect to the Security & Compliance center using the procedures in [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell).
+1. Connect to the Security & Compliance Center PowerShell using the procedures in [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell).
-5. To upload the database schema, run the following cmdlets, one at a time:
+2. To upload the database schema, run the following cmdlets, one at a time:
```powershell $edmSchemaXml=Get-Content .\\edm.xml -Encoding Byte -ReadCount 0
In this example, where both `caseInsensitive` and `ignoredDelimiters` are used,
When you set up your rule package, make sure to correctly reference your .csv or .tsv file and **edm.xml** file. You can copy, modify, and use our example. In this sample xml the following fields needs to be customized to create your EDM sensitive type:
- - **RulePack id & ExactMatch id**: Use [New-GUID](/powershell/module/microsoft.powershell.utility/new-guid?view=powershell-6) to generate a GUID.
+ - **RulePack id & ExactMatch id**: Use [New-GUID](/powershell/module/microsoft.powershell.utility/new-guid) to generate a GUID.
- **Datastore**: This field specifies EDM lookup data store to be used. You provide a data source name of a configured EDM Schema. - **idMatch**: This field points to the primary element for EDM. - Matches: Specifies the field to be used in exact lookup. You provide a searchable field name in EDM Schema for the DataStore.
- - Classification: This field specifies the sensitive type match that triggers EDM lookup. You can provide the Name or GUID of an existing built-in or custom sensitive information type. Be aware that any string that matches the sensitive information type provided will be hashed and compared to every entry in the sensitive information table. In order to avoid causing performance issues, if you use a custom sensitive information type as the Classification element in EDM, avoid using one that will match a large percentage of content (such as "any number" or "any five-letter word") by adding supporting keywords or including formatting in the definition of the custom classification sensitive information type.
+ - Classification: This field specifies the sensitive type match that triggers EDM lookup. You can provide the Name or GUID of an existing built-in or custom sensitive information type. Be aware that any string that matches the sensitive information type provided will be hashed and compared to every entry in the sensitive information table. In order to avoid causing performance issues, if you use a custom sensitive information type as the Classification element in EDM, avoid using one that will match a large percentage of content (such as "any number" or "any five-letter word") by adding supporting keywords or including formatting in the definition of the custom classification sensitive information type.
- **Match:** This field points to additional evidence found in proximity of idMatch. - Matches: You provide any field name in EDM Schema for DataStore.
In this example, note that:
> [!NOTE] > It can take between 10-60 minutes to update the EDMSchema with additions. The update must complete before you execute steps that use the additions.
-
+ After you have imported your rule package with your EDM sensitive info type and have imported your sensitive data table, you can test your newly created type by using the **Test** function in the EDM wizard in the compliance center. See [Use the Exact Data Match Schema and Sensitive Information Type Wizard](sit-edm-wizard.md) for instructions on using this functionality. #### Editing the schema for EDM-based classification
This computer must have direct access to your Microsoft 365 tenant.
> [!TIP] > To a get a list out of the supported command parameters, run the agent no arguments. For example 'EdmUploadAgent.exe'.
-2. Authorize the EDM Upload Agent, open Command Prompt window (as an administrator), switch to the **C:\EDM\Data** directory and then run the following command:
+3. Authorize the EDM Upload Agent, open Command Prompt window (as an administrator), switch to the **C:\EDM\Data** directory and then run the following command:
`EdmUploadAgent.exe /Authorize`
-3. Sign in with your work or school account for Microsoft 365 that was added to the EDM_DataUploaders security group. Your tenant information is extracted from the user account to make the connection.
+4. Sign in with your work or school account for Microsoft 365 that was added to the EDM_DataUploaders security group. Your tenant information is extracted from the user account to make the connection.
OPTIONAL: If you used the Exact Data Match schema and sensitive information type wizard to create your schema and pattern files, run the following command in a Command Prompt window:
- `EdmUploadAgent.exe /SaveSchema /DataStoreName <schema name> /OutputDir <path to output folder>`
+ ```dos
+ EdmUploadAgent.exe /SaveSchema /DataStoreName <schema name> /OutputDir <path to output folder>
+ ```
-4. To hash and upload the sensitive data, run the following command in Command Prompt window:
+5. To hash and upload the sensitive data, run the following command in Command Prompt window:
- `EdmUploadAgent.exe /UploadData /DataStoreName [DS Name] /DataFile [data file] /HashLocation [hash file location] /Schema [Schema file] /ColumnSeparator ["{Tab}"|"|"]`
+ ```dos
+ EdmUploadAgent.exe /UploadData /DataStoreName [DS Name] /DataFile [data file] /HashLocation [hash file location] /Schema [Schema file] /ColumnSeparator ["{Tab}"|"|"]
+ ```
Example: **EdmUploadAgent.exe /UploadData /DataStoreName PatientRecords /DataFile C:\Edm\Hash\PatientRecords.csv /HashLocation C:\Edm\Hash /Schema edm.xml**
- The default format for the sensitive data file is comma-separated values. You can specify a tab-separated file by indicating the "{Tab}" option with the /ColumnSeparator parameter, or you can specify a pipe-separated file by indicating the "|" option.
+ The default format for the sensitive data file is comma-separated values. You can specify a tab-separated file by indicating the "{Tab}" option with the /ColumnSeparator parameter, or you can specify a pipe-separated file by indicating the "|" option.
This command will automatically add a randomly generated salt value to the hash for greater security. Optionally, if you want to use your own salt value, add the **/Salt <saltvalue>** to the command. This value must be 64 characters in length and can only contain the a-z characters and 0-9 characters.
-5. Check the upload status by running this command:
+6. Check the upload status by running this command:
- `EdmUploadAgent.exe /GetSession /DataStoreName \<DataStoreName\>`
+ ```dos
+ EdmUploadAgent.exe /GetSession /DataStoreName \<DataStoreName\>
+ ```
Example: **EdmUploadAgent.exe /GetSession /DataStoreName PatientRecords**
Perform the hash on a computer in a secure environment.
OPTIONAL: If you used the Exact Data Match schema and sensitive information type wizard to create your schema and pattern files, run the following command in a Command Prompt window:
-`EdmUploadAgent.exe /SaveSchema /DataStoreName <schema name> /OutputDir <path to output folder>`
+```dos
+EdmUploadAgent.exe /SaveSchema /DataStoreName <schema name> /OutputDir <path to output folder>
+````
1. Run the following command in Command Prompt windows:
- `EdmUploadAgent.exe /CreateHash /DataFile [data file] /HashLocation [hash file location] /Schema [Schema file] >`
+ ```dos
+ EdmUploadAgent.exe /CreateHash /DataFile [data file] /HashLocation [hash file location] /Schema [Schema file]
+ ```
For example:
- > **EdmUploadAgent.exe /CreateHash /DataFile C:\Edm\Data\PatientRecords.csv /HashLocation C:\Edm\Hash /Schema edm.xml**
+ ```dos
+ EdmUploadAgent.exe /CreateHash /DataFile C:\Edm\Data\PatientRecords.csv /HashLocation C:\Edm\Hash /Schema edm.xml
+ ```
This will output a hashed file and a salt file with these extensions if you didn't specify the **/Salt <saltvalue>** option:+ - .EdmHash - .EdmSalt
OPTIONAL: If you used the Exact Data Match schema and sensitive information type
To upload the hashed data, run the following command in Windows Command Prompt:
- `EdmUploadAgent.exe /UploadHash /DataStoreName \<DataStoreName\> /HashFile \<HashedSourceFilePath\>`
+ ```dos
+ EdmUploadAgent.exe /UploadHash /DataStoreName \<DataStoreName\> /HashFile \<HashedSourceFilePath\>
+ ```
For example:
- > **EdmUploadAgent.exe /UploadHash /DataStoreName PatientRecords /HashFile C:\\Edm\\Hash\\PatientRecords.EdmHash**
-
+ ```dos
+ EdmUploadAgent.exe /UploadHash /DataStoreName PatientRecords /HashFile C:\\Edm\\Hash\\PatientRecords.EdmHash**
+ ```
To verify that your sensitive data has been uploaded, run the following command in Command Prompt window:
- `EdmUploadAgent.exe /GetDataStore`
+ ```dos
+ EdmUploadAgent.exe /GetDataStore
+ ```
You'll see a list of data stores and when they were last updated. If you want to see all the data uploads to a particular store, run the following command in a Windows command prompt:
- `EdmUploadAgent.exe /GetSession /DataStoreName <DataStoreName>`
+ ```dos
+ EdmUploadAgent.exe /GetSession /DataStoreName <DataStoreName>
+ ```
Proceed to set up your process and schedule for [Refreshing your sensitive information database](#refreshing-your-sensitive-information-database).
You can refresh your sensitive information database daily, and the EDM Upload To
3. Use [Task Scheduler](/windows/desktop/TaskSchd/task-scheduler-start-page) to automate steps 2 and 3 in the [Hash and upload the sensitive data](#part-2-hash-and-upload-the-sensitive-data) procedure. You can schedule tasks using several methods:
- | Method | What to do |
- | - | - |
- | Windows PowerShell | See the [ScheduledTasks](/powershell/module/scheduledtasks/?view=win10-ps) documentation and the [example PowerShell script](#example-powershell-script-for-task-scheduler) in this article |
- | Task Scheduler API | See the [Task Scheduler](/windows/desktop/TaskSchd/using-the-task-scheduler) documentation |
- | Windows user interface | In Windows, click **Start**, and type Task Scheduler. Then, in the list of results, right-click **Task Scheduler**, and choose **Run as administrator**. |
+ |Method|What to do|
+ |||
+ |Windows PowerShell|See the [ScheduledTasks](/powershell/module/scheduledtasks/) documentation and the [example PowerShell script](#example-powershell-script-for-task-scheduler) in this article|
+ |Task Scheduler API|See the [Task Scheduler](/windows/desktop/TaskSchd/using-the-task-scheduler) documentation|
+ |Windows user interface|In Windows, click **Start**, and type Task Scheduler. Then, in the list of results, right-click **Task Scheduler**, and choose **Run as administrator**.|
#### Example PowerShell script for Task Scheduler
$password=\[Runtime.InteropServices.Marshal\]::PtrToStringAuto(\[Runtime.Interop
\# Register the scheduled task $taskName = 'EDMUpload\_' + $dataStoreName Register-ScheduledTask -TaskName $taskName -InputObject $scheduledTask -User $user -Password $password- ``` ### Part 3: Use EDM-based classification with your Microsoft cloud services
These locations are support EDM sensitive information types:
![Content contains sensitive info types](../media/edm-dlp-newrule-conditions.png)
-11. Search for the sensitive information type you created when you set up your rule package, and then choose **+ Add**.
+11. Search for the sensitive information type you created when you set up your rule package, and then choose **+ Add**.
Then choose **Done**. 12. Finish selecting options for your rule, such as **User notifications**, **User overrides**, **Incident reports**, and so on, and then choose **Save**.
compliance Create Info Mgmt Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-info-mgmt-policies.md
description: Learn how to set up an information management policy to control how
# Create and apply information management policies Information management policies enable your organization to control how long to retain content, to audit what people do with content, and to add barcodes or labels to documents. A policy can help enforce compliance with legal and governmental regulations or internal business processes. As an administrator, you can set up a policy to control how to track documents and how long to retain documents.
-
+ You can create an information management policy can at three different locations in the site hierarchy, from the broadest to the narrowest:
-
+ - Create a policy to use on multiple content types within a site collection.
-
- Create a policy for a site content type.
-
- Create a policy for a list or library.
-
+ For more information, see [Introduction to information management policies](intro-to-info-mgmt-policies.md).
-
+ ## Create a policy for multiple content types within a site collection <a name="__toc261001590"> </a>
-To ensure that an information policy is applied to all documents of a certain type within a site collection, consider creating the policy at the site collection level and then later apply the policy to content types. These are referred to as site collection policies.
-
+To ensure that an information policy is applied to all documents of a certain type within a site collection, consider creating the policy at the site collection level and then later apply the policy to content types. These are referred to as site collection policies.
+ 1. On the site collection home page \> **Settings**![SharePoint 2016 Settings button on title bar.](../media/1c22d2d8-39e0-4930-82c6-c3eee44211d3.png) \> **Site Settings**.
-
- In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
-
-2. On the Site Settings page, under **Site Collection Administration** \> **Content Type Policy Templates**.
-
-![Content Type Policy Template link on Site Settings page](../media/26d3466a-23ec-443f-88f0-2aaff38e992b.png)
-
-3. On the Policies page \> **Create**.
-
+
+ In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
+
+2. On the Site Settings page, under **Site Collection Administration** \> **Content Type Policy Templates**.
+
+ ![Content Type Policy Template link on Site Settings page](../media/26d3466a-23ec-443f-88f0-2aaff38e992b.png)
+
+3. On the Policies page \> **Create**.
+ 4. Enter a name and description for the policy, and then write a brief policy statement that explains to users what the policy is for.
-
-5. See the next section on creating policies for a site content type to learn how to set up the features you want to associate with the policy.
-
+
+5. See the next section on creating policies for a site content type to learn how to set up the features you want to associate with the policy.
+ 6. Choose **OK**.
-
+ ## Create a policy for a site content type <a name="__create_a_policy"> </a> Adding an information management policy to a content type makes it easy to associate policy features with multiple lists or libraries. You can choose to add an existing information management policy to a content type or create a unique policy specific to an individual content type.
-
- You can also add an information management policy to a content type that is specific to lists. This has the effect of applying the policy only to items in that list that are using the content type.
-
+
+ You can also add an information management policy to a content type that is specific to lists. This has the effect of applying the policy only to items in that list that are using the content type.
+ 1. On the site collection home page \> **Settings**![SharePoint 2016 Settings button on title bar.](../media/1c22d2d8-39e0-4930-82c6-c3eee44211d3.png) \> **Site Settings**.
-
- In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
-
+
+ In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
+ 2. On the Site Settings page, under **Web Designer Galleries** \> **Site content types**.
-
-![Site content types link on Site Settings page](../media/6f6fa51f-15d7-4782-b06f-a7b36e874cd3.png)
-
+
+ ![Site content types link on Site Settings page](../media/6f6fa51f-15d7-4782-b06f-a7b36e874cd3.png)
+ 3. On the Site Content Type Settings page, select the content type that you want to add a policy to.
-
+ 4. On the Site Content Type page, under **Settings** \> **Information management policy settings**.
-
+ 5. On the Edit Policy page, enter a name and description for the policy, and then write a brief description that explains to users what the policy is for.
-
-6. In the next sections, select the individual policy features that you want to add to your information management policy.
-
-![Types of content policies](../media/19fcb8a3-974b-40d3-a13f-b76088d122f8.png)
-
+
+6. In the next sections, select the individual policy features that you want to add to your information management policy.
+
+ ![Types of content policies](../media/19fcb8a3-974b-40d3-a13f-b76088d122f8.png)
+ 7. To specify a retention period for documents and items that are subject to this policy, choose **Enable Retention**, and then specify the retention period and the actions that you want to occur when the items expire.
-
- To specify a retention period
-
-||||||**1.**|**Choose **Add a retention stage for records…****|
-|:--|:--|:--|:--|:--|:--|:--|
-||||||2. <br/> | Select a retention period option to specify when documents or items are set to expire. Do one of the following: <br/> To set the expiration date based on a date property, under **Event** \> **This stage is based off a date property on the item**, and then select the document or item action (for example, Created or Modified) and the increment of time after this action (for example, the number of days, months, or years) when you want the item to expire. <br/> To use a custom retention formula to determine expiration, choose **Set by a custom retention formula installed on this server**. <br/> > [!NOTE]> This option is only available if a custom formula has been set up by your administrator. |
-||||||3. <br/> |The **Start a workflow** option is available only if you are defining a policy for a list, library, or content type that already has a workflow associated with it. You will then be given a choice of workflows to choose from. <br/> |
-||||||4. <br/> |In the **Recurrence** section, select **Repeat this stage's action…**and enter how often you want the action to reoccur. <br/> > [!NOTE]> This option is only available if the action you selected can be repeated. For example, you cannot set recurrence for the action **Permanently Delete**. |
-||||||5. <br/> |Chose **OK**. <br/> |
-
-1. To enable auditing for the documents and items that are subject to this policy, choose **Enable Auditing**, and then specify the events you want to audit.
-
- To enable auditing
-
-||||||****1.****|****On the Edit Policy page,** **under** **Auditing** **\>** **Enable auditing** **, and then select the check boxes next to the events you want to keep an audit trail for.****|
-|:--|:--|:--|:--|:--|:--|:--|
-||||||**2.** <br/> |**To prompt users to insert these barcodes into documents,** **choose** **Prompt users to insert a barcode before saving or printing** **.** <br/> |
-||||||**3.** <br/> |**Choose** **OK** ** to apply the auditing feature to the policy. ** <br/> |
-|||||||The Auditing Policy feature enables organizations to create and analyze audit trails for documents and to list items such as task lists, issues lists, discussion groups, and calendars. This policy feature provides an audit log that records events, such as when content is viewed, edited, or deleted. <br/> |
-|||||||When auditing is enabled as part of an information management policy, administrators can view the audit data in policy usage reports that are based in Microsoft Excel and that summarize current usage. Administrators can use these reports to determine how information is being used within the organization. These reports can also help organizations to verify and document their regulatory compliance or to investigate potential concerns. <br/> |
-|||||||The audit log records the following information: event name, date and time of the event, and system name of the user who performed the action. <br/> |
-
-1. When barcodes are enabled as part of a policy, they are added to document properties and displayed in the header area of the document to which the barcode is applied. Like labels, barcodes can also be manually removed from a document. You can specify whether users should be prompted to include the barcode when printing or saving an item or if the barcode should be inserted manually using the **Insert** tab in 2010 Office release programs.
-
- To enable barcodes
-
-||||||****1.****|**On the Edit Policy page, under **Barcodes**\> **Enable Barcodes**.**|
-|:--|:--|:--|:--|:--|:--|:--|
-||||||**2.** <br/> |To prompt users to insert these barcodes into documents, choose **Prompt users to insert a barcode before saving or printing**. <br/> |
-||||||**3.** <br/> |Choose **OK** to apply the barcode feature to the policy. <br/> |
-|||||||
- The barcode policy generates Code 39 standard barcodes. Each barcode image includes text below the barcode symbol that represents the barcode value. This enables the barcode data to be used even when scanning hardware is not available. Users can manually type the barcode number into the search box to locate the item on a site. <br/> |
-
-1. To require that documents that are subject to this policy have labels, choose **Enable Labels**, and then specify the settings that you want for the labels.
-
- To enable labels
-
-||||||**1.**|**To require users to add a label to a document, choose **Prompt users to insert a label before saving or printing**. <br/> > [!NOTE]> If you want labels to be optional, do not select this check box. **|
-|:--|:--|:--|:--|:--|:--|:--|
-||||||2. <br/> |To lock a label so that it cannot be changed after it has been inserted, choose **Prevent changes to labels after they are added**. <br/> This setting prevents the label text from updating once the label has been inserted into an item within a client application such as Word, Excel, or PowerPoint. If you want the label to be updated when the properties for this document or item are updated, do not select this check box. <br/> |
-||||||3. <br/> |In the Label format box, enter the text for the label as you want it to be displayed. Labels can contain up to 10 column references, each of which can be up to 255 characters long. To create the format for your label, do the following: <br/> Type the names of the columns that you want to include in the label in the order in which you want them to appear. Enclose the column names in curly brackets ({}), as shown in the example on the Edit Policy page. <br/> Type words to identify the columns outside the brackets, as shown in the example on the Edit Policy page. <br/> |
-||||||4. <br/> |To add a line break, enter **\n** where you want the line break to appear. <br/> |
-||||||5. <br/> |Select the font size and style that you want, and specify whether you want the label positioned left, center, or right within the document. <br/> Select a font and style that are available on the users' computers. The size of the font affects how much text can be displayed on the label. <br/> |
-||||||6. <br/> |Enter the height and width of the label. Label height can range from .25 inches to 20 inches, and label width can range from .25 inches to 20 inches. Label text is always vertically centered within the label image. <br/> |
-||||||7. <br/> |Choose **Refresh** to preview the label content. <br/> |
-
-1. Choose **OK**.
-
+
+ To specify a retention period:
+
+ 1. Choose **Add a retention stage for records**.
+
+ 2. Select a retention period option to specify when documents or items are set to expire. Do one of the following steps:
+ - To set the expiration date based on a date property, under **Event** \> **This stage is based off a date property on the item**, and then select the document or item action (for example, Created or Modified) and the increment of time after this action (for example, the number of days, months, or years) when you want the item to expire.
+ - To use a custom retention formula to determine expiration, choose **Set by a custom retention formula installed on this server**.
+
+ > [!NOTE]
+ > This option is only available if a custom formula has been set up by your administrator.
+
+ 3. The **Start a workflow** option is available only if you are defining a policy for a list, library, or content type that already has a workflow associated with it. You will then be given a choice of workflows to choose from.
+
+ 4. In the **Recurrence** section, select **Repeat this stage's action…**and enter how often you want the action to reoccur.
+
+ > [!NOTE]
+ > This option is only available if the action you selected can be repeated. For example, you cannot set recurrence for the action **Permanently Delete**.
+
+ 5. Chose **OK**.
+
+8. To enable auditing for the documents and items that are subject to this policy, choose **Enable Auditing**, and then specify the events you want to audit.
+
+ To enable auditing:
+
+ 1. On the Edit Policy page under **Auditing** select **Enable auditing**, and then select the check boxes next to the events you want to keep an audit trail for.
+
+ 2. To prompt users to insert these barcodes into documents, choose **Prompt users to insert a barcode before saving or printing**.
+
+ 3. Choose **OK** to apply the auditing feature to the policy.
+
+ The Auditing Policy feature enables organizations to create and analyze audit trails for documents and to list items such as task lists, issues lists, discussion groups, and calendars. This policy feature provides an audit log that records events, such as when content is viewed, edited, or deleted.
+
+ When auditing is enabled as part of an information management policy, administrators can view the audit data in policy usage reports that are based in Microsoft Excel and that summarize current usage. Administrators can use these reports to determine how information is being used within the organization. These reports can also help organizations to verify and document their regulatory compliance or to investigate potential concerns.
+
+ The audit log records the following information: event name, date and time of the event, and system name of the user who performed the action.
+
+9. When barcodes are enabled as part of a policy, they are added to document properties and displayed in the header area of the document to which the barcode is applied. Like labels, barcodes can also be manually removed from a document. You can specify whether users should be prompted to include the barcode when printing or saving an item or if the barcode should be inserted manually using the **Insert** tab in 2010 Office release programs.
+
+ To enable barcodes:
+
+ 1. On the **Edit Policy** page under **Barcodes**, select **Enable Barcodes**.
+
+ 2. To prompt users to insert these barcodes into documents, choose **Prompt users to insert a barcode before saving or printing**.
+
+ 3. Choose **OK** to apply the barcode feature to the policy.
+
+ The barcode policy generates Code 39 standard barcodes. Each barcode image includes text below the barcode symbol that represents the barcode value. This enables the barcode data to be used even when scanning hardware is not available. Users can manually type the barcode number into the search box to locate the item on a site. <br/> |
+
+10. To require that documents that are subject to this policy have labels, choose **Enable Labels**, and then specify the settings that you want for the labels.
+
+ To enable labels:
+
+ 1. To require users to add a label to a document, choose **Prompt users to insert a label before saving or printing**.
+
+ > [!NOTE]
+ > If you want labels to be optional, do not select this check box.
+
+ 2. To lock a label so that it cannot be changed after it has been inserted, choose **Prevent changes to labels after they are added**.
+
+ This setting prevents the label text from updating once the label has been inserted into an item within a client application such as Word, Excel, or PowerPoint. If you want the label to be updated when the properties for this document or item are updated, do not select this check box.
+
+ 3. In the Label format box, enter the text for the label as you want it to be displayed. Labels can contain up to 10 column references, each of which can be up to 255 characters long. To create the format for your label, do the following steps:
+ - Type the names of the columns that you want to include in the label in the order in which you want them to appear. Enclose the column names in curly brackets ({}), as shown in the example on the Edit Policy page.
+ - Type words to identify the columns outside the brackets, as shown in the example on the Edit Policy page.
+
+ 4. To add a line break, enter **\n** where you want the line break to appear.
+
+ 5. Select the font size and style that you want, and specify whether you want the label positioned left, center, or right within the document.
+
+ Select a font and style that are available on the users' computers. The size of the font affects how much text can be displayed on the label.
+
+ 6. Enter the height and width of the label. Label height can range from .25 inches to 20 inches, and label width can range from .25 inches to 20 inches. Label text is always vertically centered within the label image.
+
+ 7. Choose **Refresh** to preview the label content.
+
+11. Choose **OK**.
+ ## Create a policy for a list, library or folder (location-based retention policy) <a name="__create_a_policy"> </a> You can define a retention policy that applies only to a specific list, library or folder. However, if you create a retention policy this way, you cannot reuse this policy on other lists, libraries, folders or sites, and you cannot apply a site collection policy to a location based policy.
-
+ If you want to apply a single retention policy to all types of content in a single location, you will most likely want to use location-based retention. In most other cases, you will want to verify that a retention policy is specified for all content types.
-
- Each subfolder inherits the retention policy of its parent, unless you choose to break inheritance and define a new retention policy at the child level.
-
+
+Each subfolder inherits the retention policy of its parent, unless you choose to break inheritance and define a new retention policy at the child level.
+ If you want to define an information management policy other than retention to a list or library, you need to define an information management policy for each individual list content type associated with that list or library.
-
- If at any point you decide to switch from content type to location-based policies for a list or library, only the retention policy will be used as the location-based policy. All other management policies (audits, barcodes, and barcodes) will be inherited from the associated content types.
-
- Location based policies can be disabled for a site collection by deactivating the Library and Folder Based Retention feature. This enables site collection administrators to ensure that their content type policies are not overridden by a list administrator's location based policies.
-
+
+If at any point you decide to switch from content type to location-based policies for a list or library, only the retention policy will be used as the location-based policy. All other management policies (audits, barcodes, and barcodes) will be inherited from the associated content types.
+
+Location based policies can be disabled for a site collection by deactivating the Library and Folder Based Retention feature. This enables site collection administrators to ensure that their content type policies are not overridden by a list administrator's location based policies.
+ You need at least the Manage Lists permission to change the information management policy settings for a list or library.
-
-1. Navigate to the list or library for which you want to specify an information management policy.
-
+
+1. Navigate to the list or library for which you want to specify an information management policy.
+ 2. On the ribbon, choose the **Library** or **List** tab \> **Library Settings** or **List Settings**.
-
- In SharePoint Online, click **Settings** and then click **List settings** or **Library settings**.
-
+
+ In SharePoint Online, click **Settings** and then click **List settings** or **Library settings**.
+ 3. Under **Permissions and Management**\> **Information management policy settings**.
-
-![Information management policies link on settings page for document library](../media/9fa6d366-6aab-49e1-a05c-898ac6f536e6.png)
-
-4. On the Information Management Policy Settings page, make sure that the source of retention for the list or library is set to Library and Folders.
-
-If **Content Type** appears as the source, click **Change Source**, and then click **Library and Folders**. You are alerted that content type retention policies will be ignored. Choose **OK**.
-
-5. On the Edit Policy page, under **Library Based Retention Schedule**, enter a brief description for the policy you are creating.
-
+
+ ![Information management policies link on settings page for document library](../media/9fa6d366-6aab-49e1-a05c-898ac6f536e6.png)
+
+4. On the Information Management Policy Settings page, make sure that the source of retention for the list or library is set to Library and Folders.
+
+ If **Content Type** appears as the source, click **Change Source**, and then click **Library and Folders**. You are alerted that content type retention policies will be ignored. Choose **OK**.
+
+5. On the Edit Policy page, under **Library Based Retention Schedule**, enter a brief description for the policy you are creating.
+ 6. Choose **Add a retention stage…**
-
- Note that under Records, you can choose to define different retention policies for records by selecting the Define different retention stages for records option.
-
+
+ Note that under Records, you can choose to define different retention policies for records by selecting the Define different retention stages for records option.
+ 7. In the Stage properties dialog, select a retention period option to specify when documents or items are set to expire. Do one of the following:
-
- - To set the expiration date based on a date property, under **Event** \> **This stage is based off a date property on the item**, and then select the document or item action (for example, Created or Modified) and the increment of time after this action (for example, the number of days, months, or years) when you want the item to expire.
-
- - To use a custom retention formula to determine expiration, choose **Set by a custom retention formula installed on this server**.
-
- > [!NOTE]
- > This option is only available if a custom formula has been set up by your administrator.
-
- - Under **Action**, specify what you want to happen when the document or item expires. To enable a specific action to happen to the document or item (such as deletion), select an action from the list.
-
-8. The **Start a workflow** option is available only if you are defining a policy for a list, library, or content type that already has a workflow associated with it. You will then be given a choice of workflows to choose from.
-
-9. Under **Recurrence**, choose **Repeat this stage's action…**and enter how often you want the action to reoccur.
-
- > [!NOTE]
- > This option is only available if the action you selected can be repeated. For example, you cannot set recurrence for the action **Permanently Delete**.
-
+
+ - To set the expiration date based on a date property, under **Event** \> **This stage is based off a date property on the item**, and then select the document or item action (for example, Created or Modified) and the increment of time after this action (for example, the number of days, months, or years) when you want the item to expire.
+
+ - To use a custom retention formula to determine expiration, choose **Set by a custom retention formula installed on this server**.
+
+ > [!NOTE]
+ > This option is only available if a custom formula has been set up by your administrator.
+
+ - Under **Action**, specify what you want to happen when the document or item expires. To enable a specific action to happen to the document or item (such as deletion), select an action from the list.
+
+8. The **Start a workflow** option is available only if you are defining a policy for a list, library, or content type that already has a workflow associated with it. You will then be given a choice of workflows to choose from.
+
+9. Under **Recurrence**, choose **Repeat this stage's action…**and enter how often you want the action to reoccur.
+
+ > [!NOTE]
+ > This option is only available if the action you selected can be repeated. For example, you cannot set recurrence for the action **Permanently Delete**.
+ 10. Choose **OK**.
-
+ ## Apply a site collection policy to a content type <a name="__apply_a_site"> </a> If information management policies have already been created for your site as site collection policies, you can apply one of the policies to a content type. By doing this, you can apply the same policy to multiple content types in a site collection that do not share the same parent content type.
-
- If you want to apply policies to multiple content types in a site collection, and you have a Managed Metadata Service configured, you can use Content Type Publishing to publish out information management polices to multiple site collections. See the section [Apply a policy across site collections](#apply-a-policy-across-site-collections) for more information.
-
+
+ If you want to apply policies to multiple content types in a site collection, and you have a Managed Metadata Service configured, you can use Content Type Publishing to publish out information management polices to multiple site collections. See the section [Apply a policy across site collections](#apply-a-policy-across-site-collections) for more information.
+ 1. Navigate to the list or library that contains the content type to which you want to apply a policy.
-
+ 2. On the ribbon, choose the **Library** or **List** tab \> **Library Settings** or **List Settings**.
-
- In SharePoint Online, click **Settings** and then click **List settings** or **Library settings**.
-
+
+ In SharePoint Online, click **Settings** and then click **List settings** or **Library settings**.
+ 3. Under **Permissions and Management** \> **Information management policy settings**.
-
-![Information management policies link on settings page for document library](../media/9fa6d366-6aab-49e1-a05c-898ac6f536e6.png)
-
-4. Verify that the policy source is set to **Content Types**, and under **Content Type Policies** select the content type you want to apply the policy to.
-
-5. Under **Specify the Policy** \> **Use a site collection policy**, and then select the policy that you want to apply from the list.
-
- > [!NOTE]
- > If the **Use a site collection policy** option is not available, no site collection policies have been defined for the site collection.
-
+
+ ![Information management policies link on settings page for document library](../media/9fa6d366-6aab-49e1-a05c-898ac6f536e6.png)
+
+4. Verify that the policy source is set to **Content Types**, and under **Content Type Policies** select the content type you want to apply the policy to.
+
+5. Under **Specify the Policy** \> **Use a site collection policy**, and then select the policy that you want to apply from the list.
+
+ > [!NOTE]
+ > If the **Use a site collection policy** option is not available, no site collection policies have been defined for the site collection.
+ 6. Choose **OK**.
-
- If the list or library you are working with supports the management of multiple content types, under **Content Types** you can choose the content type for which you want to specify an information management policy. This will take you directly to Step 5 above.
-
+
+ If the list or library you are working with supports the management of multiple content types, under **Content Types** you can choose the content type for which you want to specify an information management policy. This will take you directly to Step 5 above.
+ ## Apply a policy across site collections <a name="__toc260646789"> </a> Share content types across site collections by using a Managed Metadata service application to set up content type publishing. Content type publishing helps you manage content and metadata consistently across your sites because content types can be created and updated centrally, and updates can be published out to multiple subscribing site collections or Web applications.
-
+ ## Create a template from an existing policy to use across site collections <a name="__toc262125409"> </a> You can define an information management policy and then create a template from it to use as needed across multiple site collections. This method can be used if you want to have a backup of your information policies, or it can also be used as an alternate method to using content type publishing for applying one policy across site collections. You create a template or backup of the policy by exporting the policy from one site collection and then importing it to a saved location or to another site collection.
-
+ > [!IMPORTANT]
-> If you using the export/import feature as a way to make a set of policy templates, keep in mind that a unique identifier exists in the policy .xml file. Because of this, you cannot import that policy into a site more than once without changing this unique identifier.
-
+> If you using the export/import feature as a way to make a set of policy templates, keep in mind that a unique identifier exists in the policy .xml file. Because of this, you cannot import that policy into a site more than once without changing this unique identifier.
+ ### Export a policy <a name="__toc260646790"> </a> 1. On the site collection home page, choose **Settings**![Small Settings gear that took the place of Site Settings.](../media/a47a06c3-83fb-46b2-9c52-d1bad63e3e60.png)\> **Site Settings**.
-
- In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
-
-2. On the Site Settings page, under **Site Collection Administration** \> **Content Type Policy Templates**.
-
-![Content Type Policy Template link on Site Settings page](../media/26d3466a-23ec-443f-88f0-2aaff38e992b.png)
-
+
+ In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
+
+2. On the Site Settings page, under **Site Collection Administration** \> **Content Type Policy Templates**.
+
+ ![Content Type Policy Template link on Site Settings page](../media/26d3466a-23ec-443f-88f0-2aaff38e992b.png)
+ 3. Choose the policy you want to export \> scroll to the bottom \> **Export**.
-
+ 4. At the prompt to save or open the file, choose **Save**, and then select a location to save the file to. Be sure to select a location that is available to the site collections that are importing the policy.
-
+ 5. When the Download Complete dialog is displayed, choose **Close**.
-
+ ### Import a policy to a different site collection <a name="__toc260646791"> </a> Importing an information management policy enables you to apply it to multiple content types at the site or list level within any given site collection. The benefits of doing this are twofold: you don't have to re-define and apply the policy on each content type, and you can more easily manage policy modifications by making changes to the policy in just one place.
-
+ 1. On the home page of the site collection to which you want to apply the policy, choose **Settings**![Small Settings gear that took the place of Site Settings.](../media/a47a06c3-83fb-46b2-9c52-d1bad63e3e60.png)\> **Site Settings**.
-
- In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
-
+
+ In a SharePoint group-connected site, click **Settings**, click **Site Contents**, and then click **Site Settings**.
+ 2. On the Site Settings page, under **Site Collection Administration** \> **Content Type Policy Templates**.
-
-3. On the Policies page \> **Import** \> **Browse** to find the XML file for the policy.
-
-4. Select the XML file in which the policy has been saved \> **Open**.
-
-5. On the Import a Site Collection Policy page \> **Import** to add the policy to the site collection.
-
-Your imported policy can now be applied to one or many content types at the site or list level.
-
+
+3. On the Policies page \> **Import** \> **Browse** to find the XML file for the policy.
+
+4. Select the XML file in which the policy has been saved \> **Open**.
+
+5. On the Import a Site Collection Policy page \> **Import** to add the policy to the site collection.
+
+Your imported policy can now be applied to one or many content types at the site or list level.
+ Information management policies enable your organization to control how long to retain content, to audit what people do with content, and to add barcodes or labels to documents. A policy can help enforce compliance with legal and governmental regulations or internal business processes. As an administrator, you can set up a policy to control how to track documents and how long to retain documents. You can create an information management policy can at three different locations in the site hierarchy, from the broadest to the narrowest:+ - Create a policy to use on multiple content types within a site collection. - Create a policy for a site content type. - Create a policy for a list or library. For more information, see [Introduction to information management policies](intro-to-info-mgmt-policies.md).
-
-
compliance Create Retention Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-policies.md
When you have more than one retention policy, and when you also use retention la
2. Select **New retention policy** to start the Create retention policy wizard, and name your new retention policy.
-3. For the **Choose locations to apply the policy** page, select one or both of the locations for Teams: **Teams channel message** and **Teams chats**.
-
- For **Teams channel messages**, message from standard channels but not [private channels](/microsoftteams/private-channels) are included. Currently, private channels aren't supported by retention policies.
-
+3. For the **Choose locations to apply the policy** page, select any or all of the locations for Teams:
+ - **Teams channel message**: Messages from standard channel chats and standard channel meetings, but not from [private channels](/microsoftteams/private-channels) that have their own policy location.
+ - **Teams chats**: Messages from private 1:1 chats, group chats, and meeting chats.
+ - **Teams private channel messages**: Messages from private channel chats and private channel meetings. This option is currently rolling out in preview and if you don't see it displayed, try again in a few days.
+
By default, [all teams and all users are selected](#a-policy-that-applies-to-entire-locations), but you can refine this by selecting the [**Choose** and **Exclude** options](#a-policy-with-specific-inclusions-or-exclusions). However, before you change the default, be aware of the following consequences for a retention policy that deletes messages when it's configured for includes or excludes:
- - For group chats, because a copy of messages are saved in each user's mailbox who are included in the chat, copies of messages will continue to be returned in eDiscovery results from users who weren't assigned the policy.
+ - For group chat messages and private channel messages, because a copy of messages are saved in each user's mailbox who are included in the chat, copies of messages will continue to be returned in eDiscovery results from users who weren't assigned the policy.
- For users who weren't assigned the policy, deleted messages will be returned in their Teams search results but won't display the contents of the message as a result of the permanent deletion from the policy assigned to users. 4. For **Decide if you want to retain content, delete it, or both** page of the wizard, specify the configuration options for retaining and deleting content.
Use the following instructions for retention policies that apply to any of these
#### Configuration information for Exchange email and Exchange public folders
-The **Exchange email** location supports retention for users' email, calendar, and other mailbox items, by applying retention settings at the level of a mailbox.
+The **Exchange email** location supports retention for users' email, calendar, and other mailbox items, by applying retention settings at the level of a mailbox. Shared mailboxes are also supported.
+
+When you apply the retention settings to **All recipients**, any [inactive mailboxes](create-and-manage-inactive-mailboxes.md) are included. However, if you change this default and configure [specific inclusions or exclusions](#a-policy-with-specific-inclusions-or-exclusions), inactive mailboxes aren't supported and retention settings won't be applied or excluded for those mailboxes.
+
+Additionally, resource mailboxes and Microsoft 365 group mailboxes are not supported for the **All recipients** default, or for specific inclusions or exclusions. For Microsoft 365 group mailboxes, select the **Microsoft 365 Groups** location instead.
-For detailed information about which items are included and excluded when you configure retention settings for Exchange, see [What's included for retention and deletion](retention-policies-exchange.md#whats-included-for-retention-and-deletion)
+If you do choose recipients to include or exclude, you can select distribution groups and email-enabled security groups. Behind the scenes, these groups are automatically expanded at the time of configuration to select the mailboxes of the users in the group. If the membership of those groups later change, an existing retention policy isn't automatically updated.
-Note that even though a Microsoft 365 group has an Exchange mailbox, a retention policy that includes the entire **Exchange email** location won't include content in Microsoft 365 group mailboxes. To retain content in these mailboxes, select the **Microsoft 365 Groups** location.
+For detailed information about which mailbox items are included and excluded when you configure retention settings for Exchange, see [What's included for retention and deletion](retention-policies-exchange.md#whats-included-for-retention-and-deletion)
The **Exchange public folders** location applies retention settings to all public folders and can't be applied at the folder or mailbox level.
compliance Create Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-sensitivity-labels.md
The global admin for your organization has full permissions to create and manage
## Create and configure sensitivity labels 1. In your labeling admin center, navigate to sensitivity labels:
-
+ - Microsoft 365 compliance center: - **Solutions** > **Information protection**
-
+ If you don't immediately see this option, first select **Show all**.
-
+ - Security & Compliance Center: - **Classification** > **Sensitivity labels** 2. On the **Labels** page, select **+ Create a label** to start the New sensitivity label wizard.
-
+ For example, from the Microsoft 365 compliance center:
-
+ ![Create a sensitivity label](../media/create-sensitivity-label-full.png)
-
+ > [!NOTE]
- > By default, tenants don't have any labels and you must create them. The labels in the example picture show default labels that were [migrated from Azure Information Protection](/azure/information-protection/configure-policy-migrate-labels).
+ > By default, tenants don't have any labels and you must create them. The labels in the example picture show default labels that were [migrated from Azure Information Protection](/azure/information-protection/configure-policy-migrate-labels).
3. On the **Define the scope for this label** page, the options selected determine the label's scope for the settings that you can configure and where they will be visible when they are published:
-
+ ![Scopes for sensitivity labels](../media/sensitivity-labels-scopes.png)
-
+ - If **Files & emails** is selected, you can configure settings in this wizard that apply to apps that support sensitivity labels, such as Office Word and Outlook. If this option isn't selected, the wizard displays the first page of these settings but you can't configure them and the labels won't be available for users to select in these apps.
-
+ - If **Groups & sites** is selected, you can configure settings in this wizard that apply to Microsoft 365 groups, and sites for Teams and SharePoint. If this option isn't selected, the wizard displays the first page of these settings but you can't configure them and the labels won't be available for users to select for groups and site.
-
+ For information about the **Azure Purview assets (preview)** scope, see [Automatically label your content in Azure Purview](/azure/purview/create-sensitivity-label). 4. Follow the prompts in the wizard for the label settings.
-
+ For more information about the label settings, see [What sensitivity labels can do](sensitivity-labels.md#what-sensitivity-labels-can-do) from the overview information and use the help in the wizard for individual settings. 5. Repeat these steps to create more labels. However, if you want to create a sublabel, first select the parent label and select **...** for **More actions**, and then select **Add sub label**.
For the languages that you need to support, use the Office [language identifiers
Before you run the commands in PowerShell, you must first [connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell). - ```powershell $Languages = @("fr-fr","it-it","de-de") $DisplayNames=@("Publique","Publico","Oeffentlich")
Set-Label -Identity $Label -LocaleSettings (ConvertTo-Json $DisplayNameLocaleSet
## Publish sensitivity labels by creating a label policy 1. In your labeling admin center, navigate to sensitivity labels:
-
+ - Microsoft 365 compliance center: - **Solutions** > **Information protection**
-
+ If you don't immediately see this option, first select **Show all**.
-
+ - Security & Compliance Center: - **Classification** > **Sensitivity labels** 2. Select the **Label policies** tab, and then **Publish labels** to start the Create policy wizard:
-
+ For example, from the Microsoft 365 compliance center:
-
+ ![Publish labels](../media/publish-sensitivity-labels-full.png)
-
+ > [!NOTE]
- > By default, tenants don't have any label policies and you must create them.
+ > By default, tenants don't have any label policies and you must create them.
3. In the wizard, select **Choose sensitivity labels to publish**. Select the labels that you want to make available in apps and to services, and then select **Add**.
-
+ > [!IMPORTANT] > If you select a sublabel, make sure you also select its parent label.
-
+ 4. Review the selected labels and to make any changes, select **Edit**. Otherwise, select **Next**. 5. Follow the prompts to configure the policy settings.
-
+ The policy settings that you see match the scope of the labels that you selected. For example, if you selected labels that have just the **Files & emails** scope, you don't see the policy settings **Apply this label by default to groups and sites** and **Require users to apply a label to their groups and sites**.
-
+ For more information about these settings, see [What label policies can do](sensitivity-labels.md#what-label-policies-can-do) from the overview information and use the help in the wizard for individual settings.
-
+ For labels configured for **Azure Purview assets (preview)**: These labels don't have any associated policy settings.
-7. Repeat these steps if you need different policy settings for different users or scopes. For example, you want additional labels for a group of users, or a different default label for a subset of users. Or, if you have configured labels to have different scopes.
+6. Repeat these steps if you need different policy settings for different users or scopes. For example, you want additional labels for a group of users, or a different default label for a subset of users. Or, if you have configured labels to have different scopes.
-8. If you create more than one label policy that might result in a conflict for a user, review the policy order and if necessary, move them up or down. To change the order of a label policy, select **...** for **More actions**, and then select **Move up** or **Move down**. For more information, see [Label policy priority (order matters)](sensitivity-labels.md#label-policy-priority-order-matters) from the overview information.
+7. If you create more than one label policy that might result in a conflict for a user, review the policy order and if necessary, move them up or down. To change the order of a label policy, select **...** for **More actions**, and then select **Move up** or **Move down**. For more information, see [Label policy priority (order matters)](sensitivity-labels.md#label-policy-priority-order-matters) from the overview information.
Completing the wizard automatically publishes the label policy. To make changes to a published policy, simply edit it. There is no specific publish or republish action for you to select.
compliance Data Governance Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-governance-recommendations.md
- SPO_Content localization_priority: Priority
+search.appverid:
- MOE150 - MET150
This topic lists the data-governance recommendations you might see and describes
## Clean up voicemail
-This recommendation appears when email messages identified as the message type 'voicemail' are detected in users' mailboxes. Learn more about [message properties in Exchange](/exchange/policy-and-compliance/ediscovery/message-properties-and-search-operators?view=exchserver-2019#searchable-properties-in-exchange).
+This recommendation appears when email messages identified as the message type 'voicemail' are detected in users' mailboxes. Learn more about [message properties in Exchange](/exchange/policy-and-compliance/ediscovery/message-properties-and-search-operators#searchable-properties-in-exchange).
-## Label attorney-client privilege content
+## Label attorney-client privilege content
This recommendation appears when either of the following criteria are met. - Any of combination of these keywords is detected in the body of an email message:
- - ACP
- - Attorney Client Privilege
- - Attorney-Client Privilege
- - Attorney-Client Privileged
+ - ACP
+ - Attorney Client Privilege
+ - Attorney-Client Privilege
+ - Attorney-Client Privileged
- Any combination of these keywords are detected in SharePoint or OneDrive files:
- - ACP
- - Attorney Client Privilege*
- - AC Privilege
+ - ACP
+ - Attorney Client Privilege*
+ - AC Privilege
## Retain audio files
This recommendation appears when any of the following file types are detected in
- .PNM - .WEBP
-## Retain NDA content
+## Retain NDA content
This recommendation appears when either of the following criteria are met. - Any of combination of these keywords is detected in the body of an email message:
- - NDA
- - "Non-Disclosure Agreement"
- - "Non Disclosure Agreement"
+ - NDA
+ - "Non-Disclosure Agreement"
+ - "Non Disclosure Agreement"
- Any combination of these keywords are detected in .PDF or .DOC files in SharePoint or OneDrive:
- - NDA
- - Non Disclosure Agreement
+ - NDA
+ - Non Disclosure Agreement
## Retain software development files
This recommendation appears when any of the following file types are detected in
- .MPG2 - .MPG4 - .WMV-- .XMV
+- .XMV
compliance Dlp Chrome Get Started https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-chrome-get-started.md
This is the recommended method.
Get-Item -path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Miscellaneous Configuration" | New-ItemProperty -Name DlpDisableBrowserCache -Value 0 -Force ```
-2. Navigate to [Microsoft Compliance Extension - Chrome Web Store (google.com)](https://chrome.google.com/webstore/detail/microsoft-compliance-exte/echcggldkblhodogklpincgchnpgcdco).
+2. Navigate to [Microsoft Compliance Extension - Chrome Web Store (google.com)](https://chrome.google.com/webstore/detail/microsoft-compliance-exte/echcggldkblhodogklpincgchnpgcdco).
-3. Install the extension using the instructions on the Chrome Web Store page.
+3. Install the extension using the instructions on the Chrome Web Store page.
### Deploy using Microsoft Endpoint Manager Use this setup method for organization-wide deployments. - ##### Enabling Required Registry Key via Microsoft Endpoint Manager
-1. Create a PowerShell script with the following contents:
+1. Create a PowerShell script with the following contents:
```powershell Get-Item -path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Miscellaneous Configuration" | New-ItemProperty -Name DlpDisableBrowserCache -Value 0 -Force ```
-2. Sign in to the [Microsoft Endpoint Manager Admin Center](https://endpoint.microsoft.com).
+2. Sign in to the [Microsoft Endpoint Manager Admin Center](https://endpoint.microsoft.com).
-3. Navigate to **Devices** > **Scripts** and select **Add**.
+3. Navigate to **Devices** > **Scripts** and select **Add**.
-4. Browse to the location of the script created when prompted.
+4. Browse to the location of the script created when prompted.
-5. Select the following settings:
+5. Select the following settings:
1. Run this script using the logged-on credentials: YES 1. Enforce script signature check: NO 1. Run script in 64-bit PowerShell Host: YES
-6. Select the proper device groups and apply the policy.
+6. Select the proper device groups and apply the policy.
#### Microsoft Endpoint Manager Force Install Steps
Before adding the Microsoft Compliance Extension to the list of force-installed
After ingesting the ADMX, the steps below can be followed to create a configuration profile for this extension.
-1. Sign in to the Microsoft Endpoint Manager Admin Center (https://endpoint.microsoft.com).
+1. Sign in to the Microsoft Endpoint Manager Admin Center (https://endpoint.microsoft.com).
-2. Navigate to Configuration Profiles.
+2. Navigate to Configuration Profiles.
-3. Select **Create Profile**.
+3. Select **Create Profile**.
-4. Select **Windows 10** as the platform.
+4. Select **Windows 10** as the platform.
-5. Select **Custom** as profile type.
+5. Select **Custom** as profile type.
-6. Select the **Settings** tab.
+6. Select the **Settings** tab.
-7. Select **Add**.
+7. Select **Add**.
-8. Enter the following policy information.
+8. Enter the following policy information.
OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~Extensions/ExtensionInstallForcelist`<br/> Data type: `String`<br/> Value: `<enabled/><data id="ExtensionInstallForcelistDesc" value="1&#xF000; echcggldkblhodogklpincgchnpgcdco;https://clients2.google.com/service/update2/crx"/>`
-9. Click create.
+9. Click create.
### Deploy using Group Policy
If you don't want to use Microsoft Endpoint Manager, you can use group policies
1. Your devices must be manageable via Group Policy, and you need to import all Chrome ADMXs into the Group Policy Central Store. For more information, see [How to create and manage the Central Store for Group Policy Administrative Templates in Windows](/troubleshoot/windows-client/group-policy/create-and-manage-central-store).
-2. Create a PowerShell script using this PowerShell command:
+2. Create a PowerShell script using this PowerShell command:
```powershell Get-Item -path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Miscellaneous Configuration" | New-ItemProperty -Name DlpDisableBrowserCache -Value 0 -Force ```
-3. Open the **Group Policy Management Console** and navigate to your organizational unit (OU).
+3. Open the **Group Policy Management Console** and navigate to your organizational unit (OU).
-4. Right-click and select **Create a GPO in this domain and Link it here**. When prompted, assign a descriptive name to this group policy object (GPO) and finish creating it.
+4. Right-click and select **Create a GPO in this domain and Link it here**. When prompted, assign a descriptive name to this group policy object (GPO) and finish creating it.
-5. Right-click the GPO and select **Edit**.
+5. Right-click the GPO and select **Edit**.
-6. Go to **Computer Configuration** > **Preferences** > **Control Panel Settings** > **Scheduled Tasks**.
+6. Go to **Computer Configuration** > **Preferences** > **Control Panel Settings** > **Scheduled Tasks**.
-7. Create a new immediate task by selecting right-clicking and selecting **New** > **Immediate Task (At least Windows 7)**.
+7. Create a new immediate task by selecting right-clicking and selecting **New** > **Immediate Task (At least Windows 7)**.
-8. Give the task a name & description.
+8. Give the task a name & description.
-9. Choose the corresponding account to run the immediate task, for example NT Authority
+9. Choose the corresponding account to run the immediate task, for example NT Authority
-10. Select **Run with highest privileges**.
+10. Select **Run with highest privileges**.
-11. Configure the policy for Windows 10.
+11. Configure the policy for Windows 10.
-12. In the **Actions** tab, select the action **Start a program**.
+12. In the **Actions** tab, select the action **Start a program**.
-13. Enter the path to the Program/Script created in Step 1.
+13. Enter the path to the Program/Script created in Step 1.
-14. Select **Apply**.
+14. Select **Apply**.
#### Adding the Chrome Extension to the ForceInstall List
-1. In the Group Policy Management Editor, navigate to your OU.
+1. In the Group Policy Management Editor, navigate to your OU.
-2. Expand the following path **Computer/User configuration** > **Policies** > **Administrative templates** > **Classic administrative templates** > **Google** > **Google Chrome** > **Extensions**. This path may vary depending on your configuration.
+2. Expand the following path **Computer/User configuration** > **Policies** > **Administrative templates** > **Classic administrative templates** > **Google** > **Google Chrome** > **Extensions**. This path may vary depending on your configuration.
-3. Select **Configure the list of force-installed extensions**.
+3. Select **Configure the list of force-installed extensions**.
-4. Right click and select **Edit**.
+4. Right click and select **Edit**.
-5. Select **Enabled**.
+5. Select **Enabled**.
-6. Select **Show**.
+6. Select **Show**.
-7. Under **Value**, add the following entry: `echcggldkblhodogklpincgchnpgcdco;https://clients2.google.com/service/update2/crx`
+7. Under **Value**, add the following entry: `echcggldkblhodogklpincgchnpgcdco;https://clients2.google.com/service/update2/crx`
-8. Select **OK** and then **Apply**.
+8. Select **OK** and then **Apply**.
### Test the Extension
compliance Dlp Conditions And Exceptions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-conditions-and-exceptions.md
The tables in the following sections describe the conditions and exceptions that
### Senders -
-|**condition or exception in DLP** |**condition/exception parameters in Microsoft 365 PowerShell** |**property type** |**description**|
-|||||
-|Sender is |condition: *From* <br/> exception: *ExceptIfFrom* |Addresses | Messages that are sent by the specified mailboxes, mail users, mail contacts, or Microsoft 365 groups in the organization.|
-|Sender IP address is |condition: *SenderIPRanges*<br/> exception: *ExceptIfSenderIPRanges* | IPAddressRanges | Messages where the sender's IP address matches the specified IP address, or falls within the specified IP address range. |
-|Sender address contains words | condition: *FromAddressContainsWords* <br/> exception: *ExceptIfFromAddressContainsWords* | Words | Messages that contain the specified words in the sender's email address.|
-| Sender address matches patterns | condition: *FromAddressMatchesPatterns* <br/> exception: *ExceptFromAddressMatchesPatterns* | Patterns | Messages where the sender's email address contains text patterns that match the specified regular expressions. |
-|Sender domain is | condition: *SenderDomainIs* <br/> exception: *ExceptIfSenderDomainIs* |DomainName | Messages where the domain of the sender's email address matches the specified value. If you need to find sender domains that *contain* the specified domain (for example, any subdomain of a domain), use **The sender address matches**(*FromAddressMatchesPatterns*) condition and specify the domain by using the syntax: '\.domain\.com$'. |
-|Sender scope | condition: *FromScope* <br/> exception: *ExceptIfFromScope* | UserScopeFrom | Messages that are sent by either internal or external senders. |
+<br>
+
+****
+
+|condition or exception in DLP|condition/exception parameters in Microsoft 365 PowerShell|property type|description|
+|||||
+|Sender is|condition: *From* <br/> exception: *ExceptIfFrom*|Addresses|Messages that are sent by the specified mailboxes, mail users, mail contacts, or Microsoft 365 groups in the organization.|
+|Sender IP address is|condition: *SenderIPRanges*<br/> exception: *ExceptIfSenderIPRanges*|IPAddressRanges|Messages where the sender's IP address matches the specified IP address, or falls within the specified IP address range.|
+|Sender address contains words|condition: *FromAddressContainsWords* <br/> exception: *ExceptIfFromAddressContainsWords*|Words|Messages that contain the specified words in the sender's email address.|
+|Sender address matches patterns|condition: *FromAddressMatchesPatterns* <br/> exception: *ExceptFromAddressMatchesPatterns*|Patterns|Messages where the sender's email address contains text patterns that match the specified regular expressions.|
+|Sender domain is|condition: *SenderDomainIs* <br/> exception: *ExceptIfSenderDomainIs*|DomainName|Messages where the domain of the sender's email address matches the specified value. If you need to find sender domains that *contain* the specified domain (for example, any subdomain of a domain), use **The sender address matches**(*FromAddressMatchesPatterns*) condition and specify the domain by using the syntax: '\.domain\.com$'.|
+|Sender scope|condition: *FromScope* <br/> exception: *ExceptIfFromScope*|UserScopeFrom|Messages that are sent by either internal or external senders.|
|The sender's specified properties include any of these words|condition: *SenderADAttributeContainsWords* <br/> exception: *ExceptIfSenderADAttributeContainsWords*|First property: `ADAttribute` <p> Second property: `Words`|Messages where the specified Active Directory attribute of the sender contains any of the specified words.| |The sender's specified properties match these text patterns|condition: *SenderADAttributeMatchesPatterns* <br/> exception: *ExceptIfSenderADAttributeMatchesPatterns*|First property: `ADAttribute` <p> Second property: `Patterns`|Messages where the specified Active Directory attribute of the sender contains text patterns that match the specified regular expressions.|
+|
### Recipients
-|**condition or exception in DLP**| **condition/exception parameters in Microsoft 365 PowerShell** | **property type** | **description**|
-|||||
-|Recipient is| condition: *SentTo* <br/> exception: *ExceptIfSentTo* | Addresses | Messages where one of the recipients is the specified mailbox, mail user, or mail contact in the organization. The recipients can be in the **To**, **Cc**, or **Bcc** fields of the message.|
-|Recipient domain is| condition: *RecipientDomainIs* <br/> exception: *ExceptIfRecipientDomainIs* | DomainName | Messages where the domain of the recipient's email address matches the specified value.|
-|Recipient address contains words| condition: *AnyOfRecipientAddressContainsWords* <br/> exception: *ExceptIfAnyOfRecipientAddressContainsWords*| Words| Messages that contain the specified words in the recipient's email address. <br/>**Note**: This condition doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.|
-|Recipient address matches patterns| condition: *AnyOfRecipientAddressMatchesPatterns* <br/> exception: *ExceptIfAnyOfRecipientAddressMatchesPatterns*| Patterns |Messages where a recipient's email address contains text patterns that match the specified regular expressions. <br/> **Note**: This condition doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.|
-|Sent to member of| condition: *SentToMemberOf* <br/> exception: *ExceptIfSentToMemberOf*| Addresses| Messages that contain recipients who are members of the specified distribution group, mail-enabled security group, or Microsoft 365 group. The group can be in the **To**, **Cc**, or **Bcc** fields of the message.|
+<br>
+
+****
+
+|condition or exception in DLP|condition/exception parameters in Microsoft 365 PowerShell|property type|description|
+|||||
+|Recipient is|condition: *SentTo* <br/> exception: *ExceptIfSentTo*|Addresses|Messages where one of the recipients is the specified mailbox, mail user, or mail contact in the organization. The recipients can be in the **To**, **Cc**, or **Bcc** fields of the message.|
+|Recipient domain is|condition: *RecipientDomainIs* <br/> exception: *ExceptIfRecipientDomainIs*|DomainName|Messages where the domain of the recipient's email address matches the specified value.|
+|Recipient address contains words|condition: *AnyOfRecipientAddressContainsWords* <br/> exception: *ExceptIfAnyOfRecipientAddressContainsWords*|Words|Messages that contain the specified words in the recipient's email address. <br/>**Note**: This condition doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.|
+|Recipient address matches patterns|condition: *AnyOfRecipientAddressMatchesPatterns* <br/> exception: *ExceptIfAnyOfRecipientAddressMatchesPatterns*|Patterns|Messages where a recipient's email address contains text patterns that match the specified regular expressions. <br/> **Note**: This condition doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.|
+|Sent to member of|condition: *SentToMemberOf* <br/> exception: *ExceptIfSentToMemberOf*|Addresses|Messages that contain recipients who are members of the specified distribution group, mail-enabled security group, or Microsoft 365 group. The group can be in the **To**, **Cc**, or **Bcc** fields of the message.|
+|
### Message subject or body
-|**condition or exception in DLP** | **condition/exception parameters in Microsoft 365 PowerShell** |**property type**| **description**|
-|||||
-|Subject contains words or phrases| condition: *SubjectContainsWords* <br/> exception: *ExceptIf SubjectContainsWords*| Words |Messages that have the specified words in the Subject field.|
-|Subject matches patterns|condition: *SubjectMatchesPatterns* <br/> exception: *ExceptIf SubjectMatchesPatterns*|Patterns |Messages where the Subject field contain text patterns that match the specified regular expressions.|
-|Content contains| condition: *ContentContainsSensitiveInformation* <br/> exception *ExceptIfContentContainsSensitiveInformation*| SensitiveInformationTypes| Messages or documents that contain sensitive information as defined by data loss prevention (DLP) policies.|
-| Subject or Body matches pattern | condition: *SubjectOrBodyMatchesPatterns* <br/> exception: *ExceptIfSubjectOrBodyMatchesPatterns* | Patterns | Messages where the subject field or message body contains text patterns that match the specified regular expressions. |
-| Subject or Body contains words | condition: *SubjectOrBodyContainsWords* <br/> exception: *ExceptIfSubjectOrBodyContainsWords* | Words | Messages that have the specified words in the subject field or message body |
+<br>
+****
+
+|condition or exception in DLP|condition/exception parameters in Microsoft 365 PowerShell|property type|description|
+|||||
+|Subject contains words or phrases|condition: *SubjectContainsWords* <br/> exception: *ExceptIf SubjectContainsWords*|Words|Messages that have the specified words in the Subject field.|
+|Subject matches patterns|condition: *SubjectMatchesPatterns* <br/> exception: *ExceptIf SubjectMatchesPatterns*|Patterns|Messages where the Subject field contain text patterns that match the specified regular expressions.|
+|Content contains|condition: *ContentContainsSensitiveInformation* <br/> exception *ExceptIfContentContainsSensitiveInformation*|SensitiveInformationTypes|Messages or documents that contain sensitive information as defined by data loss prevention (DLP) policies.|
+|Subject or Body matches pattern|condition: *SubjectOrBodyMatchesPatterns* <br/> exception: *ExceptIfSubjectOrBodyMatchesPatterns*|Patterns|Messages where the subject field or message body contains text patterns that match the specified regular expressions.|
+|Subject or Body contains words|condition: *SubjectOrBodyContainsWords* <br/> exception: *ExceptIfSubjectOrBodyContainsWords*|Words|Messages that have the specified words in the subject field or message body|
+|
### Attachments
-|**condition or exception in DLP**| **condition/exception parameters in Microsoft 365 PowerShell**| **property type** |**description**|
-|||||
-|Attachment is password protected|condition: *DocumentIsPasswordProtected* <br/> exception: *ExceptIfDocumentIsPasswordProtected*|none| Messages where an attachment is password protected (and therefore can't be scanned). Password detection only works for Office documents, .zip files, and .7z files.|
-|AttachmentΓÇÖs file extension is|condition: *ContentExtensionMatchesWords* <br/> exception: *ExceptIfContentExtensionMatchesWords*| Words |Messages where an attachment's file extension matches any of the specified words.|
-|Any email attachmentΓÇÖs content could not be scanned|condition: *DocumentIsUnsupported* <br/>exception: *ExceptIf DocumentIsUnsupported*| n/a| Messages where an attachment isn't natively recognized by Exchange Online.|
-|Any email attachmentΓÇÖs content didnΓÇÖt complete scanning| condition: *ProcessingLimitExceeded* <br/> exception: *ExceptIfProcessingLimitExceeded*| n/a |Messages where the rules engine couldn't complete the scanning of the attachments. You can use this condition to create rules that work together to identify and process messages where the content couldn't be fully scanned.|
-|Document name contains words|condition: *DocumentNameMatchesWords* <br/> exception: *ExceptIfDocumentNameMatchesWords* |Words |Messages where an attachment's file name matches any of the specified words.|
-|Document name matches patterns|condition: *DocumentNameMatchesPatterns* <br/> exception: *ExceptIfDocumentNameMatchesPatterns*| Patterns |Messages where an attachment's file name contains text patterns that match the specified regular expressions.|
-|Document property is|condition: *ContentPropertyContainsWords* <br/> exception: *ExceptIfContentPropertyContainsWords* |Words| Messages or documents where an attachment's file extension matches any of the specified words.|
-|Document size equals or is greater than| condition: *DocumentSizeOver* <br/> exception: *ExceptIfDocumentSizeOver*| Size |Messages where any attachment is greater than or equal to the specified value.|
-|Any attachment's content includes any of these words| condition: *DocumentContainsWords* <br/> exception: *ExceptIfDocumentContainsWords* |`Words`|Messages where an attachment contains the specified words.|
-|Any attachments content matches these text patterns|condition: *DocumentMatchesPatterns* <br/> exception: *ExceptIfDocumentMatchesPatterns* |`Patterns`|Messages where an attachment contains text patterns that match the specified regular expressions. |
+<br>
+
+****
+
+|condition or exception in DLP|condition/exception parameters in Microsoft 365 PowerShell|property type|description|
+|||||
+|Attachment is password protected|condition: *DocumentIsPasswordProtected* <br/> exception: *ExceptIfDocumentIsPasswordProtected*|none|Messages where an attachment is password protected (and therefore can't be scanned). Password detection only works for Office documents, .zip files, and .7z files.|
+|AttachmentΓÇÖs file extension is|condition: *ContentExtensionMatchesWords* <br/> exception: *ExceptIfContentExtensionMatchesWords*|Words|Messages where an attachment's file extension matches any of the specified words.|
+|Any email attachmentΓÇÖs content could not be scanned|condition: *DocumentIsUnsupported* <br/>exception: *ExceptIf DocumentIsUnsupported*|n/a|Messages where an attachment isn't natively recognized by Exchange Online.|
+|Any email attachmentΓÇÖs content didnΓÇÖt complete scanning|condition: *ProcessingLimitExceeded* <br/> exception: *ExceptIfProcessingLimitExceeded*|n/a|Messages where the rules engine couldn't complete the scanning of the attachments. You can use this condition to create rules that work together to identify and process messages where the content couldn't be fully scanned.|
+|Document name contains words|condition: *DocumentNameMatchesWords* <br/> exception: *ExceptIfDocumentNameMatchesWords*|Words|Messages where an attachment's file name matches any of the specified words.|
+|Document name matches patterns|condition: *DocumentNameMatchesPatterns* <br/> exception: *ExceptIfDocumentNameMatchesPatterns*|Patterns|Messages where an attachment's file name contains text patterns that match the specified regular expressions.|
+|Document property is|condition: *ContentPropertyContainsWords* <br/> exception: *ExceptIfContentPropertyContainsWords*|Words|Messages or documents where an attachment's file extension matches any of the specified words.|
+|Document size equals or is greater than|condition: *DocumentSizeOver* <br/> exception: *ExceptIfDocumentSizeOver*|Size|Messages where any attachment is greater than or equal to the specified value.|
+|Any attachment's content includes any of these words|condition: *DocumentContainsWords* <br/> exception: *ExceptIfDocumentContainsWords*|`Words`|Messages where an attachment contains the specified words.|
+|Any attachments content matches these text patterns|condition: *DocumentMatchesPatterns* <br/> exception: *ExceptIfDocumentMatchesPatterns*|`Patterns`|Messages where an attachment contains text patterns that match the specified regular expressions.|
+|
### Message Headers
-|**condition or exception in DLP**| **condition/exception parameters in Microsoft 365 PowerShell**| **property type**| **description**|
-|||||
-|Header contains words or phrases|condition: *HeaderContainsWords* <br/> exception: *ExceptIfHeaderContainsWords*| Hash Table |Messages that contain the specified header field, and the value of that header field contains the specified words.|
-|Header matches patterns| condition: *HeaderMatchesPatterns* <br/> exception: *ExceptIfHeaderMatchesPatterns*| Hash Table |Messages that contain the specified header field, and the value of that header field contains the specified regular expressions.|
+<br>
+
+****
+
+|condition or exception in DLP|condition/exception parameters in Microsoft 365 PowerShell|property type|description|
+|||||
+|Header contains words or phrases|condition: *HeaderContainsWords* <br/> exception: *ExceptIfHeaderContainsWords*|Hash Table|Messages that contain the specified header field, and the value of that header field contains the specified words.|
+|Header matches patterns|condition: *HeaderMatchesPatterns* <br/> exception: *ExceptIfHeaderMatchesPatterns*|Hash Table|Messages that contain the specified header field, and the value of that header field contains the specified regular expressions.|
### Message properties
-|**condition or exception in DLP**| **condition/exception parameters in Microsoft 365 PowerShell**| **property type** |**description**|
-|||||
-| With importance | condition: *WithImportance* <br/> exception: *ExceptIfWithImportance* | Importance | Messages that are marked with the specified importance level. |
-| Content character set contains words | condition: *ContentCharacterSetContainsWords* <br/> *ExceptIfContentCharacterSetContainsWords* | CharacterSets | Messages that have any of the specified character set names. |
-| Has sender override | condition: *HasSenderOverride* <br/> exception: *ExceptIfHasSenderOverride* | n/a | Messages where the sender has chosen to override a data loss prevention (DLP) policy. For more information about DLP policies see [Learn about data loss prevention](./dlp-learn-about-dlp.md) |
-| Message type matches | condition: *MessageTypeMatches* <br/> exception: *ExceptIfMessageTypeMatches* | MessageType | Messages of the specified type. |
-|The message size is greater than or equal to| condition: *MessageSizeOver* <br/> exception: *ExceptIfMessageSizeOver* |`Size`|Messages where the total size (message plus attachments) is greater than or equal to the specified value. **Note**: Message size limits on mailboxes are evaluated before mail flow rules. A message that's too large for a mailbox will be rejected before a rule with this condition is able to act on the message.|
+<br>
+
+****
+
+|condition or exception in DLP|condition/exception parameters in Microsoft 365 PowerShell|property type|description|
+|||||
+|With importance|condition: *WithImportance* <br/> exception: *ExceptIfWithImportance*|Importance|Messages that are marked with the specified importance level.|
+|Content character set contains words|condition: *ContentCharacterSetContainsWords* <br/> *ExceptIfContentCharacterSetContainsWords*|CharacterSets|Messages that have any of the specified character set names.|
+|Has sender override|condition: *HasSenderOverride* <br/> exception: *ExceptIfHasSenderOverride*|n/a|Messages where the sender has chosen to override a data loss prevention (DLP) policy. For more information about DLP policies see [Learn about data loss prevention](./dlp-learn-about-dlp.md)|
+|Message type matches|condition: *MessageTypeMatches* <br/> exception: *ExceptIfMessageTypeMatches*|MessageType|Messages of the specified type.|
+|The message size is greater than or equal to|condition: *MessageSizeOver* <br/> exception: *ExceptIfMessageSizeOver*|`Size`|Messages where the total size (message plus attachments) is greater than or equal to the specified value. **Note**: Message size limits on mailboxes are evaluated before mail flow rules. A message that's too large for a mailbox will be rejected before a rule with this condition is able to act on the message.|
+|
## Actions for DLP policies This table describes the actions that are available in DLP.
+<br>
+
+****
-|**action in DLP**|**action parameters in Microsoft 365 PowerShell**|**property type**|**description**|
-|||||
+|action in DLP|action parameters in Microsoft 365 PowerShell|property type|description|
+|||||
|Set header|SetHeader|First property: *Header Name* </br> Second property: *Header Value*|The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. This parameter uses the syntax "HeaderName:HeaderValue". You can specify multiple header name and value pairs separated by commas|
-|Remove header| RemoveHeader| First property: *MessageHeaderField*</br> Second property: *String*| The RemoveHeader parameter specifies an action for the DLP rule that removes a header field from the message header. This parameter uses the syntax ΓÇ£HeaderNameΓÇ¥ or "HeaderName:HeaderValue".You can specify multiple header names or header name and value pairs separated by commas|
-|Redirect the message to specific users|*RedirectMessageTo*|Addresses| Redirects the message to the specified recipients. The message isn't delivered to the original recipients, and no notification is sent to the sender or the original recipients.|
-|Forward the message for approval to senderΓÇÖs manager| Moderate|First property: *ModerateMessageByManager*</br> Second property: *Boolean*|The Moderate parameter specifies an action for the DLP rule that sends the email message to a moderator. This parameter uses the syntax: @{ModerateMessageByManager = <$true \| $false>;|
-|Forward the message for approval to specific approvers| Moderate|First property: *ModerateMessageByUser*</br>Second property: *Addresses*|The Moderate parameter specifies an action for the DLP rule that sends the email message to a moderator. This parameter uses the syntax: @{ ModerateMessageByUser = @("emailaddress1","emailaddress2",..."emailaddressN")}|
-|Add recipient|AddRecipients|First property: *Field*</br>Second property: *Addresses*| Adds one or more recipients to the To/Cc/Bcc field of the message. This parameter uses the syntax: @{<AddToRecipients \| CopyTo \| BlindCopyTo> = "emailaddress"}|
-|Add the senderΓÇÖs manager as recipient|AddRecipients | First property: *AddedManagerAction*</br>Second property: *Field* | Adds the sender's manager to the message as the specified recipient type (To, Cc, Bcc), or redirects the message to the sender's manager without notifying the sender or the recipient. This action only works if the sender's Manager attribute is defined in Active Directory. This parameter uses the syntax: @{AddManagerAsRecipientType = "<To \| Cc \| Bcc>"}|
-Prepend subject |PrependSubject |String |Adds the specified text to the beginning of the Subject field of the message. Consider using a space or a colon (:) as the last character of the specified text to differentiate it from the original subject text.</br>To prevent the same string from being added to messages that already contain the text in the subject (for example, replies), add the "The subject contains words" (ExceptIfSubjectContainsWords) exception to the rule.|
-|Apply HTML disclaimer |ApplyHtmlDisclaimer |First property: *Text*</br>Second property: *Location*</br>Third property: *Fallback action* |Applies the specified HTML disclaimer to the required location of the message.</br>This parameter uses the syntax: @{ Text = ΓÇ£ ΓÇ¥ ; Location = <Append \| Prepend>; FallbackAction = <Wrap \| Ignore \| Reject> }|
-|Remove Office 365 Message Encryption and rights protection | RemoveRMSTemplate | n/a| Removes Office 365 encryption applied on an email|
+|Remove header|RemoveHeader|First property: *MessageHeaderField*</br> Second property: *String*|The RemoveHeader parameter specifies an action for the DLP rule that removes a header field from the message header. This parameter uses the syntax ΓÇ£HeaderNameΓÇ¥ or "HeaderName:HeaderValue".You can specify multiple header names or header name and value pairs separated by commas|
+|Redirect the message to specific users|*RedirectMessageTo*|Addresses|Redirects the message to the specified recipients. The message isn't delivered to the original recipients, and no notification is sent to the sender or the original recipients.|
+|Forward the message for approval to senderΓÇÖs manager|Moderate|First property: *ModerateMessageByManager*</br> Second property: *Boolean*|The Moderate parameter specifies an action for the DLP rule that sends the email message to a moderator. This parameter uses the syntax: @{ModerateMessageByManager = <$true \|$false>;|
+|Forward the message for approval to specific approvers|Moderate|First property: *ModerateMessageByUser*</br>Second property: *Addresses*|The Moderate parameter specifies an action for the DLP rule that sends the email message to a moderator. This parameter uses the syntax: @{ ModerateMessageByUser = @("emailaddress1","emailaddress2",..."emailaddressN")}|
+|Add recipient|AddRecipients|First property: *Field*</br>Second property: *Addresses*|Adds one or more recipients to the To/Cc/Bcc field of the message. This parameter uses the syntax: @{<AddToRecipients \|CopyTo \|BlindCopyTo> = "emailaddress"}|
+|Add the senderΓÇÖs manager as recipient|AddRecipients|First property: *AddedManagerAction*</br>Second property: *Field*|Adds the sender's manager to the message as the specified recipient type (To, Cc, Bcc), or redirects the message to the sender's manager without notifying the sender or the recipient. This action only works if the sender's Manager attribute is defined in Active Directory. This parameter uses the syntax: @{AddManagerAsRecipientType = "<To \|Cc \|Bcc>"}|
+Prepend subject|PrependSubject|String|Adds the specified text to the beginning of the Subject field of the message. Consider using a space or a colon (:) as the last character of the specified text to differentiate it from the original subject text.</br>To prevent the same string from being added to messages that already contain the text in the subject (for example, replies), add the "The subject contains words" (ExceptIfSubjectContainsWords) exception to the rule.|
+|Apply HTML disclaimer|ApplyHtmlDisclaimer|First property: *Text*</br>Second property: *Location*</br>Third property: *Fallback action*|Applies the specified HTML disclaimer to the required location of the message.</br>This parameter uses the syntax: @{ Text = ΓÇ£ ΓÇ¥ ; Location = <Append \|Prepend>; FallbackAction = <Wrap \|Ignore \|Reject> }|
+|Remove Office 365 Message Encryption and rights protection|RemoveRMSTemplate|n/a|Removes Office 365 encryption applied on an email|
+|
compliance Dlp On Premises Scanner Get Started https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-on-premises-scanner-get-started.md
Data from DLP on-premises scanner can be viewed in [Activity explorer](data-clas
2. Refer to the procedures in [Get started with Activity explorer](data-classification-activity-explorer.md) to access and filter all the data for your on-premises scanner locations.
-3. Open the [Audit log in the Compliance center](https://security.microsoft.com/auditlogsearch). During the public preview the DLP rule matches are available in Audit log UI or accessible by [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog?view=exchange-ps) PowerShell
+3. Open the [Audit log in the Compliance center](https://security.microsoft.com/auditlogsearch). During the public preview the DLP rule matches are available in Audit log UI or accessible by [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) PowerShell
## Next steps
compliance Dlp On Premises Scanner Use https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-on-premises-scanner-use.md
f1_keywords:
- 'ms.o365.cc.DLPLandingPage' localization_priority: Priority-+ - M365-security-compliance - m365solution-mip - m365initiative-compliance
+search.appverid:
- MET150 description: "Learn how to use the Microsoft 365 data loss prevention on premises scanner to scan data at rest and implement protective actions for on premises file shares and on-premises SharePoint folders and document libraries."
To help familiarize you with DLP on-premises features and how they surface in DL
> [!IMPORTANT] > These DLP on-premises scenarios are not the official procedures for creating and tuning DLP policies. Refer to the below topics when you need to work with DLP policies in general situations:
->- [Learn about data loss prevention](dlp-learn-about-dlp.md)
->- [Get started with the default DLP policy](get-started-with-the-default-dlp-policy.md)
->- [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md)
->- [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md)
+>
+> - [Learn about data loss prevention](dlp-learn-about-dlp.md)
+> - [Get started with the default DLP policy](get-started-with-the-default-dlp-policy.md)
+> - [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md)
+> - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md)
### Scenario: Discover files matching DLP rules
Data from DLP on-premises scanner surfaces in several areas
#### Activity explorer
- Microsoft DLP for on-premises detects DLP rule matches and reports them to [Activity Explorer](https://compliance.microsoft.com/dataclassification?viewid=activitiesexplorer).
-
+ Microsoft DLP for on-premises detects DLP rule matches and reports them to [Activity Explorer](https://compliance.microsoft.com/dataclassification?viewid=activitiesexplorer).
+ #### Microsoft 365 Audit log
-During the public preview the DLP rule matches are available in Audit log UI, see [Search the audit log in the compliance center](search-the-audit-log-in-security-and-compliance.md) or accessible by [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog?view=exchange-ps) PowerShell.
+During the public preview the DLP rule matches are available in Audit log UI, see [Search the audit log in the compliance center](search-the-audit-log-in-security-and-compliance.md) or accessible by [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) PowerShell.
#### AIP
Discovery data is available in a local report in csv format which is stored unde
**%localappdata%\Microsoft\MSIP\Scanner\Reports\DetailedReport_%timestamp%.csv report**. Look for the following columns:+ - DLP Mode - DLP Status - DLP Comment-- DLP Rule Name DLP Actions
+- DLP Rule Name
+- DLP Actions
- Owner - Current NTFS Permissions (SDDL) - Applied NTFS Permissions (SDDL) - NTFS permissions type
-ΓÇâ
-### Scenario: Enforce DLP rule
-If you want to enforce DLP rules on the scanned files, enforcement must be enabled on both the content scan job in AIP and at the policy level in DLP.
+### Scenario: Enforce DLP rule
+If you want to enforce DLP rules on the scanned files, enforcement must be enabled on both the content scan job in AIP and at the policy level in DLP.
#### Configure DLP to enforce policy actions
-1. Open the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention?viewid=policies) and select the DLP policy that is targeted to the on-premises location repositories you have configured in AIP.
+1. Open the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention?viewid=policies) and select the DLP policy that is targeted to the on-premises location repositories you have configured in AIP.
2. Edit the policy.
-3. On the **Test or turn on the policy** page, select **Yes, turn it on right away**.
+3. On the **Test or turn on the policy** page, select **Yes, turn it on right away**.
## See also
If you want to enforce DLP rules on the scanned files, enforcement must be enabl
- [Get started with DLP on-premises scanner (preview)](dlp-on-premises-scanner-get-started.md) - [Learn about data loss prevention](dlp-learn-about-dlp.md) - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md)-- [Get started with Activity explorer](data-classification-activity-explorer.md)
+- [Get started with Activity explorer](data-classification-activity-explorer.md)
compliance Download Export Jobs https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-export-jobs.md
description: "Export documents in a review set to an Azure Storage account and t
# Export documents in a review set to an Azure Storage account
-When you export documents from a review set in an Advanced eDiscovery case, you have the option to export them to an Azure Storage account managed by your organization. If you used this option, the documents are uploaded to your Azure Storage location. After they are exported, you can access the documents (and download them to a local computer or other location) by using the Azure Storage Explorer. This article provides instructions for how to export documents to your Azure Storage account and the use the Azure Storage Explorer to connect to an Azure Storage location to download the exported documents. For more information about Azure Storage Explorer, see [Use Azure Storage Explorer](/azure/storage/blobs/storage-quickstart-blobs-storage-explorer).
+When you export documents from a review set in an Advanced eDiscovery case, you have the option to export them to an Azure Storage account managed by your organization. If you use this option, the documents are uploaded to your Azure Storage location. After they are exported, you can access the documents (and download them to a local computer or other location) by using the Azure Storage Explorer. This article provides instructions for how to export documents to your Azure Storage account and the use the Azure Storage Explorer to connect to an Azure Storage location to download the exported documents. For more information about Azure Storage Explorer, see [Use Azure Storage Explorer](/azure/storage/blobs/storage-quickstart-blobs-storage-explorer).
## Before you export documents from a review set
compliance Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery.md
Title: "eDiscovery"
+ Title: "Microsoft 365 eDiscovery solutions"
f1.keywords: - NOCSH
Last updated audience: Admin-+ +
+- m365-security-compliance
+- m365solution-aed
+- m365initiative-compliance
+- m365solution-overview
localization_priority: Normal search.appverid: - SPO160 - MOE150 - MET150
-description: "Microsoft 365 offers a number of different eDiscovery tools that you can use to search for and hold content found in different locations such as Exchange mailboxes, SharePoint and OneDrive for Business sites, Microsoft 365 Groups, Microsoft Teams, and Skype for Business conversations."
+description: "Microsoft 365 offers three eDiscovery tools that you can use to search for and export content found in different locations such as Exchange mailboxes, SharePoint and OneDrive for Business sites, Microsoft 365 Groups, Microsoft Teams, and Skype for Business conversations. Core eDiscovery and Advanced eDiscovery provide many additional features to help you manage your investigations."
# eDiscovery solutions in Microsoft 365
-Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery tools in Microsoft 365 to search for content in Exchange Online mailboxes, Microsoft 365 Groups, Microsoft Teams, SharePoint Online and OneDrive for Business sites, and Skype for Business conversations, and Yammer teams. You can search mailboxes and sites in the same eDiscovery search by using the Content Search tool. And you can use Core eDiscovery cases to identify, hold, and export content found in mailboxes and sites. If your organization has an Office 365 E5 or Microsoft 365 E5 subscription (or related E5 add-on subscriptions), you can further manage custodians and analyze content by using the Advanced eDiscovery solution in Microsoft 365.
-
-Microsoft 365 provides the following eDiscovery tools:
-
-- [Content search](#content-search)--- [Core eDiscovery](#core-ediscovery)--- [Advanced eDiscovery](#advanced-ediscovery)-
-## Content search
-
-The following table contains links to articles that will help you use the Content search tool.
-
-|**Article**|**Description**|
-|:--|:--|
-|[Run a search](content-search.md) <br/> |Learn how to use the Content Search tool to search mailboxes, public folders, Microsoft 365 Groups, Microsoft Teams, SharePoint Online sites, One Drive for Business locations, and Skype for Business conversations in your organization in a single search. <br/> |
-|[Keyword queries and search conditions](keyword-queries-and-search-conditions.md) <br/> |Learn about the email and file properties and search conditions you can use to search for content in mailboxes and sites in your organization. <br/> |
-|[View keyword statistics for search results](view-keyword-statistics-for-content-search.md) <br/> |Learn how to use search statistics to display and compare the statistics for one or more content searches, and to configure new and existing searches to return statistics for each keyword in the search query. <br/> |
-|[Export search results](export-search-results.md) <br/> |Learn how to export the results of a Content search. <br/> |
-|[Configure permissions filtering for Content search](permissions-filtering-for-content-search.md) <br/> |Learn how to use permissions filtering to let an eDiscovery manager search only a subset of mailboxes and sites in your organization. <br/> |
-|[Export a search report](export-a-content-search-report.md) <br/> |Learn how to download the export report without having to export the actual search results. <br/> |
-|[Content search limits](limits-for-content-search.md) <br/> |Learn about the limits of the Content Search tool, such as the maximum number of searches that you can run at one time. <br/> |
-|[Unindexed items in Content search](partially-indexed-items-in-content-search.md) <br/> |Learn about unindexed items in Exchange and SharePoint that you can include in the estimated search result statistics when you run a search. You can also include unindexed items when you export search results. <br/> |
-|[Search for and delete email messages](search-for-and-delete-messages-in-your-organization.md) <br/> |Learn how to use Content search to search for and delete an email message from *all* mailboxes in your organization. This can help you find and remove potentially harmful or high-risk email. <br/> |
-|[Search the mailbox and OneDrive accounts for a list of users](search-the-mailbox-and-onedrive-for-business-for-a-list-of-users.md) <br/> |Learn how to use a script to search the mailbox and One Drive for Business site for a group of users. See [Create a list of all OneDrive locations](/onedrive/list-onedrive-urls) for steps on how to quickly generate a list of email addresses that you can use for the source content locations when you create and run content searches. <br/> |
-|[Use Content search for targeted collections](use-content-search-for-targeted-collections.md) <br/> |Learn how to use the Windows PowerShell script in this article to perform targeted collections using Content search. A targeted collection means you want to search a specific folder because you're confident that items responsive to a case (or privileged items) are located in that folder. Use the script in this article to obtain the folder ID or path for the specific mailbox or site folders that you want to search. <br/> |
-|||
-
-## Core eDiscovery
-
-The following table contains links to topics that will help you use Core eDiscovery cases. You can use Core eDiscovery cases to add eDiscovery managers who can access the case, place an eDiscovery hold on content locations relevant to the case, search for content, and export the search results from the case.
-
-|**Article**|**Description**|
-|:--|:--|
-|[Get started with Core eDiscovery](get-started-core-ediscovery.md) |Learn how to assign eDiscovery permissions and create Core eDiscovery cases. This topic also provides an overview of the Core eDiscovery workflow.<br/> |
-|[Assign eDiscovery permissions](assign-ediscovery-permissions.md)|Learn how to assign permissions to users so they can search for content, place content locations on hold, and perform other eDiscovery-related tasks in a Core eDiscovery case.|
-|[Set up compliance boundaries for Core eDiscovery](set-up-compliance-boundaries.md)|Learn how to use compliance boundaries to create logical boundaries within an organization that control the content locations that an eDiscovery manager can search.|
-|[Create an eDiscovery hold](create-ediscovery-holds.md)|Learn how to create eDiscovery holds that associated with a Core eDiscovery case to preserve content relevant to the case you're investigating.|
-|[Search for content in a case](search-for-content-in-core-ediscovery.md)|Learn how to search for content that's relevant to a case. You can quickly create searches that search the content locations on hold.|
-|[Export content from a case](export-content-in-core-ediscovery.md)|Learn how to export and download content from a Core eDiscovery case.|
-|[Close, reopen, and delete a case](close-reopen-delete-core-ediscovery-cases.md)|Learn how to manage the lifecycle of a Core eDiscovery case.|
-|||
-
-## Advanced eDiscovery
-
-The Advanced eDiscovery solution in Microsoft 365 (also called *Advanced eDiscovery v2.0*) builds on the existing eDiscovery and analytics capabilities in Microsoft 365. This eDiscovery solution provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It also lets legal teams manage custodians and the entire legal hold notification workflow to communicate with custodians involved in a case.
-
-|**Article**|**Description**|
-|:--|:--|
-|[Overview of Advanced eDiscovery](overview-ediscovery-20.md)|This article introduces Advanced eDiscovery, outlines the business justification for using this tool, presents Advanced eDiscovery architecture, and provides a high-level overview of the built-in workflow of Advanced eDiscovery.|
-|[Set up Advanced eDiscovery](get-started-with-advanced-ediscovery.md)|Learn how to get started using Advanced eDiscovery, including the required licensing and necessary eDiscovery permission.|
-|[Create and manage a case](create-and-manage-advanced-ediscoveryv2-case.md)|This article shows you how to create an Advanced eDiscovery case and provides a walk-through of the Advanced eDiscovery workflow.|
-|[Manage custodians](managing-custodians.md)|Learn about working with custodians in an Advanced eDiscovery. This topic links to step-by-step instructions to add custodians to a case, managing custodians in a case, and viewing custodian activity in Microsoft 365 by searching the audit log.|
-|[Manage custodian communications](managing-custodian-communications.md)|Learn about managing the legal hold notification process in Advanced eDiscovery. This includes creating and automating the notification workflow and how a user acknowledged a hold notification.
-|[Manage processing errors](processing-data-for-case.md)|Learn about Advanced indexing and how to remediate indexing errors in content from custodial and non-custodial content locations, such as Exchange mailboxes, SharePoint sites, and OneDrive accounts. You can bulk-remediate errors and then upload remediated files to a review set or remediate individual processing errors within a review set.|
-|[Collect data for a case](collecting-data-for-ediscovery.md)|Learn about searching for content in custodial content locations, and then adding relevant case data to a review set. When you copy content to a review set, the data is copied from the original content locations to a Microsoft-provided Azure Storage location. This provides a static set of documents for the review process.|
-|[Manage review sets](managing-review-sets.md)|Learn about reviewing case data in a review set. This includes viewing, querying, filtering, and tagging documents in a review set.
-|[Analyze data in a review set](analyzing-data-in-review-set.md)|Learn about running analysis on the documents in a review set. The results of running analysis include near-duplication detection, email threading, and themes identification.|
-|[Export case data](exporting-data-ediscover20.md)|Learn about exporting data from a case for external review.|
-|||
+Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery tools in Microsoft 365 to search for content in Exchange Online, OneDrive for Business, SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Yammer teams. You can search mailboxes and sites in the same eDiscovery search, and then export the search results. You can use Core eDiscovery cases to identify, hold, and export content found in mailboxes and sites. If your organization has an Office 365 E5 or Microsoft 365 E5 subscription (or related E5 add-on subscriptions), you can further manage custodians and analyze content by using the feature-rich Advanced eDiscovery solution in Microsoft 365.
+
+## eDiscovery solutions
+
+Microsoft 365 provides three eDiscovery solutions: Content search, Core eDiscovery, and Advanced eDiscovery.
+
+![Key capabilities of Microsoft 365 eDiscovery tools](..\media\m365-ediscovery-solution-graphic.png)
+
+- **Content search**. Use use the Content search tool to search for content across Microsoft 365 data sources and then export the search results to local computer.
+
+- **Core eDiscovery**. Core eDiscovery builds on the basic search and export functionality of Content search enabling you to create eDiscovery cases and eDiscovery managers who can only access the case their members of. Core eDiscovery lets you associate searches and exports with a case and allows you to place an eDiscovery hold on content locations relevant to the case.
+
+- **Advanced eDiscovery**. The Advanced eDiscovery tool builds on the existing case management, preservation, search, and export capabilities in Core eDiscovery. Advanced eDiscovery provides an end-to-end workflow to identify, preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It lets legal teams manage custodians and the legal hold notification workflow to communicate with custodians involved in a case. It allows you to collect and copy data from the live service into review sets, when you can filter, search, and tag content to cull non-relevant content from further review so your workflow can identify and focus on content that's most relevant. Advanced eDiscovery provides analytics and machine learning-based predictive coding models to further narrow to scope of your investigation to the most relevant content.
+
+## Comparison of key capabilities
+
+The following table compares the key capabilities available in Content search, Core eDiscovery, and Advanced eDiscovery.
+
+|Capability|Content search|Core eDiscovery|Advanced eDiscovery|
+|:|:-|:-|:-|
+|Search for content|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Keyword queries and search conditions|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Search statistics|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Export search results|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Role-based permissions|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Case management||![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Place content locations on legal hold||![Supported](../media/check-mark.png)|![Supported](../media/check-mark.png)|
+|Custodian management|||![Supported](../media/check-mark.png)|
+|Legal hold notifications|||![Supported](../media/check-mark.png)|
+|Advanced indexing|||![Supported](../media/check-mark.png)|
+|Error remediation|||![Supported](../media/check-mark.png)|
+|Review sets|||![Supported](../media/check-mark.png)|
+|Support for cloud attachments and SharePoint versions|||![Supported](../media/check-mark.png)|
+|Optical character recognition|||![Supported](../media/check-mark.png)|
+|Conversation threading|||![Supported](../media/check-mark.png)|
+|Collection statistics and reports|||![Supported](../media/check-mark.png)|
+|Review set filtering|||![Supported](../media/check-mark.png)|
+|Tagging|||![Supported](../media/check-mark.png)|
+|Analytics|||![Supported](../media/check-mark.png)|
+|Predictive coding models|||![Supported](../media/check-mark.png)|
+|Computed document metadata|||![Supported](../media/check-mark.png)|
+|Transparency of long-running jobs|||![Supported](../media/check-mark.png)|
+|Export to customer-owned Azure Storage location|||![Supported](../media/check-mark.png)|
+|||||
+
+Here's description of each eDiscovery capability.
+
+- **Search for content**. Search for content that's stored in Exchange mailboxes, One Drive for Business accounts, SharePoint sites, Microsoft Teams, Microsoft 365 Groups, and Yammer Teams. This includes content generated by other Microsoft 365 apps that store data in mailboxes and sites.
+
+- **Keyword queries and search conditions**. Create KQL keyword search queries to search for content that match query criteria. You can also include conditions to narrow the scope of your search.
+
+- **Search statistics**. After you run a search, you can view statistics of the estimated search results, such as the number and total size of items matching your search criteria. Other statistics include the top content locations that contain search results and the number of items that match different parts of the search query.
+
+- **Export search results**. Export search results to a local computer in your organization in a two-step process. When you export search results, items are copied from their original content location in Microsoft 365 to a Microsoft-provided Azure Storage location. Then you can download those items to a local computer.
+
+- **Role-based permissions**. Use role-based access (RBAC) permissions to control what eDiscovery-related tasks that different users can perform. You can users to built-in eDiscovery-related role group or create custom role groups that assign specific eDiscovery permissions.
+
+- **Case management**. eDiscovery cases in Core eDiscovery and Advanced eDiscovery let you associate specific searches and exports with a specific investigation. You can also assign members to a case to control who can access the case and view the contents of the case.
+
+- **Place content locations on legal hold**. Preserve content relevant to your investigation by placing a legal hold on the content locations in a case. This lets you secure electronically stored information from inadvertent (or intentional) deletion during your investigation.
+
+- **Custodian management**. Manage the people that you've identified as persons of interest in the case (called *custodians*) and other data sources that may not be associated with a custodian. When you add custodians and non-custodial data sources to a case, you can place a legal hold on these data sources, communicate with custodians by using the legal hold notification process, and search custodian and non-custodial data sources to collect content relevant to the case.
+
+- **Legal hold notifications**. Manage the process of communicating with case custodians. A legal hold notification instructs custodians to preserve content that's relevant to the case. You can track the notices that have been received, read, and acknowledged by custodians. The communications workflow in Advanced eDiscovery allows you to create and send initial notifications, reminders, and escalations if custodians fail to acknowledge a hold notification.
+
+- **Advanced indexing**. When you add custodial and non-custodian data sources to a case, the associated content locations are reindexed (in a process called *Advanced indexing*) so that any content that was deemed as partially indexed is reprocessed to make it fully searchable when you collect data for an investigation.
+
+- **Error remediation**. Fix processing errors using a process called *error remediation*. Error remediation allows you to rectify data issues that prevent Advanced eDiscovery from properly processing the content during Advanced indexing. For example, files that are password protected can't be processed since the files are locked or encrypted. Using error remediation, you can download files with errors, remove the password protection, and then upload the remediated files.
+
+- **Review sets**. Add relevant data to a review set. A review set is a secure, Microsoft-provided Azure Storage location in the Microsoft cloud. When you add data to a review set, the collected items are copied from their original content location to the review set. Review sets provide a static, known set of content that you can search, filter, tag, analyze, and predict relevancy using predictive coding models. You can also track and report on what content gets added to the review set.
+
+- **Support for cloud attachments and SharePoint versions**. When you add content to a review set, you have the option to include cloud attachments or linked files. This means that the target file of a cloud attachment or linked file is added to the review set. You also have the option to add all version of a SharePoint document to a review set.
+
+- **Optical character recognition (OCR)**. When content is added to a review set, OCR functionality extracts text from images, and includes the image text with the content that's added to a review set. This lets you search for image text when you query the content in the review set.
+
+- **Conversation threading**. When chat messages from Teams and Yammer conversations are added to a review set, you have the option to collect the entire conversation thread. This means that the entire chat conversation that contains items that match the collection criteria is added to the review set. This lets you review chat items in the context of the back and forth conversation.
+
+- **Collection statistics and reports**. After you create a draft collection or commit a commit a collection to a review set, you can view a rich set of statistics on the retrieved items, such as the content locations that contain the most items that matched the search criteria and the number of items returned by the search query. You can also preview a subset of the results. Additionally, this includes the number of child items that were extracted from their parent items and added as separate items to the review set.
+
+- **Review set filtering**. After content is added to a review set, you can apply filters to display only the set of items that match your filtering criteria. Then you can save the filter sets as a query, which lets you quickly reapply the saved filters. Review set filtering and saved queries help you quickly cull content to the items that are most relevant to your investigation.
+
+- **Tagging**. Tags also help you cull non-relevant content and identify the most relevant content. When experts, attorneys, or other users review content in a review set, their opinions related to the content can be captured by using tags. For example, if the intent is to cull unnecessary content, a user can tag documents with a tag such as "non-responsive". After content has been reviewed and tagged, a review set query can be created to exclude any content tagged as "non-responsive". This process eliminates the non-responsive content from subsequent steps in the eDiscovery workflow.
+
+- **Analytics**. Advanced eDiscovery provides tools to analyze review set documents to help you organize the documents in a coherent manner and reduce the volume of documents to be reviewed. *Near duplicate detection* groups textually similar documents together to help you make your review process more efficient. *Email threading* identifies specific email messages that give a complete context of the conversation in an email thread. *Themes* functionality attempts to analyze the themes that are discussed in review set documents and assigning a theme to documents so that you can review documents that have a related theme. These analytics capabilities help make your review process more efficient so that reviewers can review a fraction of collected documents.
+
+- **Predictive coding models**. Use predictive coding models to reduce and cull large volumes of case content to a relevant set of items that you can prioritize for review. This is accomplished by creating and training your own predictive coding models that help you prioritize the review of the most relevant items in a review set. The system uses the training to apply prediction scores to every item in the review set. This lets you filter items based on the prediction score, which allows you to review the most relevant (or non-relevant) items first.
+
+- **Computed document metadata**. Many Advanced eDiscovery features, such as Advanced indexing, conversation threading, analytics, and predictive coding add metadata properties to review set documents. This metadata contains information related to the function performed a specific feature. When reviewing documents, you can filter on metadata properties to display document that match your filter criteria. This metadata can imported into third-party review applications after review set documents are exported.
+
+- **Transparency of long-running jobs**. Jobs in Advanced eDiscovery are, typically long-running processes that are triggered by user actions, such as the adding custodians to a case, adding content to a review set, running analytics, and training predictive coding models. You can track the status of these jobs and get support information if you need to escalate issues to MS Support.
+
+- **Export to customer-owned Azure Storage location**. When you export documents from a review set, you have the option to export them to an Azure Storage account managed by your organization. Additionally, Advanced eDiscovery lets you customize what data is exported. This includes exporting file metadata, native files, text files, tags, and redacted documents that have been saved to a PDF file.
+
+## eDiscovery subscription comparison
+
+The following sections show the minimum subscription requirements for Content search, Core eDiscovery, and Advanced eDiscovery. Subscriptions that support Core eDiscovery also support Content search. Subscriptions that support Advanced eDiscovery also support Content search and Core eDiscovery.
+
+### Content search
+
+- Microsoft 365 E1 subscription
+- Microsoft 365 G1 subscription
+- Office 365 Education A1 subscription
+
+### Core eDiscovery
+
+- Microsoft 365 E3 subscription
+- Microsoft 365 G3 subscription
+- Microsoft 365 Education A3 or Office 365 Education A3 subscription
+
+### Advanced eDiscovery
+
+- Microsoft 365 E5 or Office 365 E5 subscription
+- Microsoft 365 E3 subscription with E5 Compliance add-on
+- Microsoft 365 E3 subscription with E5 eDiscovery and Audit add-on
+- Microsoft 365 G5 subscription
+- Microsoft 365 G5 subscription with G5 Compliance add-on
+- Microsoft 365 G5 subscription with G5 eDiscovery and Audit add-on
+- Microsoft 365 Education A5 or Office 365 Education A5 subscription
+
+## Get started with eDiscovery
+
+See the following articles to help you learn more and get started using the eDiscovery solutions in Microsoft 365.
+
+### Content search
+
+- [Search for content using Content search](search-for-content.md)
+
+- [Create a search](content-search.md)
+
+### Core eDiscovery
+
+- [Get started with Core eDiscovery](get-started-core-ediscovery.md)
+
+### Advanced eDiscovery
+
+- [Overview of Advanced eDiscovery](overview-ediscovery-20.md)
+
+- [Set up Advanced eDiscovery](get-started-with-advanced-ediscovery.md)
+
+- [Create and manage an Advanced eDiscovery case](create-and-manage-advanced-ediscoveryv2-case.md)
## eDiscovery roadmap
-To see what eDiscovery features have been launched, are rolling out, or in development, see the [Microsoft 365 Roadmap](https://aka.ms/eDiscoRoadMap).
+To see what eDiscovery features have been launched, are rolling out, or in development, see the [Microsoft 365 Roadmap](https://aka.ms/eDiscoRoadMap).
+
+## Training
+
+Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for Content search, Core eDiscovery, and Advanced eDiscovery can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365).
compliance Enable Mailbox Auditing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-mailbox-auditing.md
audience: Admin
localization_priority: Normal-+ - Strat_O365_IP - M365-security-compliance
+search.appverid:
- MOE150 - MET150 ms.assetid: aaca8987-5b62-458b-9882-c28476a66918
The following table describes the mailbox actions that are available in mailbox
|**MailboxLogin**|The user signed into their mailbox.|||![Check mark](../media/checkmark.png)| |**MailItemsAccessed**|**Note**: This value is available only for E5 or E5 Compliance add-on subscription users. For more information, see [Set up Advanced Audit in Microsoft 365](set-up-advanced-audit.md). <p> Mail data is accessed by mail protocols and clients.|![Check mark](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>| |**MessageBind**|**Note**: This value is available only for E3 users (users without E5 or E5 Compliance add-on subscriptions). <p> A message was viewed in the preview pane or opened by an admin.|![Check mark](../media/checkmark.png)|||
-|**ModifyFolderPermissions**|Although this value is accepted as a mailbox action, it's already included in the **UpdateFolderPermissions** action and isn't audited separately. In other words, don't use this value.|||||
+|**ModifyFolderPermissions**|Although this value is accepted as a mailbox action, it's already included in the **UpdateFolderPermissions** action and isn't audited separately. In other words, don't use this value.||||
|**Move**|A message was moved to another folder.|![Check mark](../media/checkmark.png)|![Check mark](../media/checkmark.png)|![Check mark](../media/checkmark.png)| |**MoveToDeletedItems**|A message was deleted and moved to the Deleted Items folder.|![Check mark](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>|![Check mark](../media/checkmark.png)<sup>\*</sup>| |**RecordDelete**|An item that's labeled as a record was soft-deleted (moved to the Recoverable Items folder). Items labeled as records can't be permanently deleted (purged from the Recoverable Items folder).|![Check mark](../media/checkmark.png)|![Check mark](../media/checkmark.png)|![Check mark](../media/checkmark.png)|
The value **True** indicates that mailbox audit logging is bypassed for the user
To retrieve mailbox audit log entries for users without E5 licenses, you can: - Manually enable mailbox auditing on individual mailboxes (run the command, `Set-Mailbox -Identity <MailboxIdentity> -AuditEnabled $true`). After you do this, you can use audit log searches in the Security & Compliance Center or via the Office 365 Management Activity API.
-
+ > [!NOTE] > If mailbox auditing already appears to be enabled on the mailbox, but your searches return no results, change the value of the _AuditEnabled_ parameter to `$false` and then back to `$true`.
-
+ - Use the following cmdlets in Exchange Online PowerShell: - [Search-MailboxAuditLog](/powershell/module/exchange/search-mailboxauditlog) to search the mailbox audit log for specific users. - [New-MailboxAuditLogSearch](/powershell/module/exchange/new-mailboxauditlogsearch) to search the mailbox audit log for specific users and to have the results sent via email to specified recipients.
compliance Encryption Office 365 Certificate Chains https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-office-365-certificate-chains.md
Last updated: **10/16/2020**
| **Certificate type** | **P7b download** | **CRL Endpoints** | **OCSP Endpoints** | **AIA Endpoints** | | | | | | | | Publicly Trusted Root Certificates | [Microsoft 365 Root Certificate Bundle (P7B)](https://download.microsoft.com/download/4/a/b/4ab1c940-826b-444b-b287-b7a902e68da0/m365_root_certs_20201012.p7b) | crl.globalsign.net<br>www.d-trust.net | N/A | N/A |
-| Publicly Trusted Intermediate Certificates | [Microsoft 365 Intermediate Certificate Bundle (P7B)ΓÇïΓÇï](https://download.microsoft.com/download/1/4/7/14777f28-3fde-4958-aebf-bd192a4a7fac/m365_intermediate_certs_20201013.p7b) | cdp1.public-trust.com<br>crl.cnnic.cn<br>crl.entrust.net<br>crl.globalsign.com<br>crl.globalsign.net<br>crl.identrust.com<br>crl.thawte.com<br>crl3.digicert.com<br>crl4.digicert.com<br>s1.symcb.com<br>www.d-trust.net | isrg.trustid.ocsp.identrust.com<br>ocsp.digicert.com<br>ocsp.entrust.net<br>ocsp.globalsign.com<br>ocsp.omniroot.com<br>ocsp.startssl.com<br>ocsp.thawte.com<br>ocsp2.globalsign.com<br>ocspcnnicroot.cnnic.cn<br>root-c3-ca2-2009.ocsp.d-trust.net<br>root-c3-ca2-ev-2009.ocsp.d-trust.net<br>s2.symcb.com | aia.startssl.com<br>apps.identrust.com<br>cacert.omniroot.com<br>www.cnnic.cn |
+| Publicly Trusted Intermediate Certificates | [Microsoft 365 Intermediate Certificate Bundle (P7B)](https://download.microsoft.com/download/1/4/7/14777f28-3fde-4958-aebf-bd192a4a7fac/m365_intermediate_certs_20201013.p7b) | cdp1.public-trust.com<br>crl.cnnic.cn<br>crl.entrust.net<br>crl.globalsign.com<br>crl.globalsign.net<br>crl.identrust.com<br>crl.thawte.com<br>crl3.digicert.com<br>crl4.digicert.com<br>s1.symcb.com<br>www.d-trust.net | isrg.trustid.ocsp.identrust.com<br>ocsp.digicert.com<br>ocsp.entrust.net<br>ocsp.globalsign.com<br>ocsp.omniroot.com<br>ocsp.startssl.com<br>ocsp.thawte.com<br>ocsp2.globalsign.com<br>ocspcnnicroot.cnnic.cn<br>root-c3-ca2-2009.ocsp.d-trust.net<br>root-c3-ca2-ev-2009.ocsp.d-trust.net<br>s2.symcb.com | aia.startssl.com<br>apps.identrust.com<br>cacert.omniroot.com<br>www.cnnic.cn |
Expand the root and intermediate sections below to see additional details about the certificate providers.
Expand the root and intermediate sections below to see additional details about
| **CRL URLs** | http://crl.digicert.cn/DigiCertGlobalRootCA.crl | | **OCSP URLs** | http://ocsp.digicert.cn |
-### **DigiCert Cloud Services CA-1**
+### **DigiCert Cloud Services CA-1** (older)
| **Subject** | CN=DigiCert Cloud Services CA-1<br>O=DigiCert Inc<br>C=US | | | |
Expand the root and intermediate sections below to see additional details about
| **Subject Key Identifier** | dd:51:d0:a2:31:73:a9:73:ae:8f:b4:01:7e:5d:8c:57:cb:9f:f0:f7 | | **Authority Key Identifier** | 03:de:50:35:56:d1:4c:bb:66:f0:a3:e2:1b:1b:c3:97:b2:3d:d1:55 | | **Thumbprint (SHA-1)** | B3F6B64A07BB9611F47174407841F564FB991F29 |
-| **Thumbprint (SHA-256)** | 5F88694615E4C61686E106B84C3338C6720C535F60D36F61282ED15E1977DD44 | -
+| **Thumbprint (SHA-256)** | 5F88694615E4C61686E106B84C3338C6720C535F60D36F61282ED15E1977DD44 |
| **Pin (SHA-256)** | UgpUVparimk8QCjtWQaUQ7EGrtrykc/L8N66EhFY3VE= | | **CRL URLs** | http://crl3.digicert.com/DigiCertGlobalRootCA.crl<br>http://crl4.digicert.com/DigiCertGlobalRootCA.crl | | **OCSP URLs** | http://ocsp.digicert.com
Expand the root and intermediate sections below to see additional details about
| **CRL URLs** | http://crl.globalsign.com/root-r3.crl | | **OCSP URLs** | http://ocsp2.globalsign.com/rootr3 |
-### **GlobalSign Organization Validation CA - SHA256 - G2**
+### **GlobalSign Organization Validation CA - SHA256 - G2** (older)
| **Subject** | CN=GlobalSign Organization Validation CA - SHA256 - G2<br>O=GlobalSign nv-sa<br>C=BE | | | |
su.symcb.com/su.crt<br>
<https://www.digicert.com/CACerts/DigiCertGlobalRootCA.crt><br> <https://www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt><br> <https://www.microsoft.com/pki/mscorp/msitwww1.crt><br>
-<https://www.microsoft.com/pki/mscorp/msitwww2.crt><br>
+<https://www.microsoft.com/pki/mscorp/msitwww2.crt><br>
compliance Event Driven Retention https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/event-driven-retention.md
Sample code to call the REST API:
- **URL**: `https://ps.compliance.protection.outlook.com/psws/service.svc/ComplianceRetentionEvent` - **Headers**: Key = Content-Type, Value = application/atom+xml - **Body**:
-
+ ```xml <?xml version='1.0' encoding='utf-8' standalone='yes'?>
Sample code to call the REST API:
</entry> ```
-
+ - **Authentication**: Basic - **Username**: "Complianceuser"-- **Password**: "Compliancepassword"
+- **Password**: "Compliancepassword"
##### Available parameters
Sample code to call the REST API:
- **Password**: "Compliancepassword" - ###### Response codes | Response Code | Description |
Sample code to call the REST API:
- **Password**: "Compliancepassword" - ###### Response codes | Response Code | Description |
$event = Invoke-RestMethod -Body $body -Method 'POST' -Uri $url -ContentType "ap
} $event | fl *- ```
compliance Form A Query To Find Sensitive Data Stored On Sites https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/form-a-query-to-find-sensitive-data-stored-on-sites.md
Last updated 6/29/2018
audience: Admin -+ - M365-security-compliance - SPO_Content localization_priority: Normal
+search.appverid:
- MOE150 - MET150 description: Use data loss prevention (DLP) in SharePoint Online to discover documents that contain sensitive data throughout your tenant.
description: Use data loss prevention (DLP) in SharePoint Online to discover doc
# Form a query to find sensitive data stored on sites Users often store sensitive data, such as credit card numbers, social security numbers, or personal, on their sites, and over time this can expose an organization to significant risk of data loss. Documents stored on sitesΓÇöincluding OneDrive for Business sitesΓÇöcould be shared with people outside the organization who shouldn't have access to the information. With data loss prevention (DLP) in SharePoint Online, you can discover documents that contain sensitive data throughout your tenant. After discovering the documents, you can work with the document owners to protect the data. This topic can help you form a query to search for sensitive data.
-
+ > [!NOTE]
-> Electronic discovery, or eDiscovery, and DLP are premium features that require [SharePoint Online Plan 2](https://go.microsoft.com/fwlink/?LinkId=510080).
-
+> Electronic discovery, or eDiscovery, and DLP are premium features that require [SharePoint Online Plan 2](https://go.microsoft.com/fwlink/?LinkId=510080).
+ ## Forming a basic DLP query
-There are three parts that make up a basic DLP query: SensitiveType, count range, and confidence range. As illustrated in the following graphic, **SensitiveType:"\<type\>"** is required, and both**|\<count range\>** and**|\<confidence range\>** are optional.
-
+There are three parts that make up a basic DLP query: SensitiveType, count range, and confidence range. As illustrated in the following graphic, **SensitiveType:"\<type\>"** is required, and both **|\<count range\>** and **|\<confidence range\>** are optional.
+ ![Example query divided into required and optional](../media/DLP-query-example-text.png)
-
+ ### Sensitive type - required
-So what is each part? SharePoint DLP queries typically begin with the property `SensitiveType:"` and an information type name from the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help), and end with a `"`. You can also use the name of a [custom sensitive information type](create-a-custom-sensitive-information-type.md) that you created for your organization. For example, you might be looking for documents that contain credit card numbers. In such an instance, you'd use the following format: `SensitiveType:"Credit Card Number"`. Because you didn't include count range or confidence range, the query returns every document in which a credit card number is detected. This is the simplest query that you can run, and it returns the most results. Keep in mind that the spelling and spacing of the sensitive type matters.
-
+So what is each part? SharePoint DLP queries typically begin with the property `SensitiveType:"` and an information type name from the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help), and end with a `"`. You can also use the name of a [custom sensitive information type](create-a-custom-sensitive-information-type.md) that you created for your organization. For example, you might be looking for documents that contain credit card numbers. In such an instance, you'd use the following format: `SensitiveType:"Credit Card Number"`. Because you didn't include count range or confidence range, the query returns every document in which a credit card number is detected. This is the simplest query that you can run, and it returns the most results. Keep in mind that the spelling and spacing of the sensitive type matters.
+ ### Ranges - optional
-Both of the next two parts are ranges, so let's quickly examine what a range looks like. In SharePoint DLP queries, a basic range is represented by two numbers separated by two periods, which looks like this: `[number]..[number]`. For instance, if `10..20` is used, that range would capture numbers from 10 through 20. There are many different range combinations and several are covered in this topic.
-
-Let's add a count range to the query. You can use count range to define the number of occurrences of sensitive information a document needs to contain before it's included in the query results. For example, if you want your query to return only documents that contain exactly five credit card numbers, use this: `SensitiveType:"Credit Card Number|5"`. Count range can also help you identify documents that pose high degrees of risk. For example, your organization might consider documents with five or more credit card numbers a high risk. To find documents fitting this criterion, you would use this query: `SensitiveType:"Credit Card Number|5.."`. Alternatively, you can find documents with five or fewer credit card numbers by using this query: `SensitiveType:"Credit Card Number|..5"`.
-
+Both of the next two parts are ranges, so let's quickly examine what a range looks like. In SharePoint DLP queries, a basic range is represented by two numbers separated by two periods, which looks like this: `[number]..[number]`. For instance, if `10..20` is used, that range would capture numbers from 10 through 20. There are many different range combinations and several are covered in this topic.
+
+Let's add a count range to the query. You can use count range to define the number of occurrences of sensitive information a document needs to contain before it's included in the query results. For example, if you want your query to return only documents that contain exactly five credit card numbers, use this: `SensitiveType:"Credit Card Number|5"`. Count range can also help you identify documents that pose high degrees of risk. For example, your organization might consider documents with five or more credit card numbers a high risk. To find documents fitting this criterion, you would use this query: `SensitiveType:"Credit Card Number|5.."`. Alternatively, you can find documents with five or fewer credit card numbers by using this query: `SensitiveType:"Credit Card Number|..5"`.
+ #### Confidence range
-Finally, confidence range is the level of confidence that the detected sensitive type is actually a match. The values for confidence range work similarly to count range. You can form a query without including a count range. For example, to search for documents with any number of credit card numbersΓÇöas long as the confidence range is 85 percent or higherΓÇöyou would use this query: `SensitiveType:"Credit Card Number|*|85.."`.
-
+Finally, confidence range is the level of confidence that the detected sensitive type is actually a match. The values for confidence range work similarly to count range. You can form a query without including a count range. For example, to search for documents with any number of credit card numbersΓÇöas long as the confidence range is 85 percent or higherΓÇöyou would use this query: `SensitiveType:"Credit Card Number|*|85.."`.
+ > [!IMPORTANT]
-> The asterisk ( `*`) is a wildcard character that means any value works. You can use the wildcard character ( `*`) either in the count range or in the confidence range, but not in a sensitive type.
-
+> The asterisk ( `*` ) is a wildcard character that means any value works. You can use the wildcard character ( `*` ) either in the count range or in the confidence range, but not in a sensitive type.
+ ### Additional query properties and search operators available in the eDiscovery Center
-DLP in SharePoint also introduces the LastSensitiveContentScan property, which can help you search for files scanned within a specific timeframe. For query examples with the `LastSensitiveContentScan` property, see the [Examples of complex queries](#examples-of-complex-queries) in the next section.
-
-You can use not only DLP-specific properties to create a query, but also standard SharePoint eDiscovery search properties such as `Author` or `FileExtension`. You can use operators to build complex queries. For the list of available properties and operators, see the [Using Search Properties and Operators with eDiscovery](/archive/blogs/quentin/using-search-properties-and-operators-with-ediscovery) blog post.
-
+DLP in SharePoint also introduces the LastSensitiveContentScan property, which can help you search for files scanned within a specific timeframe. For query examples with the `LastSensitiveContentScan` property, see the [Examples of complex queries](#examples-of-complex-queries) in the next section.
+
+You can use not only DLP-specific properties to create a query, but also standard SharePoint eDiscovery search properties such as `Author` or `FileExtension`. You can use operators to build complex queries. For the list of available properties and operators, see the [Using Search Properties and Operators with eDiscovery](/archive/blogs/quentin/using-search-properties-and-operators-with-ediscovery) blog post.
+ ## Examples of complex queries The following examples use different sensitive types, properties, and operators to illustrate how you can refine your queries to find exactly what you're looking for.
-
-|**Query**|**Explanation**|
-|:--|:--|
-| `SensitiveType:"International Banking Account Number (IBAN)"` <br/> |The name might seem strange because it's so long, but it's the correct name for that sensitive type. Make sure to use exact names from the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help). You can also use the name of a [custom sensitive information type](create-a-custom-sensitive-information-type.md) that you created for your organization. <br/> |
-| `SensitiveType:"Credit Card Number|1..4294967295|1..100"` <br/> |This returns documents with at least one match to the sensitive type "Credit Card Number." The values for each range are the respective minimum and maximum values. A simpler way to write this query is `SensitiveType:"Credit Card Number"`, but where's the fun in that? <br/> |
-| `SensitiveType:"Credit Card Number| 5..25" AND LastSensitiveContentScan:"8/11/2018..8/13/2018"` <br/> |This returns documents with 5-25 credit card numbers that were scanned from August 11, 2018 through August 13, 2018. <br/> |
-| `SensitiveType:"Credit Card Number| 5..25" AND LastSensitiveContentScan:"8/11/2018..8/13/2018" NOT FileExtension:XLSX` <br/> |This returns documents with 5-25 credit card numbers that were scanned from August 11, 2018 through August 13, 2018. Files with an XLSX extension aren't included in the query results. `FileExtension` is one of many properties that you can include in a query. For more information, see [Using Search Properties and Operators with eDiscovery](/archive/blogs/quentin/using-search-properties-and-operators-with-ediscovery). <br/> |
-| `SensitiveType:"Credit Card Number" OR SensitiveType:"U.S. Social Security Number (SSN)"` <br/> |This returns documents that contain either a credit card number or a social security number. <br/> |
-
+
+<br>
+
+****
+
+|Query|Explanation|
+|||
+|`SensitiveType:"International Banking Account Number (IBAN)"`|The name might seem strange because it's so long, but it's the correct name for that sensitive type. Make sure to use exact names from the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help). You can also use the name of a [custom sensitive information type](create-a-custom-sensitive-information-type.md) that you created for your organization.|
+|`SensitiveType:"Credit Card Number|1..4294967295|1..100"`|This returns documents with at least one match to the sensitive type "Credit Card Number." The values for each range are the respective minimum and maximum values. A simpler way to write this query is `SensitiveType:"Credit Card Number"`, but where's the fun in that?|
+|`SensitiveType:"Credit Card Number|5..25" AND LastSensitiveContentScan:"8/11/2018..8/13/2018"`|This returns documents with 5-25 credit card numbers that were scanned from August 11, 2018 through August 13, 2018.|
+|`SensitiveType:"Credit Card Number|5..25" AND LastSensitiveContentScan:"8/11/2018..8/13/2018" NOT FileExtension:XLSX`|This returns documents with 5-25 credit card numbers that were scanned from August 11, 2018 through August 13, 2018. Files with an XLSX extension aren't included in the query results. `FileExtension` is one of many properties that you can include in a query. For more information, see [Using Search Properties and Operators with eDiscovery](/archive/blogs/quentin/using-search-properties-and-operators-with-ediscovery).|
+|`SensitiveType:"Credit Card Number" OR SensitiveType:"U.S. Social Security Number (SSN)"`|This returns documents that contain either a credit card number or a social security number.|
+|
+ ## Examples of queries to avoid Not all queries are created equal. The following table gives examples of queries that don't work with DLP in SharePoint and describes why.
-
-|**Unsupported query**|**Reason**|
-|:--|:--|
-| `SensitiveType:"Credit Card Number|.."` <br/> |You must add at least one number. <br/> |
-| `SensitiveType:"NotARule"` <br/> |"NotARule" isn't a valid sensitive type name. Only names in the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help) work in DLP queries. <br/> |
-| `SensitiveType:"Credit Card Number|0"` <br/> |Zero isn't valid as either the minimum value or the maximum value in a range. <br/> |
-| `SensitiveType:"Credit Card Number"` <br/> |It's might be difficult to see, but there's extra white space between "Credit" and "Card" that makes the query invalid. Use exact sensitive type names from the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help). <br/> |
-| `SensitiveType:"Credit Card Number|1. .3"` <br/> |The two-period portion shouldn't be separated by a space. <br/> |
-| `SensitiveType:"Credit Card Number| |1..|80.."` <br/> |There are too many pipe delimiters (|). Follow this format instead: `SensitiveType: "Credit Card Number|1..|80.."` <br/> |
-| `SensitiveType:"Credit Card Number|1..|80..101"` <br/> |Because confidence values represent a percentage, they can't exceed 100. Choose a number from 1 through 100 instead. <br/> |
-
+
+<br>
+
+****
+
+|Unsupported query|Reason|
+|||
+|`SensitiveType:"Credit Card Number|.."`|You must add at least one number.|
+|`SensitiveType:"NotARule"`|"NotARule" isn't a valid sensitive type name. Only names in the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help) work in DLP queries.|
+|`SensitiveType:"Credit Card Number|0"`|Zero isn't valid as either the minimum value or the maximum value in a range.|
+|`SensitiveType:"Credit Card Number"`|It's might be difficult to see, but there's extra white space between "Credit" and "Card" that makes the query invalid. Use exact sensitive type names from the [sensitive information types inventory](/Exchange/what-the-sensitive-information-types-in-exchange-look-for-exchange-2013-help).|
+|`SensitiveType:"Credit Card Number|1. .3"`|The two-period portion shouldn't be separated by a space.|
+|`SensitiveType:"Credit Card Number| |1..|80.."`|There are too many pipe delimiters (\|). Follow this format instead: `SensitiveType: "Credit Card Number|1..|80.."`|
+|`SensitiveType:"Credit Card Number|1..|80..101"`|Because confidence values represent a percentage, they can't exceed 100. Choose a number from 1 through 100 instead.|
+|
+ ## For more information - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
compliance Information Barriers Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-policies.md
When you define policies for information barriers, you'll work with user account
- User account attributes are defined in Azure Active Directory (or Exchange Online). These attributes can include department, job title, location, team name, and other job profile details. - Segments are sets of users that are defined in the Security & Compliance Center using a selected **user account attribute**. (See the [list of supported attributes](information-barriers-attributes.md).) - Information barrier policies determine communication limits or restrictions. When you define information barrier policies, you choose from two kinds of policies:
- - "Block" policies prevent one segment from communicating with another segment.
- - "Allow" policies allow one segment to communicate with only certain other segments.
+ - "Block" policies prevent one segment from communicating with another segment.
+ - "Allow" policies allow one segment to communicate with only certain other segments.
- Policy application is done after all information barrier policies are defined, and you are ready to apply them in your organization. ## The work flow at a glance
In addition to the [required licenses and permissions](information-barriers.md#r
- No address book policies - Before you define and apply information barrier policies, make sure no Exchange address book policies are in place. Information barriers are based on address book policies, but the two kinds of policies are not compatible. If you do have such policies, make sure to [remove your address book policies](/exchange/address-books/address-book-policies/remove-an-address-book-policy) first. Once information barrier policies are enabled and you have hierarchical address book enabled, all users ***who are not included*** in an information barrier segment will see the [hierarchical address book](/exchange/address-books/hierarchical-address-books/hierarchical-address-books) in Exchange online. -- PowerShell - Currently, information barrier policies are defined and managed in the Office 365 Security & Compliance Center using PowerShell cmdlets. Although several examples are provided in this article, you'll need to be familiar with PowerShell cmdlets and parameters. You will also need the Azure PowerShell module.
- - [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell)
- - [Install the Azure PowerShell module](/powershell/azure/install-az-ps?view=azps-2.3.2)
+- PowerShell - Currently, information barrier policies are defined and managed in the Office 365 Security & Compliance Center using PowerShell cmdlets. Although several examples are provided in this article, you'll need to be familiar with PowerShell cmdlets and parameters. You will also need the Azure PowerShell module.
+ - [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell)
+ - [Install the Azure PowerShell module](/powershell/azure/install-az-ps)
- Admin consent for information barriers in Microsoft Teams - When your IB policies are in place, they can remove non-IB compliance users from Groups (i.e. Teams channels, which are based on groups). This configuration helps ensure your organization remains compliant with policies and regulations. Use the following procedure to enable information barrier policies to work as expected in Microsoft Teams.
In addition to the [required licenses and permissions](information-barriers.md#r
1. When prompted, sign in using your work or school account for Office 365. 1. In the **Permissions requested** dialog box, review the information, and then choose **Accept**. The permissions requested by the App is given below.
-
+ > [!div class="mx-imgBorder"] > ![image](https://user-images.githubusercontent.com/8932063/107690955-b1772300-6c5f-11eb-9527-4235de860b27.png) - When all the prerequisites are met, proceed to the next section. > [!TIP]
When the cmdlet finishes, Contoso is compliant with legal and industry requireme
- [Get an overview of information barriers](information-barriers.md) - [Learn more about information barriers in Microsoft Teams](/MicrosoftTeams/information-barriers-in-teams) - [Learn more about information barriers in SharePoint Online](/sharepoint/information-barriers)-- [Learn more about information barriers in OneDrive](/onedrive/information-barriers)
+- [Learn more about information barriers in OneDrive](/onedrive/information-barriers)
compliance Insider Risk Management Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-configure.md
Depending on the structure of your compliance management team, you have options
Complete the following steps to add users to an insider risk management role group:
-1. Sign into [https://protection.office.com/permissions](https://protection.office.com/permissions) using credentials for an admin account in your Microsoft 365 organization.
+1. Sign into [https://compliance.microsoft.com/permissions](https://compliance.microsoft.com/permissions) using credentials for an admin account in your Microsoft 365 organization.
2. In the Security &amp; Compliance Center, go to **Permissions**. Select the link to view and manage roles in Office 365.
compliance Keyword Queries And Search Conditions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/keyword-queries-and-search-conditions.md
f1_keywords:
- 'ms.o365.cc.SearchQueryLearnMore' localization_priority: Normal-+ - Strat_O365_IP - M365-security-compliance - SPO_Content
+search.appverid:
- MOE150 - MET150 ms.assetid: c4639c2e-7223-4302-8e0d-b6e10f1c3be3
description: "Learn about email and document properties that you can search by u
# Keyword queries and search conditions for eDiscovery This topic describes the email and document properties that you can search for in email items and Microsoft Teams chat conversations in Exchange Online, and documents stored on SharePoint and OneDrive for Business sites using the eDiscovery search tools in the Microsoft 365 compliance center. This includes Content search, Core eDiscovery, and Advanced eDiscovery (eDiscovery searches in Advanced eDiscovery are called *collections*). You can also use the **\*-ComplianceSearch** cmdlets in Security & Compliance Center PowerShell to search for these properties. The topic also describes:
-
-- Using Boolean search operators, search conditions, and other search query techniques to refine your search results.
+- Using Boolean search operators, search conditions, and other search query techniques to refine your search results.
- Searching for sensitive data types and custom sensitive data types in SharePoint and OneDrive for Business.- - Searching for site content that's shared with users outside of your organization For step-by-step instructions on how to create different eDiscovery searches, see: - [Content search](content-search.md)- - [Search for content in Core eDiscovery](search-for-content-in-core-ediscovery.md)- - [Create a draft collection in Advanced eDiscovery](create-draft-collection.md) > [!NOTE] > eDiscovery searches in the Microsoft 365 compliance center and the corresponding **\*-ComplianceSearch** cmdlets in Security & Compliance Center PowerShell use the Keyword Query Language (KQL). For more detailed information, see [Keyword Query Language syntax reference](/sharepoint/dev/general-development/keyword-query-language-kql-syntax-reference).
-
+ ## Searchable email properties
-The following table lists email message properties that can be searched by using the eDiscovery search tools in the Microsoft 365 compliance center or by using the **New-ComplianceSearch** or the **Set-ComplianceSearch** cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples. You can type these `property:value` pairs in the keywords box for an eDiscovery search.
+The following table lists email message properties that can be searched by using the eDiscovery search tools in the Microsoft 365 compliance center or by using the **New-ComplianceSearch** or the **Set-ComplianceSearch** cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples. You can type these `property:value` pairs in the keywords box for an eDiscovery search.
> [!NOTE] > When searching email properties, it's not possible to search for items in which the specified property is empty or blank. For example, using the *property:value* pair of **subject:""** to search for email messages with an empty subject line will return zero results. This also applies when searching site and contact properties.
-
-| Property | Property description | Examples | Search results returned by the examples |
-|:--|:--|:--|:--|
-|AttachmentNames|The names of files attached to an email message.|`attachmentnames:annualreport.ppt` <br/> `attachmentnames:annual*` <br/> `attachmentnames:.pptx` |Messages that have an attached file named annualreport.ppt. In the second example, using the wildcard character ( * ) returns messages with the word "annual" in the file name of an attachment. The third example returns all attachments with the pptx file extension.|
-|Bcc|The Bcc field of an email message.<sup>1</sup>|`bcc:pilarp@contoso.com` <br/> `bcc:pilarp` <br/> `bcc:"Pilar Pinilla"`|All examples return messages with Pilar Pinilla included in the Bcc field.|
-|Category| The categories to search. Categories can be defined by users by using Outlook or Outlook on the web (formerly known as Outlook Web App). The possible values are: <br/><br/> blue <br/> green <br/> orange <br/> purple <br/> red <br/> yellow|`category:"Red Category"`|Messages that have been assigned the red category in the source mailboxes.|
-|Cc|The Cc field of an email message.<sup>1</sup>|`cc:pilarp@contoso.com` <br/> `cc:"Pilar Pinilla"`|In both examples, messages with Pilar Pinilla specified in the Cc field.|
-|Folderid|The folder ID (GUID) of a specific mailbox folder. If you use this property, be sure to search the mailbox that the specified folder is located in. Only the specified folder will be searched. Any subfolders in the folder won't be searched. To search subfolders, you need to use the Folderid property for the subfolder you want to search. <br/> For more information about searching for the Folderid property and using a script to obtain the folder IDs for a specific mailbox, see [Use Content search for targeted collections](use-content-search-for-targeted-collections.md).|`folderid:4D6DD7F943C29041A65787E30F02AD1F00000000013A0000` <br/> `folderid:2370FB455F82FC44BE31397F47B632A70000000001160000 AND participants:garthf@contoso.com`|The first example returns all items in the specified mailbox folder. The second example returns all items in the specified mailbox folder that were sent or received by garthf@contoso.com.|
-|From|The sender of an email message.<sup>1</sup>|`from:pilarp@contoso.com` <br/> `from:contoso.com`|Messages sent by the specified user or sent from a specified domain.|
+
+<br>
+
+****
+
+|Property|Property description|Examples|Search results returned by the examples|
+|||||
+|AttachmentNames|The names of files attached to an email message.|`attachmentnames:annualreport.ppt` <p> `attachmentnames:annual*` <br/> `attachmentnames:.pptx`|Messages that have an attached file named annualreport.ppt. In the second example, using the wildcard character ( * ) returns messages with the word "annual" in the file name of an attachment. The third example returns all attachments with the pptx file extension.|
+|Bcc|The Bcc field of an email message.<sup>1</sup>|`bcc:pilarp@contoso.com` <p> `bcc:pilarp` <p> `bcc:"Pilar Pinilla"`|All examples return messages with Pilar Pinilla included in the Bcc field.|
+|Category|The categories to search. Categories can be defined by users by using Outlook or Outlook on the web (formerly known as Outlook Web App). The possible values are: <ul><li>blue<li></li>green<li></li>orange<li></li>purple<li></li>red<li></li>yellow</li></ul>|`category:"Red Category"`|Messages that have been assigned the red category in the source mailboxes.|
+|Cc|The Cc field of an email message.<sup>1</sup>|`cc:pilarp@contoso.com` <p> `cc:"Pilar Pinilla"`|In both examples, messages with Pilar Pinilla specified in the Cc field.|
+|Folderid|The folder ID (GUID) of a specific mailbox folder. If you use this property, be sure to search the mailbox that the specified folder is located in. Only the specified folder will be searched. Any subfolders in the folder won't be searched. To search subfolders, you need to use the Folderid property for the subfolder you want to search. <p> For more information about searching for the Folderid property and using a script to obtain the folder IDs for a specific mailbox, see [Use Content search for targeted collections](use-content-search-for-targeted-collections.md).|`folderid:4D6DD7F943C29041A65787E30F02AD1F00000000013A0000` <p> `folderid:2370FB455F82FC44BE31397F47B632A70000000001160000 AND participants:garthf@contoso.com`|The first example returns all items in the specified mailbox folder. The second example returns all items in the specified mailbox folder that were sent or received by garthf@contoso.com.|
+|From|The sender of an email message.<sup>1</sup>|`from:pilarp@contoso.com` <p> `from:contoso.com`|Messages sent by the specified user or sent from a specified domain.|
|HasAttachment|Indicates whether a message has an attachment. Use the values **true** or **false**.|`from:pilar@contoso.com AND hasattachment:true`|Messages sent by the specified user that have attachments.|
-|Importance|The importance of an email message, which a sender can specify when sending a message. By default, messages are sent with normal importance, unless the sender sets the importance as **high** or **low**.|`importance:high` <br/> `importance:medium` <br/> `importance:low`|Messages that are marked as high importance, medium importance, or low importance.|
-|IsRead|Indicates whether messages have been read. Use the values **true** or **false**.|`isread:true` <br/> `isread:false`|The first example returns messages with the IsRead property set to **True**. The second example returns messages with the IsRead property set to **False**.|
-|ItemClass|Use this property to search specific third-party data types that your organization imported to Office 365. Use the following syntax for this property: `itemclass:ipm.externaldata.<third-party data type>*`|`itemclass:ipm.externaldata.Facebook* AND subject:contoso` <br/> `itemclass:ipm.externaldata.Twitter* AND from:"Ann Beebe" AND "Northwind Traders"`|The first example returns Facebook items that contain the word "contoso" in the Subject property. The second example returns Twitter items that were posted by Ann Beebe and that contain the keyword phrase "Northwind Traders". <br/> For a complete list of values to use for third-party data types for the ItemClass property, see [Use Content search to search third-party data that was imported to Office 365](use-content-search-to-search-third-party-data-that-was-imported.md).|
-|Kind| The type of email message to search for. Possible values: <br/> contacts <br/> docs <br/> email <br/> externaldata <br/> faxes <br/> im <br/> journals <br/> meetings <br/> microsoftteams (returns items from chats, meetings, and calls in Microsoft Teams) <br/> notes <br/> posts <br/> rssfeeds <br/> tasks <br/> voicemail|`kind:email` <br/> `kind:email OR kind:im OR kind:voicemail` <br/> `kind:externaldata`|The first example returns email messages that meet the search criteria. The second example returns email messages, instant messaging conversations (including Skype for Business conversations and chats in Microsoft Teams), and voice messages that meet the search criteria. The third example returns items that were imported to mailboxes in Microsoft 365 from third-party data sources, such as Twitter, Facebook, and Cisco Jabber, that meet the search criteria. For more information, see [Archiving third-party data in Office 365](https://www.microsoft.com/?ref=go).|
-|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc.<sup>1</sup>|`participants:garthf@contoso.com` <br/> `participants:contoso.com`|Messages sent by or sent to garthf@contoso.com. The second example returns all messages sent by or sent to a user in the contoso.com domain.|
-|Received|The date that an email message was received by a recipient.|`received:04/15/2016` <br/> `received>=01/01/2016 AND received<=03/31/2016`|Messages that were received on April 15, 2016. The second example returns all messages received between January 1, 2016 and March 31, 2016.|
-|Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc.<sup>1</sup>|`recipients:garthf@contoso.com` <br/> `recipients:contoso.com`|Messages sent to garthf@contoso.com. The second example returns messages sent to any recipient in the contoso.com domain.|
-|Sent|The date that an email message was sent by the sender.|`sent:07/01/2016` <br/> `sent>=06/01/2016 AND sent<=07/01/2016`|Messages that were sent on the specified date or sent within the specified date range.|
-|Size|The size of an item, in bytes.|`size>26214400` <br/> `size:1..1048567`|Messages larger than 25 MB. The second example returns messages from 1 through 1,048,567 bytes (1 MB) in size.|
-|Subject|The text in the subject line of an email message. <br/> **Note:** When you use the Subject property in a query, the search returns all messages in which the subject line contains the text you're searching for. In other words, the query doesn't return only those messages that have an exact match. For example, if you search for `subject:"Quarterly Financials"`, your results will include messages with the subject "Quarterly Financials 2018".|`subject:"Quarterly Financials"` <br/> `subject:northwind`|Messages that contain the phrase "Quarterly Financials" anywhere in the text of the subject line. The second example returns all messages that contain the word northwind in the subject line.|
-|To|The To field of an email message.<sup>1</sup>|`to:annb@contoso.com` <br/> `to:annb ` <br/> `to:"Ann Beebe"`|All examples return messages where Ann Beebe is specified in the To: line.|
-|||||
-
+|Importance|The importance of an email message, which a sender can specify when sending a message. By default, messages are sent with normal importance, unless the sender sets the importance as **high** or **low**.|`importance:high` <p> `importance:medium` <p> `importance:low`|Messages that are marked as high importance, medium importance, or low importance.|
+|IsRead|Indicates whether messages have been read. Use the values **true** or **false**.|`isread:true` <p> `isread:false`|The first example returns messages with the IsRead property set to **True**. The second example returns messages with the IsRead property set to **False**.|
+|ItemClass|Use this property to search specific third-party data types that your organization imported to Office 365. Use the following syntax for this property: `itemclass:ipm.externaldata.<third-party data type>*`|`itemclass:ipm.externaldata.Facebook* AND subject:contoso` <p> `itemclass:ipm.externaldata.Twitter* AND from:"Ann Beebe" AND "Northwind Traders"`|The first example returns Facebook items that contain the word "contoso" in the Subject property. The second example returns Twitter items that were posted by Ann Beebe and that contain the keyword phrase "Northwind Traders". <p> For a complete list of values to use for third-party data types for the ItemClass property, see [Use Content search to search third-party data that was imported to Office 365](use-content-search-to-search-third-party-data-that-was-imported.md).|
+|Kind|The type of email message to search for. Possible values: <p> contacts <p> docs <p> email <p> externaldata <p> faxes <p> im <p> journals <p> meetings <p> microsoftteams (returns items from chats, meetings, and calls in Microsoft Teams) <p> notes <p> posts <p> rssfeeds <p> tasks <p> voicemail|`kind:email` <p> `kind:email OR kind:im OR kind:voicemail` <p> `kind:externaldata`|The first example returns email messages that meet the search criteria. The second example returns email messages, instant messaging conversations (including Skype for Business conversations and chats in Microsoft Teams), and voice messages that meet the search criteria. The third example returns items that were imported to mailboxes in Microsoft 365 from third-party data sources, such as Twitter, Facebook, and Cisco Jabber, that meet the search criteria. For more information, see [Archiving third-party data in Office 365](https://www.microsoft.com/?ref=go).|
+|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc.<sup>1</sup>|`participants:garthf@contoso.com` <p> `participants:contoso.com`|Messages sent by or sent to garthf@contoso.com. The second example returns all messages sent by or sent to a user in the contoso.com domain.|
+|Received|The date that an email message was received by a recipient.|`received:04/15/2016` <p> `received>=01/01/2016 AND received<=03/31/2016`|Messages that were received on April 15, 2016. The second example returns all messages received between January 1, 2016 and March 31, 2016.|
+|Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc.<sup>1</sup>|`recipients:garthf@contoso.com` <p> `recipients:contoso.com`|Messages sent to garthf@contoso.com. The second example returns messages sent to any recipient in the contoso.com domain.|
+|Sent|The date that an email message was sent by the sender.|`sent:07/01/2016` <p> `sent>=06/01/2016 AND sent<=07/01/2016`|Messages that were sent on the specified date or sent within the specified date range.|
+|Size|The size of an item, in bytes.|`size>26214400` <p> `size:1..1048567`|Messages larger than 25 MB. The second example returns messages from 1 through 1,048,567 bytes (1 MB) in size.|
+|Subject|The text in the subject line of an email message. <p> **Note:** When you use the Subject property in a query, the search returns all messages in which the subject line contains the text you're searching for. In other words, the query doesn't return only those messages that have an exact match. For example, if you search for `subject:"Quarterly Financials"`, your results will include messages with the subject "Quarterly Financials 2018".|`subject:"Quarterly Financials"` <p> `subject:northwind`|Messages that contain the phrase "Quarterly Financials" anywhere in the text of the subject line. The second example returns all messages that contain the word northwind in the subject line.|
+|To|The To field of an email message.<sup>1</sup>|`to:annb@contoso.com` <p> `to:annb ` <br/> `to:"Ann Beebe"`|All examples return messages where Ann Beebe is specified in the To: line.|
+|
+ > [!NOTE] > <sup>1</sup> For the value of a recipient property, you can use email address (also called *user principal name* or UPN), display name, or alias to specify a user. For example, you can use annb@contoso.com, annb, or "Ann Beebe" to specify the user Ann Beebe.
However, be aware that preventing recipient expansion in the search query may re
## Searchable site properties
-The following table lists some of the SharePoint and OneDrive for Business properties that can be searched by using the eDiscovery search tools in the Microsoft 365 compliance Center or by using the **New-ComplianceSearch** or the **Set-ComplianceSearch** cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples.
-
+The following table lists some of the SharePoint and OneDrive for Business properties that can be searched by using the eDiscovery search tools in the Microsoft 365 compliance Center or by using the **New-ComplianceSearch** or the **Set-ComplianceSearch** cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples.
+ For a complete list of SharePoint properties that can be searched, see [Overview of crawled and managed properties in SharePoint](/SharePoint/technical-reference/crawled-and-managed-properties-overview). Properties marked with a **Yes** in the **Queryable** column can be searched.
-
-| Property | Property description | Example | Search results returned by the examples |
-|:--|:--|:--|:--|
+
+<br>
+
+****
+
+|Property|Property description|Example|Search results returned by the examples|
+|||||
|Author|The author field from Office documents, which persists if a document is copied. For example, if a user creates a document and the emails it to someone else who then uploads it to SharePoint, the document will still retain the original author. Be sure to use the user's display name for this property.|` |ContentType|The SharePoint content type of an item, such as Item, Document, or Video.|`contenttype:document`|All documents would be returned.| |Created|The date that an item is created.|`created>=06/01/2016`|All items created on or after June 1, 2016.| |CreatedBy|The person that created or uploaded an item. Be sure to use the user's display name for this property.|`createdby:"Garth Fort"`|All items created or uploaded by Garth Fort.| |DetectedLanguage|The language of an item.|`detectedlanguage:english`|All items in English.|
-|DocumentLink|The path (URL) of a specific folder on a SharePoint or OneDrive for Business site. If you use this property, be sure to search the site that the specified folder is located in. <br/> To return items located in subfolders of the folder that you specify for the documentlink property, you have to add /\* to the URL of the specified folder; for example, `documentlink: "https://contoso.sharepoint.com/Shared Documents/*"` <br/> <br/>For more information about searching for the documentlink property and using a script to obtain the documentlink URLs for folders on a specific site, see [Use Content search for targeted collections](use-content-search-for-targeted-collections.md).|`documentlink:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/Documents/Private"` <br/> `documentlink:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/Documents/Shared with Everyone/*" AND filename:confidential`|The first example returns all items in the specified OneDrive for Business folder. The second example returns documents in the specified site folder (and all subfolders) that contain the word "confidential" in the file name.|
+|DocumentLink|The path (URL) of a specific folder on a SharePoint or OneDrive for Business site. If you use this property, be sure to search the site that the specified folder is located in. <p> To return items located in subfolders of the folder that you specify for the documentlink property, you have to add /\* to the URL of the specified folder; for example, `documentlink: "https://contoso.sharepoint.com/Shared Documents/*"` <p> <br/>For more information about searching for the documentlink property and using a script to obtain the documentlink URLs for folders on a specific site, see [Use Content search for targeted collections](use-content-search-for-targeted-collections.md).|`documentlink:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/Documents/Private"` <p> `documentlink:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/Documents/Shared with Everyone/*" AND filename:confidential`|The first example returns all items in the specified OneDrive for Business folder. The second example returns documents in the specified site folder (and all subfolders) that contain the word "confidential" in the file name.|
|FileExtension|The extension of a file; for example, docx, one, pptx, or xlsx.|`fileextension:xlsx`|All Excel files (Excel 2007 and later)|
-|FileName|The name of a file.|`filename:"marketing plan"` <br/> `filename:estimate`|The first example returns files with the exact phrase "marketing plan" in the title. The second example returns files with the word "estimate" in the file name.|
-|LastModifiedTime|The date that an item was last changed.|`lastmodifiedtime>=05/01/2016` <br/> `lastmodifiedtime>=05/10/2016 AND lastmodifiedtime<=06/1/2016`|The first example returns items that were changed on or after May 1, 2016. The second example returns items changed between May 1, 2016 and June 1, 2016.|
+|FileName|The name of a file.|`filename:"marketing plan"` <p> `filename:estimate`|The first example returns files with the exact phrase "marketing plan" in the title. The second example returns files with the word "estimate" in the file name.|
+|LastModifiedTime|The date that an item was last changed.|`lastmodifiedtime>=05/01/2016` <p> `lastmodifiedtime>=05/10/2016 AND lastmodifiedtime<=06/1/2016`|The first example returns items that were changed on or after May 1, 2016. The second example returns items changed between May 1, 2016 and June 1, 2016.|
|ModifiedBy|The person who last changed an item. Be sure to use the user's display name for this property.|`modifiedby:"Garth Fort"`|All items that were last changed by Garth Fort.|
-|Path|The path (URL) of a specific site in a SharePoint or OneDrive for Business site.<br/><br/>To return items only from the specified site, you have to add the trailing `/` to the end of the URL; for example, `path: "https://contoso.sharepoint.com/sites/international/"` <br/><br/> To return items located in folders in the site that you specify in the path property, you have to add `/*` to the end of the URL; for example, `path: "https://contoso.sharepoint.com/Shared Documents/*"` <br/><br/> **Note:** Using the `Path` property to search OneDrive locations won't return media files, such as .png, .tiff, or .wav files, in the search results. Use a different site property in your search query to search for media files in OneDrive folders. <br/>|`path:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/"` <br/> `path:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/*" AND filename:confidential`|The first example returns all items in the specified OneDrive for Business site. The second example returns documents in the specified site (and folders in the site) that contain the word "confidential" in the file name.|
-|SharedWithUsersOWSUser|Documents that have been shared with the specified user and displayed on the **Shared with me** page in the user's OneDrive for Business site. These are documents that have been explicitly shared with the specified user by other people in your organization. When you export documents that match a search query that uses the SharedWithUsersOWSUser property, the documents are exported from the original content location of the person who shared the document with the specified user. For more information, see [Searching for site content shared within your organization](#searching-for-site-content-shared-within-your-organization).|`sharedwithusersowsuser:garthf` <br/> `sharedwithusersowsuser:"garthf@contoso.com"`|Both examples return all internal documents that have been explicitly shared with Garth Fort and that appear on the **Shared with me** page in Garth Fort's OneDrive for Business account.|
-|Site|The URL of a site or group of sites in your organization.|`site:"https://contoso-my.sharepoint.com"` <br/> `site:"https://contoso.sharepoint.com/sites/teams"`|The first example returns items from the OneDrive for Business sites for all users in the organization. The second example returns items from all team sites.|
-|Size|The size of an item, in bytes.|`size>=1` <br/> `size:1..10000`|The first example returns items larger than 1 byte. The second example returns items from 1 through 10,000 bytes in size.|
+|Path|The path (URL) of a specific site in a SharePoint or OneDrive for Business site. <p> To return items only from the specified site, you have to add the trailing `/` to the end of the URL; for example, `path: "https://contoso.sharepoint.com/sites/international/"` <p> To return items located in folders in the site that you specify in the path property, you have to add `/*` to the end of the URL; for example, `path: "https://contoso.sharepoint.com/Shared Documents/*"` <p> **Note:** Using the `Path` property to search OneDrive locations won't return media files, such as .png, .tiff, or .wav files, in the search results. Use a different site property in your search query to search for media files in OneDrive folders. <br/>|`path:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/"` <p> `path:"https://contoso-my.sharepoint.com/personal/garthf_contoso_com/*" AND filename:confidential`|The first example returns all items in the specified OneDrive for Business site. The second example returns documents in the specified site (and folders in the site) that contain the word "confidential" in the file name.|
+|SharedWithUsersOWSUser|Documents that have been shared with the specified user and displayed on the **Shared with me** page in the user's OneDrive for Business site. These are documents that have been explicitly shared with the specified user by other people in your organization. When you export documents that match a search query that uses the SharedWithUsersOWSUser property, the documents are exported from the original content location of the person who shared the document with the specified user. For more information, see [Searching for site content shared within your organization](#searching-for-site-content-shared-within-your-organization).|`sharedwithusersowsuser:garthf` <p> `sharedwithusersowsuser:"garthf@contoso.com"`|Both examples return all internal documents that have been explicitly shared with Garth Fort and that appear on the **Shared with me** page in Garth Fort's OneDrive for Business account.|
+|Site|The URL of a site or group of sites in your organization.|`site:"https://contoso-my.sharepoint.com"` <p> `site:"https://contoso.sharepoint.com/sites/teams"`|The first example returns items from the OneDrive for Business sites for all users in the organization. The second example returns items from all team sites.|
+|Size|The size of an item, in bytes.|`size>=1` <p> `size:1..10000`|The first example returns items larger than 1 byte. The second example returns items from 1 through 10,000 bytes in size.|
|Title|The title of the document. The Title property is metadata that's specified in Microsoft Office documents. It's different from the file name of the document.|` Title: "communication plan"`|Any document that contains the phrase "communication plan" in the Title metadata property of an Office document.|
-|||||
+|
## Searchable contact properties The following table lists the contact properties that are indexed and that you can search for using eDiscovery search tools. These are the properties that are available for users to configure for the contacts (also called personal contacts) that are located in the personal address book of a user's mailbox. To search for contacts, you can select the mailboxes to search and then use one or more contact properties in the keyword query.
-
+ > [!TIP] > To search for values that contain spaces or special characters, use double quotation marks (" ") to contain the phrase; for example, `businessaddress:"123 Main Street"`.
-
-|Property |Property description |
-|:--|:--|
+
+<br>
+
+****
+
+|Property|Property description|
+|||
|BusinessAddress|The address in the **Business Address** property. The property is also called the **Work** address on the contact properties page.| |BusinessPhone|The phone number in any of the **Business Phone** number properties.| |CompanyName|The name in the **Company** property.|
The following table lists the contact properties that are indexed and that you c
|OtherAddress|The value for the **Other** address property.| |Surname|The name in the **Last** name property.| |Title|The title in the **Job title** property.|
-|||||
+|
## Searchable sensitive data types You can use eDiscovery search tools in the Microsoft 365 compliance center to search for sensitive data, such as credit card numbers or social security numbers, that is stored in documents on SharePoint and OneDrive for Business sites. You can do this by using the `SensitiveType` property and the name (or ID) of a sensitive information type in a keyword query. For example, the query `SensitiveType:"Credit Card Number"` returns documents that contain a credit card number. The query `SensitiveType:"U.S. Social Security Number (SSN)"` returns documents that contain a U.S. social security number. To see a list of the sensitive information types that you can search for, go to **Data classifications** \> **Sensitive info types** in the Microsoft 365 compliance center. Or you can use the **Get-DlpSensitiveInformationType** cmdlet in Security & Compliance Center PowerShell to display a list of sensitive information types.
-
+ For more information about creating queries using the `SensitiveType` property, see [Form a query to find sensitive data stored on sites](form-a-query-to-find-sensitive-data-stored-on-sites.md). ### Limitations for searching sensitive data types
For more information about creating queries using the `SensitiveType` property,
``` Then you can use the ID in the `SensitiveType` search property to return documents that contain the custom sensitive data type; for example, `SensitiveType:7e13277e-6b04-3b68-94ed-1aeb9d47de37`
-
+ - You can't use sensitive information types and the `SensitiveType` search property to search for sensitive data at-rest in Exchange Online mailboxes. This includes 1:1 chat messages, 1:N group chat messages, and team channel conversations in Microsoft teams because all of this content is stored in mailboxes. However, you can use data loss prevention (DLP) policies to protect sensitive email data in transit. For more information, see [Learn about data loss prevention](dlp-learn-about-dlp.md) and [Search for and find personal data](/compliance/regulatory/gdpr).
-
+ ## Search operators
-Boolean search operators, such as **AND**, **OR**, and **NOT**, help you define more-precise searches by including or excluding specific words in the search query. Other techniques, such as using property operators (such as `>=` or `..`), quotation marks, parentheses, and wildcards, help you refine a search query. The following table lists the operators that you can use to narrow or broaden search results.
-
-|Operator |Usage |Description |
-|:--|:--|:--|
+Boolean search operators, such as **AND**, **OR**, and **NOT**, help you define more-precise searches by including or excluding specific words in the search query. Other techniques, such as using property operators (such as `>=` or `..`), quotation marks, parentheses, and wildcards, help you refine a search query. The following table lists the operators that you can use to narrow or broaden search results.
+
+<br>
+
+****
+
+|Operator|Usage|Description|
+||||
|AND|keyword1 AND keyword2|Returns items that include all of the specified keywords or `property:value` expressions. For example, `from:"Ann Beebe" AND subject:northwind` would return all messages sent by Ann Beebe that contained the word northwind in the subject line. <sup>2</sup>|
-|+|keyword1 + keyword2 + keyword3|Returns items that contain *either* `keyword2` or `keyword3` *and* that also contain `keyword1`. Therefore, this example is equivalent to the query `(keyword2 OR keyword3) AND keyword1`. <br/> The query `keyword1 + keyword2` (with a space after the **+** symbol) isn't the same as using the **AND** operator. This query would be equivalent to `"keyword1 + keyword2"` and return items with the exact phase `"keyword1 + keyword2"`.|
+|+|keyword1 + keyword2 + keyword3|Returns items that contain *either* `keyword2` or `keyword3` *and* that also contain `keyword1`. Therefore, this example is equivalent to the query `(keyword2 OR keyword3) AND keyword1`. <p> The query `keyword1 + keyword2` (with a space after the **+** symbol) isn't the same as using the **AND** operator. This query would be equivalent to `"keyword1 + keyword2"` and return items with the exact phase `"keyword1 + keyword2"`.|
|OR|keyword1 OR keyword2|Returns items that include one or more of the specified keywords or `property:value` expressions. <sup>2</sup>|
-|NOT|keyword1 NOT keyword2 <br/> NOT from:"Ann Beebe" <br/> NOT kind:im|Excludes items specified by a keyword or a `property:value` expression. In the second example excludes messages sent by Ann Beebe. The third example excludes any instant messaging conversations, such as Skype for Business conversations that are saved to the Conversation History mailbox folder. <sup>2</sup>|
+|NOT|keyword1 NOT keyword2 <p> NOT from:"Ann Beebe" <p> NOT kind:im|Excludes items specified by a keyword or a `property:value` expression. In the second example excludes messages sent by Ann Beebe. The third example excludes any instant messaging conversations, such as Skype for Business conversations that are saved to the Conversation History mailbox folder. <sup>2</sup>|
|-|keyword1 -keyword2|The same as the **NOT** operator. So this query returns items that contain `keyword1` and would exclude items that contain `keyword2`.| |NEAR|keyword1 NEAR(n) keyword2|Returns items with words that are near each other, where n equals the number of words apart. For example, `best NEAR(5) worst` returns any item where the word "worst" is within five words of "best". If no number is specified, the default distance is eight words. <sup>2</sup>| |:|property:value|The colon (:) in the `property:value` syntax specifies that the value of the property being searched for contains the specified value. For example, `recipients:garthf@contoso.com` returns any message sent to garthf@contoso.com.|
Boolean search operators, such as **AND**, **OR**, and **NOT**, help you define
|\<=|property\<=value|Denotes that the property being searched is less than or equal to a specific value.<sup>1</sup>| |\>=|property\>=value|Denotes that the property being searched is greater than or equal to a specific value.<sup>1</sup>| |..|property:value1..value2|Denotes that the property being searched is greater than or equal to value1 and less than or equal to value2.<sup>1</sup>|
-|" "|"fair value" <br/> subject:"Quarterly Financials"|Use double quotation marks (" ") to search for an exact phrase or term in keyword and `property:value` search queries.|
-|\*|cat\* <br/> subject:set\*|Prefix searches (also called *prefix matching*) where a wildcard character ( * ) is placed at the end of a word in keywords or `property:value` queries. In prefix searches, the search returns results with terms that contain the word followed by zero or more characters. For example, ` Title: set*` returns documents that contain the word "set", "setup", and "setting" (and other words that start with "set") in the document title. <br/><br/> **Note:** You can use only prefix searches; for example, **cat\*** or **set\***. Suffix searches (**\*cat**), infix searches (**c\*t**), and substring searches (**\*cat\***) are not supported.<br/><br/>Also, adding a period ( \. ) to a prefix search will change the results that are returned. That's because a period is treated as a stop word. For example, searching for **cat\*** and searching for **cat.\*** will return different results. We recommend not using a period in a prefix search. |
-|( )|(fair OR free) AND (from:contoso.com) <br/> (IPO OR initial) AND (stock OR shares) <br/> (quarterly financials)|Parentheses group together Boolean phrases, `property:value` items, and keywords. For example, `(quarterly financials)` returns items that contain the words quarterly and financials.|
-|||||
-
+|" "|"fair value" <p> subject:"Quarterly Financials"|Use double quotation marks (" ") to search for an exact phrase or term in keyword and `property:value` search queries.|
+|\*|cat\* <p> subject:set\*|Prefix searches (also called *prefix matching*) where a wildcard character ( * ) is placed at the end of a word in keywords or `property:value` queries. In prefix searches, the search returns results with terms that contain the word followed by zero or more characters. For example, ` Title: set*` returns documents that contain the word "set", "setup", and "setting" (and other words that start with "set") in the document title. <p> **Note:** You can use only prefix searches; for example, **cat\*** or **set\***. Suffix searches (**\*cat**), infix searches (**c\*t**), and substring searches (**\*cat\***) are not supported. <p> Also, adding a period ( \. ) to a prefix search will change the results that are returned. That's because a period is treated as a stop word. For example, searching for **cat\*** and searching for **cat.\*** will return different results. We recommend not using a period in a prefix search.|
+|( )|(fair OR free) AND (from:contoso.com) <p> (IPO OR initial) AND (stock OR shares) <p> (quarterly financials)|Parentheses group together Boolean phrases, `property:value` items, and keywords. For example, `(quarterly financials)` returns items that contain the words quarterly and financials.|
+|
+ > [!NOTE]
-> <sup>1</sup> Use this operator for properties that have date or numeric values.<br/> <sup>2</sup> Boolean search operators must be uppercase; for example, **AND**. If you use a lowercase operator, such as **and**, it will be treated as a keyword in the search query.
-
+> <sup>1</sup> Use this operator for properties that have date or numeric values.<br/> <sup>2</sup> Boolean search operators must be uppercase; for example, **AND**. If you use a lowercase operator, such as **and**, it will be treated as a keyword in the search query.
+ ## Search conditions You can add conditions to a search query to narrow a search and return a more refined set of results. Each condition adds a clause to the KQL search query that is created and run when you start the search.
-
+ [Conditions for common properties](#conditions-for-common-properties) [Conditions for mail properties](#conditions-for-mail-properties)
You can add conditions to a search query to narrow a search and return a more re
[Guidelines for using conditions](#guidelines-for-using-conditions) [Examples of using conditions in search queries](#examples-of-using-conditions-in-search-queries)
-
+ ### Conditions for common properties Create a condition using common properties when searching mailboxes and sites in the same search. The following table lists the available properties to use when adding a condition.
-
-| Condition | Description |
-|:--|:--|
+
+<br>
+
+****
+
+|Condition|Description|
+|||
|Date|For email, the date a message was received by a recipient or sent by the sender. For documents, the date a document was last modified.| |Sender/Author|For email, the person who sent a message. For documents, the person cited in the author field from Office documents. You can type more than one name, separated by commas. Two or more values are logically connected by the **OR** operator.| |Size (in bytes)|For both email and documents, the size of the item (in bytes).| |Subject/Title|For email, the text in the subject line of a message. For documents, the title of the document. As previously explained, the Title property is metadata specified in Microsoft Office documents. You can type the name of more than one subject/title, separated by commas. Two or more values are logically connected by the **OR** operator.| |Retention label|For both email and documents, retention labels that have been assigned to messages and documents automatically by auto-label policies or retention labels that have been manually assigned by users. Retention labels are used to classify email and documents for information governance and enforce retention rules based on the settings defined by the label. You can type part of the retention label name and use a wildcard or type the complete label name. For more information about retention labels, see [Learn about retention policies and retention labels](retention.md).|
-|||
-
+|
+ ### Conditions for mail properties Create a condition using mail properties when searching mailboxes or public folders. The following table lists the email properties that you can use for a condition. These properties are a subset of the email properties that were previously described. These descriptions are repeated for your convenience.
-
-| Condition | Description |
-|:--|:--|
-|Message kind| The message type to search. This is the same property as the Kind email property. Possible values: <br/><br/> contacts <br/> docs <br/> email <br/> externaldata <br/> faxes <br/> im <br/> journals <br/> meetings <br/> microsoftteams <br/> notes <br/> posts <br/> rssfeeds <br/> tasks <br/> voicemail|
+
+<br>
+
+****
+
+|Condition|Description|
+|||
+|Message kind|The message type to search. This is the same property as the Kind email property. Possible values: <ul><li>contacts</li><li>docs</li><li>email</li><li>externaldata</li><li>faxe</li><li>im</li><li>journals</li><li>meetings</li><li>microsoftteams</li><li>notes</li><li>posts</li><li>rssfeeds</li><li>tasks</li><li>voicemail</li></ul>|
|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc.|
-|Type|The message class property for an email item. This is the same property as the ItemClass email property. It's also a multi-value condition. So to select multiple message classes, hold the **CTRL** key and then click two or more message classes in the drop-down list that you want to add to the condition. Each message class that you select in the list will be logically connected by the **OR** operator in the corresponding search query. <br/> For a list of the message classes (and their corresponding message class ID) that are used by Exchange and that you can select in the **Message class** list, see [Item Types and Message Classes](/office/vba/outlook/Concepts/Forms/item-types-and-message-classes).|
+|Type|The message class property for an email item. This is the same property as the ItemClass email property. It's also a multi-value condition. So to select multiple message classes, hold the **CTRL** key and then click two or more message classes in the drop-down list that you want to add to the condition. Each message class that you select in the list will be logically connected by the **OR** operator in the corresponding search query. <p> For a list of the message classes (and their corresponding message class ID) that are used by Exchange and that you can select in the **Message class** list, see [Item Types and Message Classes](/office/vba/outlook/Concepts/Forms/item-types-and-message-classes).|
|Received|The date that an email message was received by a recipient. This is the same property as the Received email property.| |Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc.| |Sender|The sender of an email message.| |Sent|The date that an email message was sent by the sender. This is the same property as the Sent email property.| |Subject|The text in the subject line of an email message.| |To|The recipient of an email message in the To field.|
-|||
-
+|
+ ### Conditions for document properties Create a condition using document properties when searching for documents on SharePoint and OneDrive for Business sites. The following table lists the document properties that you can use for a condition. These properties are a subset of the site properties that were previously described. These descriptions are repeated for your convenience.
-
-| Condition | Description |
-|:--|:--|
+
+<br>
+
+****
+
+|Condition|Description|
+|||
|Author|The author field from Office documents, which persists if a document is copied. For example, if a user creates a document and the emails it to someone else who then uploads it to SharePoint, the document will still retain the original author.| |Title|The title of the document. The Title property is metadata that's specified in Office documents. It's different than the file name of the document.| |Created|The date that a document is created.| |Last modified|The date that a document was last changed.|
-|File type|The extension of a file; for example, docx, one, pptx, or xlsx. This is the same property as the FileExtension site property. <br/><br/> **Note:** If you include a File type condition using the **Equals** or **Equals any of** operator in a search query, you can't use a prefix search (by including the wildcard character ( * ) at the end of the file type) to return all versions of a file type. If you do, the wildcard will be ignored. For example if you include the condition `Equals any of doc*`, only files with an extension of `.doc` will be returned. Files with an extension of `.docx` will not be returned. To return all versions of a file type, used the *property:value* pair in a keyword query; for example, `filetype:doc*`.|
-|||
-
+|File type|The extension of a file; for example, docx, one, pptx, or xlsx. This is the same property as the FileExtension site property. <p> **Note:** If you include a File type condition using the **Equals** or **Equals any of** operator in a search query, you can't use a prefix search (by including the wildcard character ( \* ) at the end of the file type) to return all versions of a file type. If you do, the wildcard will be ignored. For example if you include the condition `Equals any of doc*`, only files with an extension of `.doc` will be returned. Files with an extension of `.docx` will not be returned. To return all versions of a file type, used the *property:value* pair in a keyword query; for example, `filetype:doc*`.|
+|
+ ### Operators used with conditions When you add a condition, you can select an operator that is relevant to type of property for the condition. The following table describes the operators that are used with conditions and lists the equivalent that is used in the search query.
-
-| Operator | Query equivalent | Description |
-|:--|:--|:--|
+
+<br>
+
+****
+
+|Operator|Query equivalent|Description|
+||||
|After|`property>date`|Used with date conditions. Returns items that were sent, received, or modified after the specified date.| |Before|`property<date`|Used with date conditions. Returns items that were sent, received, or modified before the specified date.| |Between|`date..date`|Use with date and size conditions. When used with a date condition, returns items there were sent, received, or modified within the specified date range. When used with a size condition, returns items whose size is within the specified range.| |Contains any of|`(property:value) OR (property:value)`|Used with conditions for properties that specify a string value. Returns items that contain any part of one or more specified string values.|
-|Doesn't contain any of|`-property:value` <br/> `NOT property:value`|Used with conditions for properties that specify a string value. Returns items that don't contain any part of the specified string value.|
-|Doesn't equal any of|`-property=value` <br/> `NOT property=value`|Used with conditions for properties that specify a string value. Returns items that don't contain the specific string.|
+|Doesn't contain any of|`-property:value` <p> `NOT property:value`|Used with conditions for properties that specify a string value. Returns items that don't contain any part of the specified string value.|
+|Doesn't equal any of|`-property=value` <p> `NOT property=value`|Used with conditions for properties that specify a string value. Returns items that don't contain the specific string.|
|Equals|`size=value`|Returns items that are equal to the specified size.<sup>1</sup>| |Equals any of|`(property=value) OR (property=value)`|Used with conditions for properties that specify a string value. Returns items that are an exact match of one or more specified string values.| |Greater|`size>value`|Returns items where the specified property is greater than the specified value.<sup>1</sup>|
When you add a condition, you can select an operator that is relevant to type of
|Less|`size<value`|Returns items that are greater than or equal to the specific value.<sup>1</sup>| |Less or equal|`size<=value`|Returns items that are greater than or equal to the specific value.<sup>1</sup>| |Not equal|`size<>value`|Returns items that don't equal the specified size.<sup>1</sup>|
-|||
-
+|
+ > [!NOTE]
-> <sup>1</sup> This operator is available only for conditions that use the Size property.
-
+> <sup>1</sup> This operator is available only for conditions that use the Size property.
+ ### Guidelines for using conditions Keep the following in mind when using search conditions.
-
+ - A condition is logically connected to the keyword query (specified in the keyword box) by the **AND** operator. That means that items have to satisfy both the keyword query and the condition to be included in the results. This is how conditions help to narrow your results.
-
+ - If you add two or more unique conditions to a search query (conditions that specify different properties), those conditions are logically connected by the **AND** operator. That means only items that satisfy all the conditions (in addition to any keyword query) are returned.
-
-- If you add more than one condition for the same property, those conditions are logically connected by the **OR** operator. That means items that satisfy the keyword query and any one of the conditions are returned. So, groups of the same conditions are connected to each other by the **OR** operator and then sets of unique conditions are connected by the **AND** operator.
-
-- If you add multiple values (separated by commas or semi-colons) to a single condition, those values are connected by the **OR** operator. That means items are returned if they contain any of the specified values for the property in the condition.
-
+
+- If you add more than one condition for the same property, those conditions are logically connected by the **OR** operator. That means items that satisfy the keyword query and any one of the conditions are returned. So, groups of the same conditions are connected to each other by the **OR** operator and then sets of unique conditions are connected by the **AND** operator.
+
+- If you add multiple values (separated by commas or semi-colons) to a single condition, those values are connected by the **OR** operator. That means items are returned if they contain any of the specified values for the property in the condition.
+ - The search query that is created by using the keywords box and conditions is displayed on the **Search** page, in the details pane for the selected search. In a query, everything to the right of the notation `(c:c)` indicates conditions that are added to the query.
-
+ - Conditions only add properties to the search query; the don't add operators. This is why the query displayed in the detail pane doesn't show operators to the right of the `(c:c)` notation. KQL adds the logical operators (according to the previously explained rules) when the executing the query.
-
+ - You can use the drag and drop control to resequence the order of conditions. Click on the control for a condition and move it up or down.
-
+ - As previously explained, some condition properties allow you to type multiple values (separated by semi-colons). Each value is logically connected by the **OR** operator, and results in the query `(filetype=docx) OR (filetype=pptx) OR (filetype=xlsx)`. The following illustration shows an example of a condition with multiple values. ![One condition with multiple values](../media/SearchConditions1.png)
-
+ > [!NOTE] > You can't add multiple conditions (by clicking **Add condition** for the same property. Instead, you have to provide multiple values for the condition (separated by semi-colons), as shown in the previous example.
-
+ ### Examples of using conditions in search queries The following examples show the GUI-based version of a search query with conditions, the search query syntax that is displayed in the details pane of the selected search (which is also returned by the **Get-ComplianceSearch** cmdlet), and the logic of the corresponding KQL query.
-
+ #### Example 1 This example returns documents on SharePoint and OneDrive for Business sites that contain a credit card number and were last modified before January 1, 2021.
-
- **GUI**
-
+
+**GUI**:
+ ![First example of search conditions](../media/SearchConditions2.png)
-
- **Search query syntax**
-
- `SensitiveType:"Credit Card Number"(c:c)(lastmodifiedtime<2021-01-01)`
-
- **Search query logic**
-
- `SensitiveType:"Credit Card Number" AND (lastmodifiedtime<2021-01-01)`
-
+
+**Search query syntax**:
+
+`SensitiveType:"Credit Card Number"(c:c)(lastmodifiedtime<2021-01-01)`
+
+**Search query logic**:
+
+`SensitiveType:"Credit Card Number" AND (lastmodifiedtime<2021-01-01)`
+ Notice in the previous screenshot that the search UI reinforces that the keyword query and condition are connected by the **AND** operator. #### Example 2 This example returns email items or documents that contain the keyword "report", that were sent or created before April 1, 2021, and that contain the word "northwind" in the subject field of email messages or in the title property of documents. The query excludes Web pages that meet the other search criteria.
-
- **GUI**
-
+
+**GUI**:
+ ![Second example of search conditions](../media/SearchConditions3.png)
-
- **Search query syntax**
-
- `report(c:c)(date<2021-04-01)(subject Title: "northwind")(-filetype:aspx)`
-
- **Search query logic**
-
- `report AND (date<2021-04-01) AND (subject Title: "northwind") NOT (filetype:aspx)`
-
+
+**Search query syntax**:
+
+`report(c:c)(date<2021-04-01)(subject Title: "northwind")(-filetype:aspx)`
+
+**Search query logic**:
+
+`report AND (date<2021-04-01) AND (subject Title: "northwind") NOT (filetype:aspx)`
+ #### Example 3 This example returns email messages or calendar meetings that were sent between 12/1/2019 and 11/30/2020 and that contain words that start with "phone" or "smartphone".
-
- **GUI**
-
+
+**GUI**:
+ ![Third example of search conditions](../media/SearchConditions4.png)
-
- **Search query syntax**
-
- `phone* OR smartphone*(c:c)(sent=2019-12-01..2020-11-30)(kind="email")(kind="meetings")`
-
- **Search query logic**
-
- `phone* OR smartphone* AND (sent=2029-12-01..2020-11-30) AND ((kind="email") OR (kind="meetings"))`
-
+
+**Search query syntax**:
+
+`phone* OR smartphone*(c:c)(sent=2019-12-01..2020-11-30)(kind="email")(kind="meetings")`
+
+**Search query logic**:
+
+`phone* OR smartphone* AND (sent=2029-12-01..2020-11-30) AND ((kind="email") OR (kind="meetings"))`
+ ## Special characters Some special characters are not included in the search index and therefore are not searchable. This also includes the special characters that represent search operators in the search query. Here's a list of special characters that are either replaced by a blank space in the actual search query or cause a search error.
Some special characters are not included in the search index and therefore are n
## Searching for site content shared with external users
-You can also use eDiscovery search tools in the compliance center to search for documents stored on SharePoint and OneDrive for Business sites that have been shared with people outside of your organization. This can help you identify sensitive or proprietary information that's being shared outside your organization. You can do this by using the `ViewableByExternalUsers` property in a keyword query. This property returns documents or sites that have been shared with external users by using one of the following sharing methods:
-
-- A sharing invitation that requires users to sign in to your organization as an authenticated user.
+You can also use eDiscovery search tools in the compliance center to search for documents stored on SharePoint and OneDrive for Business sites that have been shared with people outside of your organization. This can help you identify sensitive or proprietary information that's being shared outside your organization. You can do this by using the `ViewableByExternalUsers` property in a keyword query. This property returns documents or sites that have been shared with external users by using one of the following sharing methods:
+- A sharing invitation that requires users to sign in to your organization as an authenticated user.
- An anonymous guest link, which allows anyone with this link to access the resource without having to be authenticated. Here are some examples:
-
+ - The query `ViewableByExternalUsers:true AND SensitiveType:"Credit Card Number"` returns all items that have been shared with people outside your organization and contain a credit card number.
-
- The query `ViewableByExternalUsers:true AND ContentType:document AND site:"https://contoso.sharepoint.com/Sites/Teams"` returns a list of documents on all team sites in the organization that have been shared with external users. > [!TIP] > A search query such as `ViewableByExternalUsers:true AND ContentType:document` might return a lot of .aspx files in the search results. To eliminate these (or other types of files), you can use the `FileExtension` property to exclude specific file types; for example `ViewableByExternalUsers:true AND ContentType:document NOT FileExtension:aspx`.
-
+ What is considered content that is shared with people outside your organization? Documents in your organization's SharePoint and OneDrive for Business sites that are shared by sending a sharing invitation or that are shared in public locations. For example, the following user activities result in content that is viewable by external users:
-
+ - A user shares a file or folder with a person outside your organization.
-
- A user creates and sends a link to a shared file to a person outside your organization. This link allows the external user to view (or edit) the file.
-
- A user sends a sharing invitation or a guest link to a person outside your organization to view (or edit) a shared file.
-
+ ### Issues using the ViewableByExternalUsers property
-While the `ViewableByExternalUsers` property represents the status of whether a document or site is shared with external users, there are some caveats to what this property does and doesn't reflect. In the following scenarios, the value of the `ViewableByExternalUsers` property won't be updated, and the results of a search query that uses this property may be inaccurate.
-
+While the `ViewableByExternalUsers` property represents the status of whether a document or site is shared with external users, there are some caveats to what this property does and doesn't reflect. In the following scenarios, the value of the `ViewableByExternalUsers` property won't be updated, and the results of a search query that uses this property may be inaccurate.
+ - Changes to sharing policy, such as turning off external sharing for a site or for the organization. The property will still show previously shared documents as being externally accessible even though external access might have been revoked.
-
- Changes to group membership, such as adding or removing external users to Microsoft 365 Groups or Microsoft 365 security groups. The property won't automatically be updated for items the group has access to.
-
- Sending sharing invitations to external users where the recipient hasn't accepted the invitation, and therefore doesn't yet have access to the content.
-
-In these scenarios, the `ViewableByExternalUsers` property won't reflect the current sharing status until the site or document library is recrawled and reindexed.
+
+In these scenarios, the `ViewableByExternalUsers` property won't reflect the current sharing status until the site or document library is recrawled and reindexed.
## Searching for site content shared within your organization As previously explained, you can use the `SharedWithUsersOWSUser` property so search for documents that have been shared between people in your organization. When a person shares a file (or folder) with another user inside your organization, a link to the shared file appears on the **Shared with me** page in the OneDrive for Business account of the person who the file was shared with. For example, to search for the documents that have been shared with Sara Davis, you can use the query `SharedWithUsersOWSUser:"sarad@contoso.com"`. If you export the results of this search, the original documents (located in the content location of the person who shared the documents with Sara) will be downloaded.
-
-Documents must be explicitly shared with a specific user to be returned in search results when using the `SharedWithUsersOWSUser` property. For example, when a person shares a document in their OneDrive account, they have the option to share it with anyone (inside or outside the organization), share it only with people inside the organization, or share it with a specific person. Here's a screenshot of the **Share** window in OneDrive, that shows the three sharing options.
-
+
+Documents must be explicitly shared with a specific user to be returned in search results when using the `SharedWithUsersOWSUser` property. For example, when a person shares a document in their OneDrive account, they have the option to share it with anyone (inside or outside the organization), share it only with people inside the organization, or share it with a specific person. Here's a screenshot of the **Share** window in OneDrive, that shows the three sharing options.
+ ![Only files shared with specific people will be returned by a search query that uses the SharedWithUsersOWSUser property](../media/469a4b61-68bd-4ab0-b612-ab6302973886.png)
-
-Only documents that are shared by using the third option (shared with **Specific people**) will be returned by a search query that uses the `SharedWithUsersOWSUser` property.
+
+Only documents that are shared by using the third option (shared with **Specific people**) will be returned by a search query that uses the `SharedWithUsersOWSUser` property.
## Searching for Skype for Business conversations
kind:im AND subject:conversation AND (received=startdate..enddate)
## Character limits for searches
-There is a 4,000 character limit for search queries when searching for content in SharePoint sites and OneDrive accounts.
+There is a 4,000 character limit for search queries when searching for content in SharePoint sites and OneDrive accounts.
Here is how the total number of characters in the search query are calculated: - The characters in keyword search query (including both user and filter fields) count against this limit.- - The characters in any location property (such as the URLs for all the SharePoint sites or OneDrive locations being searched) count against this limit.- - The characters in all the search permissions filters that are applied to the user running the search count against the limit. For more information about character limits, see [eDiscovery search limits](limits-for-content-search.md#search-limits).
For more information about character limits, see [eDiscovery search limits](limi
- Keyword searches are not case-sensitive. For example, **cat** and **CAT** return the same results. -- The Boolean operators **AND**, **OR**, **NOT**, and **NEAR** must be uppercase.
+- The Boolean operators **AND**, **OR**, **NOT**, and **NEAR** must be uppercase.
-- A space between two keywords or two `property:value` expressions is the same as using **AND**. For example, `from:"Sara Davis" subject:reorganization` returns all messages sent by Sara Davis that contain the word reorganization in the subject line.
+- A space between two keywords or two `property:value` expressions is the same as using **AND**. For example, `from:"Sara Davis" subject:reorganization` returns all messages sent by Sara Davis that contain the word reorganization in the subject line.
-- Use syntax that matches the `property:value` format. Values are not case-sensitive, and they can't have a space after the operator. If there is a space, your intended value will be a full-text search. For example `to: pilarp` searches for "pilarp" as a keyword, rather than for messages that were sent to pilarp.
+- Use syntax that matches the `property:value` format. Values are not case-sensitive, and they can't have a space after the operator. If there is a space, your intended value will be a full-text search. For example `to: pilarp` searches for "pilarp" as a keyword, rather than for messages that were sent to pilarp.
- When searching a recipient property, such as To, From, Cc, or Recipients, you can use an SMTP address, alias, or display name to denote a recipient. For example, you can use pilarp@contoso.com, pilarp, or "Pilar Pinilla".
compliance Mailitemsaccessed Forensics Investigations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mailitemsaccessed-forensics-investigations.md
search.appverid: - MOE150 - MET150
+ms.assetid:
description: "Use the MailItemsAccessed mailbox auditing action to perform forensic investigations of compromised user accounts."
The MailItemsAccessed mailbox auditing action covers all mail protocols: POP, IM
### Auditing sync access
-Sync operations are only recorded when a mailbox is accessed by a desktop version of the Outlook client for Windows or Mac. During the sync operation, these clients typically download a large set of mail items from the cloud to a local computer. The audit volume for sync operations is huge. So, instead of generating an audit record for each mail item that's synched, we just generate an audit event for the mail folder containing items that were synched. This makes the assumption that *all* mail items in the synched folder have been compromised. The access type is recorded in the OperationProperties field of the audit record.
+Sync operations are only recorded when a mailbox is accessed by a desktop version of the Outlook client for Windows or Mac. During the sync operation, these clients typically download a large set of mail items from the cloud to a local computer. The audit volume for sync operations is huge. So, instead of generating an audit record for each mail item that's synched, we just generate an audit event for the mail folder containing items that were synched. This makes the assumption that *all* mail items in the synched folder have been compromised. The access type is recorded in the OperationProperties field of the audit record.
See step 2 in the [Use MailItemsAccessed audit records for forensic investigations](#use-mailitemsaccessed-audit-records-for-forensic-investigations) section for an example of displaying the sync access type in an audit record.
See step 4 in the [Use MailItemsAccessed audit records for forensic investigatio
### Throttling of MailItemsAccessed audit records
-If more than 1,000 MailItemsAccessed audit records are generated in less than 24 hours, Exchange Online will stop generating auditing records for MailItemsAccessed activity. When a mailbox is throttled, MailItemsAccessed activity will not be logged for 24 hours after the mailbox was throttled. If this occurs, there's a potential that mailbox could have been compromised during this period. The recording of MailItemsAccessed activity will be resumed following a 24-hour period.
+If more than 1,000 MailItemsAccessed audit records are generated in less than 24 hours, Exchange Online will stop generating auditing records for MailItemsAccessed activity. When a mailbox is throttled, MailItemsAccessed activity will not be logged for 24 hours after the mailbox was throttled. If this occurs, there's a potential that mailbox could have been compromised during this period. The recording of MailItemsAccessed activity will be resumed following a 24-hour period.
Here's a few things to keep in mind about throttling: - Less than 1% of all mailboxes in Exchange Online are throttled- - When a mailbox is throttling, only audit records for MailItemsAccessed activity are not audited. Other mailbox auditing actions aren't affected.- - Mailboxes are throttled only for Bind operations. Audit records for sync operations are not throttled.- - If a mailbox is throttled, you can probably assume there was MailItemsAccessed activity that wasn't recorded in the audit logs. See step 1 in the [Use MailItemsAccessed audit records for forensic investigations](#use-mailitemsaccessed-audit-records-for-forensic-investigations) section for an example of displaying the IsThrottled property in an audit record.
See step 1 in the [Use MailItemsAccessed audit records for forensic investigatio
Mailbox auditing generates audit records for access to email messages so that you can be confident that email messages haven't been compromised. For this reason, in circumstances where we're not certain that some data has been accessed, we assume that it has by recording all mail access activity.
-Using MailItemsAccessed audit records for forensics purposes is typically performed after a data breach has been resolved and the attacker has been evicted. To begin your investigation, you should identify the set of mailboxes that they have been compromised and determine the time frame when attacker had access to mailboxes in your organization. Then, you can use the **Search-UnifiedAuditLog** or **Search-MailboxAuditLog** cmdlets in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) to search audit records that correspond to the data breach.
+Using MailItemsAccessed audit records for forensics purposes is typically performed after a data breach has been resolved and the attacker has been evicted. To begin your investigation, you should identify the set of mailboxes that they have been compromised and determine the time frame when attacker had access to mailboxes in your organization. Then, you can use the **Search-UnifiedAuditLog** or **Search-MailboxAuditLog** cmdlets in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) to search audit records that correspond to the data breach.
You can run one of the following commands to search for MailItemsAccessed audit records:
-**Unified audit log**
+**Unified audit log**:
```powershell Search-UnifiedAuditLog -StartDate 01/06/2020 -EndDate 01/20/2020 -UserIds <user1,user2> -Operations MailItemsAccessed -ResultSize 1000 ```
-**Mailbox audit log**
+**Mailbox audit log**:
```powershell Search-MailboxAuditLog -Identity <user> -StartDate 01/06/2020 -EndDate 01/20/2020 -Operations MailItemsAccessed -ResultSize 1000 -ShowDetails
Here are the steps for using MailItemsAccessed audit records to investigate a co
To search for MailItemsAccessed records where the mailbox was throttled, run the following command:
- **Unified audit log**
-
+ **Unified audit log**:
+ ```powershell Search-UnifiedAuditLog -StartDate 01/06/2020 -EndDate 01/20/2020 -UserIds <user1,user2> -Operations MailItemsAccessed -ResultSize 1000 | Where {$_.AuditData -like '*"IsThrottled","Value":"True"*'} | FL ```
- **Mailbox audit log**
+ **Mailbox audit log**:
```powershell Search-MailboxAuditLog -StartDate 01/06/2020 -EndDate 01/20/2020 -Identity <user> -Operations MailItemsAccessed -ResultSize 10000 -ShowDetails | Where {$_.OperationProperties -like "*IsThrottled:True*"} | FL
Here are the steps for using MailItemsAccessed audit records to investigate a co
To search for MailItemsAccessed records where the mail items were accessed by a sync operation, run the following command:
- **Unified audit log**
+ **Unified audit log**:
```powershell Search-UnifiedAuditLog -StartDate 01/06/2020 -EndDate 02/20/2020 -UserIds <user1,user2> -Operations MailItemsAccessed -ResultSize 1000 | Where {$_.AuditData -like '*"MailAccessType","Value":"Sync"*'} | FL ```
- **Mailbox audit log**
+ **Mailbox audit log**:
```powershell Search-MailboxAuditLog -StartDate 01/06/2020 -EndDate 01/20/2020 -Identity <user> -Operations MailItemsAccessed -ResultSize 10000 -ShowDetails | Where {$_.OperationProperties -like "*MailAccessType:Sync*"} | FL
Here are the steps for using MailItemsAccessed audit records to investigate a co
Use the properties listed below to investigate. These properties are located in the AuditData or OperationProperties property. If any of the syncs occur in the same context as the attacker activity, assume the attacker has synced all mail items to their client, which means the entire mailbox has probably been compromised.
- |Property | Description |
- |:- | :-|
- |ClientInfoString | Describes protocol, client (includes version)|
- |ClientIPAddress | IP address of the client machine.|
- |SessionId | Session ID helps to differentiate attacker actions vs day-to-day user activities on the same account (in the case of a compromised account)|
- |UserId | UPN of the user reading the message.|
- |||
+ <br>
+
+ ****
+
+ |Property|Description|
+ |||
+ |ClientInfoString|Describes protocol, client (includes version)|
+ |ClientIPAddress|IP address of the client machine.|
+ |SessionId|Session ID helps to differentiate attacker actions vs day-to-day user activities on the same account (in the case of a compromised account)|
+ |UserId|UPN of the user reading the message.|
+ |
4. Check for bind activities. After performing steps 2 and step 3, you can be confident that all other access to email messages by the attacker will be captured in the MailItemsAccessed audit records that have a MailAccessType property with a value of "Bind". To search for MailItemsAccessed records where the mail items were accessed by a Bind operation, run the following command.
- **Unified audit log**
+ **Unified audit log**:
```powershell Search-UnifiedAuditLog -StartDate 01/06/2020 -EndDate 01/20/2020 -UserIds <user1,user2> -Operations MailItemsAccessed -ResultSize 1000 | Where {$_.AuditData -like '*"MailAccessType","Value":"Bind"*'} | FL ```
-
- **Mailbox audit log**
-
+
+ **Mailbox audit log**:
+ ```powershell Search-MailboxAuditLog -StartDate 01/06/2020 -EndDate 01/20/2020 -Identity <user> -Operations MailItemsAccessed -ResultSize 10000 -ShowDetails | Where {$_.OperationProperties -like "*MailAccessType:Bind*"} | FL ``` Email messages that were accessed are identified by their internet message Id. You can also check to see if any audit records have the same context as the ones for other attacker activity. For more information, see the [Identifying the access contexts of different audit records](#identifying-the-access-contexts-of-different-audit-records) section.
-
- You can use the audit data for bind operations in two different ways:
- - Access or collect all email messages the attacker accessed by using the InternetMessageId to find them and then checking to see if any of those messages contains sensitive information.
+ You can use the audit data for bind operations in two different ways:
- - Use the InternetMessageId to search audit records related to a set of potentially sensitive email messages. This is useful if you're concerned only about a small number of messages.
+ - Access or collect all email messages the attacker accessed by using the InternetMessageId to find them and then checking to see if any of those messages contains sensitive information.
+ - Use the InternetMessageId to search audit records related to a set of potentially sensitive email messages. This is useful if you're concerned only about a small number of messages.
## Filtering of duplicate audit records Duplicate audit records for the same bind operations that occur within an hour of each other are filtered out to remove auditing noise. Sync operations are also filtered out at one-hour intervals. The exception to this de-duplication process occurs if, for the same InternetMessageId, any of the properties described in the following table are different. If one of these properties is different in a duplicate operation, a new audit record is generated. This process is described in more detail in the next section.
-| Property| Description|
-|:--|:|
-|ClientIPAddress | IP address of the client computer.|
-|ClientInfoString| The client protocol, client used to access the mailbox.|
-|ParentFolder | The full folder path of the mail item that was accessed. |
-|Logon_type | The logon type of the user who performed the action. The logon types (and their corresponding Enum value) are Owner (0), Admin (1), or Delegate (2).|
-|MailAccessType | Whether the access is a bind or a sync operation.|
-|MailboxUPN | The UPN of the mailbox where the message being read is located.|
-|User | The UPN of the user reading the message.|
-|SessionId | The Session Id helps to differentiate attacker actions and day-to-day user activities in the same mailbox (in the case of account compromise) For more information about sessions, see [Contextualizing attacker activity within sessions in Exchange Online](https://techcommunity.microsoft.com/t5/exchange-team-blog/contextualizing-attacker-activity-within-sessions-in-exchange/ba-p/608801).|
-||||
+<br>
+
+****
+
+|Property|Description|
+|||
+|ClientIPAddress|IP address of the client computer.|
+|ClientInfoString|The client protocol, client used to access the mailbox.|
+|ParentFolder|The full folder path of the mail item that was accessed.|
+|Logon_type|The logon type of the user who performed the action. The logon types (and their corresponding Enum value) are Owner (0), Admin (1), or Delegate (2).|
+|MailAccessType|Whether the access is a bind or a sync operation.|
+|MailboxUPN|The UPN of the mailbox where the message being read is located.|
+|User|The UPN of the user reading the message.|
+|SessionId|The Session Id helps to differentiate attacker actions and day-to-day user activities in the same mailbox (in the case of account compromise) For more information about sessions, see [Contextualizing attacker activity within sessions in Exchange Online](https://techcommunity.microsoft.com/t5/exchange-team-blog/contextualizing-attacker-activity-within-sessions-in-exchange/ba-p/608801).|
+|
## Identifying the access contexts of different audit records It's common that an attacker may access a mailbox at the same time the mailbox owner is accessing it. To differentiate between access by the attacker and the mailbox owner, there are audit record properties that define the context of the access. As previously explained, when the values for these properties are different, even when the activity occurs within the aggregation interval, separate audit records are generated. In the following example, there are three different audit records. Each one is differentiated by the Session Id and ClientIPAddress properties. The messages that were accessed are also identified.
-|Audit record 1 |Audit record 2 |Audit record 3|
-||||
+<br>
+
+****
+
+|Audit record 1|Audit record 2|Audit record 3|
+||||
|ClientIPAddress**1**<br/>SessionId**2**|ClientIPAddress**2**<br/>SessionId**2**|ClientIPAddress**1**<br/>SessionId**3**|
-|InternetMessageId**A**<br/>InternetMessageId**D**<br/>InternetMessageId**E**<br/>InternetMessageId**F**<br/>|InternetMessageId**A**<br/>InternetMessageId**C**|InternetMessageId**B** |
-||||
+|InternetMessageId**A**<br/>InternetMessageId**D**<br/>InternetMessageId**E**<br/>InternetMessageId**F**<br/>|InternetMessageId**A**<br/>InternetMessageId**C**|InternetMessageId**B**|
+|
If any of the properties listed in the table in the [previous section](#filtering-of-duplicate-audit-records) are different, a separate audit record is generated to track the new context. Accesses will be sorted into the separate audit records depending on the context in which the activity took place.
Here is the syntax for the command shown in the previous screenshot:
```powershell Search-MailboxAuditLog -Identity admin -ShowDetails -Operations MailItemsAccessed -ResultSize 2000 | Select LastAccessed,Operation,AuditOperationsCountInAggregatedRecord,ClientInfoString
-```
+```
compliance Microsoft 365 Compliance Center https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center.md
You can also use the **Add cards** feature to add additional cards, such as one
In addition to links in cards on the home page, you'll see a navigation pane on the left side of the screen that gives you easy access to your [alerts](../security/office-365-security/alerts.md), [reports](reports-in-security-and-compliance.md), [policies](alert-policies.md), compliance solutions, and more. To add or remove options for a customized navigation pane, use the **Customize navigation** control on the navigation pane. This opens the **Customize your navigation pane** settings so you can configure which items appear in the navigation pane.
-| | |
-|||
-|![Navigation in the Microsoft 365 compliance center](../medi) <br> Automate and simplify the retention schedule for regulatory, legal and business-critical records in your organization.
+<br>
+
+****
+
+|Navigation|Comments|
+|||
+|![Navigation in the Microsoft 365 compliance center](../medi) <br> Automate and simplify the retention schedule for regulatory, legal and business-critical records in your organization.|
+|
## How do I get the compliance center? - If you don't have the new Microsoft 365 compliance center already, you'll have it soon. The Microsoft 365 compliance center is generally available now to Microsoft 365 SKU customers.- - To visit the Microsoft 365 compliance center, as a global administrator, compliance administrator, or compliance data administrator go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in. ## Frequently asked questions **Why am I taken to the Security & Compliance Center to complete some tasks, such as defining certain policies?**
-We're still developing the Microsoft 365 compliance center, and we add more functionality and solutions over the coming months. In the meantime, there are a few tasks that must be completed in the Security & Compliance Center ([https://protection.office.com](https://protection.office.com)). In those cases, you'll be directed automatically to the location where you can complete the task at hand, such as creating or editing a supervision policy.
+We're still developing the Microsoft 365 compliance center, and we'll add more functionality and solutions over the coming months. In the meantime, there are a few tasks that must be completed in the Security & Compliance Center ([https://protection.office.com](https://protection.office.com)). In those cases, you'll be directed automatically to the location where you can complete the task at hand, such as creating or editing a supervision policy.
**Why don't I see the new Microsoft 365 compliance center yet?**
compliance Microsoft 365 Solution Catalog https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-solution-catalog.md
The **Information protection & governance** section shows you at a glance how yo
From here, you'll see cards for the following solutions: - [Data loss prevention](dlp-learn-about-dlp.md): Detects sensitive content as it's used and shared throughout your organization, in the cloud and on devices, and helps prevent accidental data loss.-- [Information governance](manage-information-governance.md): Manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you don't.ΓÇï
+- [Information governance](manage-information-governance.md): Manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you don't.
- [Information protection](information-protection.md): Discovers, classifies, and protects sensitive and business-critical content throughout its lifecycle across your organization. - [Records management](records-management.md): Uses intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization.
compliance New Defender Alert Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/new-defender-alert-policies.md
For the following table identifies the default alert policies whose severity cla
| **Unusual increase in email reported as phish** | A00D8C62-9320-4EEA-A7E5-966B9AC09558 | High| Medium | | **Admin Submission result completed** | AE9B83DD-6039-4EA9-B675-6B0AC3BF4A41 | Low| Informational | | **Creation of forwarding/redirect rule** | D59A8FD4-1272-41EE-9408-86F7BCF72479 | Low| Informational |
-| e**Discovery search started or exported**ΓÇï| 6FDC5710-3998-47F0-AFBB-57CEFD7378AE | Medium| Informational |
+| **eDiscovery search started or exported** | 6FDC5710-3998-47F0-AFBB-57CEFD7378A | Meduim | Informational |
||||| ## When will these changes happen
compliance Office 365 Encryption In Microsoft Dynamics 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-encryption-in-microsoft-dynamics-365.md
Microsoft uses encryption technology to protect customer data in Dynamics 365 while at rest in a Microsoft database and while it is in transit between user devices and our datacenters. Connections established between customers and Microsoft datacenters are encrypted, and all public endpoints are secured using industry-standard TLS. TLS effectively establishes a security-enhanced browser-to-server connection to help ensure data confidentiality and integrity between desktops and datacenters. After data encryption is activated, it cannot be turned off. For more information, see [Field-level data encryption](/previous-versions/dynamicscrm-2016/developers-guide/dn481562(v=crm.8)).
-Dynamics 365 uses standard Microsoft SQL Server cell level encryption for a set of default entity attributes that contain sensitive information, such as user names and email passwords. This feature can help organizations meet the compliance requirements associated with FIPS 140-2. Field-level data encryption is especially important in scenarios that leverage the [Microsoft Dynamics CRM Email Router](/previous-versions/dynamicscrm-2016/administering-dynamics-365/hh699800(v=crm.8)), which must store user names and passwords to enable integration between a Dynamics 365 instance and an email service.
+Dynamics 365 uses standard Microsoft SQL Server cell level encryption for a set of default entity attributes that contain sensitive information, such as user names and email passwords. This feature can help organizations meet the compliance requirements associated with FIPS 140-2. Field-level data encryption is especially important in scenarios that leverage the [Microsoft Dynamics CRM Email Router](/previous-versions/dynamicscrm-2016/administering-dynamics-365/hh699800(v=crm.8)), which must store user names and passwords to enable integration between a Dynamics 365 instance and an email service.
-All instances of Dynamics 365 use [Microsoft SQL Server Transparent Data Encryption](/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-2017) (TDE) to perform real-time encryption of data when written to disk (at rest). TDE encrypts SQL Server, Azure SQL Database, and Azure SQL Data Warehouse data files. By default, Microsoft stores and manages the database encryption keys for your instances of Dynamics 365. (The keys that are used by Dynamics 365 for Financials are generated by the .NET Framework Data Protection API.)
+All instances of Dynamics 365 use [Microsoft SQL Server Transparent Data Encryption](/sql/relational-databases/security/encryption/transparent-data-encryption) (TDE) to perform real-time encryption of data when written to disk (at rest). TDE encrypts SQL Server, Azure SQL Database, and Azure SQL Data Warehouse data files. By default, Microsoft stores and manages the database encryption keys for your instances of Dynamics 365. (The keys that are used by Dynamics 365 for Financials are generated by the .NET Framework Data Protection API.)
-The manage keys feature in the Dynamics 365 Administration Center gives administrators the ability to self-manage the database encryption keys that are associated with instances of Dynamics 365. (Self-managed database encryption keys are only available in the January 2017 update for Microsoft Dynamics 365 and may not be made available for later versions. For more information, see [Manage the encryption keys for your Dynamics 365 (online) instance](/dynamics365/customer-engagement/admin/manage-encryption-keys-instance).) The key management feature supports both PFX and BYOK encryption key files, such as those stored in an HSM. (For more information about generating and transferring an HSM-protected key over the Internet, see [How to generate and transfer HSM-protected keys for Azure Key Vault](/azure/key-vault/key-vault-hsm-protected-keys).)
+The manage keys feature in the Dynamics 365 Administration Center gives administrators the ability to self-manage the database encryption keys that are associated with instances of Dynamics 365. (Self-managed database encryption keys are only available in the January 2017 update for Microsoft Dynamics 365 and may not be made available for later versions. For more information, see [Manage the encryption keys for your Dynamics 365 (online) instance](/dynamics365/customer-engagement/admin/manage-encryption-keys-instance).) The key management feature supports both PFX and BYOK encryption key files, such as those stored in an HSM. (For more information about generating and transferring an HSM-protected key over the Internet, see [How to generate and transfer HSM-protected keys for Azure Key Vault](/azure/key-vault/key-vault-hsm-protected-keys).)
To use the upload encryption key option, you need both the public and private encryption key.
compliance Overview Ediscovery 20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/overview-ediscovery-20.md
Here's an Advanced eDiscovery architecture diagram that shows the end-to-end wor
[Download as a PDF file](https://download.microsoft.com/download/d/1/c/d1ce536d-9bcf-4d31-b75b-fcf0dc560665/m365-advanced-ediscovery-architecture.pdf) [Download as a Visio file](https://download.microsoft.com/download/d/1/c/d1ce536d-9bcf-4d31-b75b-fcf0dc560665/m365-advanced-ediscovery-architecture.vsdx)+
+## Training
+
+Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for Advanced eDiscovery can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365).
compliance Predictive Coding Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-reference.md
This article describes the key concepts and metrics of the predictive coding too
## Confidence level
-The confidence level is an advanced setting when you create a predictive coding model. It defines that the model's performance metrics (for example, richness, precision, and recall) fall within a specified range (that's determined the margin of error defined for the model) that's representative of the true values of the prediction scores the model assigns to items in the review set.ΓÇï The values for the confidence level and margin of error also help determine how many items are included in the control set. The default value for the confidence level is 0.95 or 95%.
+The confidence level is an advanced setting when you create a predictive coding model. It defines that the model's performance metrics (for example, richness, precision, and recall) fall within a specified range (that's determined the margin of error defined for the model) that's representative of the true values of the prediction scores the model assigns to items in the review set. The values for the confidence level and margin of error also help determine how many items are included in the control set. The default value for the confidence level is 0.95 or 95%.
## Control set
A control set is used during the training process of a predictive coding model.
## Control set confusion matrix After you complete a training round, the model assigns a prediction score to the 10 items in the control set that you labeled during the training round. The model compares the prediction score of these 10 items with the actual label that you assigned to the item during the training round. Based on this comparison, the model identifies the following classifications to assess the model's prediction performance:
-
- | |Model predicts item is relevant |Model predicts item is not relevant |
- |:|:|:|
- |**Reviewer labels item as relevant**| True positive| False positive |
- |**Reviewer labels item as not relevant**| False negative |True negative |
- ||||
- Based on these comparisons, the model derives values for the F-score, precision, and recall metrics and the margin of error for each one. The number of each of the confusion types from the matrix is displayed on the flyout page for a training round.
+<br>
+
+****
+
+|Label|Model predicts item is relevant|Model predicts item is not relevant|
+||||
+|**Reviewer labels item as relevant**|True positive|False positive|
+|**Reviewer labels item as not relevant**|False negative|True negative|
+|
+
+Based on these comparisons, the model derives values for the F-score, precision, and recall metrics and the margin of error for each one. The number of each of the confusion types from the matrix is displayed on the flyout page for a training round.
## F-score
-The F-score is a weighted average of the scores for the precision and recall metrics. The range of scores for this metric is from **0** to **1**. A score closer to **1** indicates the model will more accurately detect relevant items.ΓÇï The F-score metric is displayed on the model dashboard and on the flyout page for each training round.
+The F-score is a weighted average of the scores for the precision and recall metrics. The range of scores for this metric is from **0** to **1**. A score closer to **1** indicates the model will more accurately detect relevant items. The F-score metric is displayed on the model dashboard and on the flyout page for each training round.
## Margin of error
Model stability indicates the model's ability to accurately predict whether a do
## Overturn rate
-The overturn rate is the percentage of items in the review set where the prediction score changed between training rounds.ΓÇï A model is considered stable when the overturn rate is less than 5%. The overturn rate metric is displayed on the model dashboard and on the flyout page for each training round. The overturn rate for the first training round is zero because there isn't a previous prediction score to overturn.
+The overturn rate is the percentage of items in the review set where the prediction score changed between training rounds. A model is considered stable when the overturn rate is less than 5%. The overturn rate metric is displayed on the model dashboard and on the flyout page for each training round. The overturn rate for the first training round is zero because there isn't a previous prediction score to overturn.
## Precision
compliance Predictive Coding Train Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-train-model.md
After you perform the first training round, a job is started that does the follo
- The model assigns a prediction score to the 10 items in the control set that you labeled during the training round. The model compares the prediction score of these 10 items with the actual label that you assigned to the item during the training round. Based on this comparison, the model identifies the following classification (called the *Control set confusion matrix*) to assess the model's prediction performance:
- | |Model predicts item is relevant |Model predicts item is not relevant |
- |:|:|:|
- |**Reviewer labels item as relevant**| True positive| False positive |
- |**Reviewer labels item as not relevant**| False negative |True negative |
- ||||
+ <br>
+
+ ****
+
+ |Label|Model predicts item is relevant|Model predicts item is not relevant|
+ ||||
+ |**Reviewer labels item as relevant**|True positive|False positive|
+ |**Reviewer labels item as not relevant**|False negative|True negative|
+ |
Based on these comparisons, the model derives values for the F-score, precision, and recall metrics and the margin of error for each one. Scores for these model performance metrics are displayed on a flyout page for the training round. For a description of these metrics, see [Predictive coding reference](predictive-coding-reference.md).
compliance Processing Data For Case https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/processing-data-for-case.md
description: "Overview about processing various forms of data in Advanced eDisco
# Work with processing errors in Advanced eDiscovery
-*Processing* is the process of file identification, expansion of embedded documents and attachments, text extraction, and Optical Character Recognition (OCR)) of image files and the subsequent indexing of that content.
+*Processing* is the process of file identification, expansion of embedded documents and attachments, text extraction, and Optical Character Recognition (OCR) of image files and the subsequent indexing of that content.
When you add custodians and non-custodian data sources to a case on the **Sources** tab, all partially indexed items from Microsoft 365 are processed to make them fully searchable. Likewise, when content is added to a review set from both Microsoft 365 and non-Microsoft 365 data sources, this content is also processed.
compliance Retention Policies Teams https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-teams.md
For other workloads, see:
## What's included for retention and deletion Teams chats messages and channel messages can be deleted by using retention policies for Teams, and in addition to the text in the messages, the following items can be retained for compliance reasons: Embedded images, tables, hypertext links, links to other Teams messages and files, and [card content](/microsoftteams/platform/task-modules-and-cards/what-are-cards). Chat messages include all the names of the people in the chat, and channel messages include the team name and the message title (if supplied).
+> [!NOTE]
+> Support for messages in private channels is currently rolling out in preview.
-Teams messages in private channels are currently not supported for retention policies. Code snippets, recorded voice memos from the Teams mobile client, thumbnails, announcement images, and reactions from others in the form of emoticons are not retained when you use retention policies for Teams.
+Code snippets, recorded voice memos from the Teams mobile client, thumbnails, announcement images, and reactions from others in the form of emoticons are not retained when you use retention policies for Teams.
Emails and files that you use with Teams aren't included in retention policies for Teams. These items have their own retention policies.
These mailboxes are, listed by their RecipientTypeDetails attribute:
- **UserMailbox**: These mailboxes store message data for cloud-based Teams users. - **MailUser**: These mailboxes store message data for [on-premises Teams users](search-cloud-based-mailboxes-for-on-premises-users.md).-- **GroupMailbox**: These mailboxes store message data for Teams channels.
+- **GroupMailbox**: These mailboxes store message data for Teams standard channels.
Other mailbox types, such as RoomMailbox that is used for Teams conference rooms, are not supported for Teams retention policies.
compliance Search For Content https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content.md
audience: Admin
localization_priority: Normal-
-description: "Use the Content Search eDiscovery tool in the Security & Compliance Center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business."
+description: "Use the Content search eDiscovery tool in the Microsoft 365 compliance center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business."
-# Search for content using the Content Search tool
-
-Use the Content Search tool in the Security & Compliance Center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups.
+# Search for content using the Content search tool
+Use the Content search tool in the Microsoft 365 compliance center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups.
+
## Search for content
-The first step is to starting using the Content Search tool to choose content locations to search and configure a keyword query to search for specific items. Or, you can just leave the query blank and return all items in the target locations.
-
+The first step is to starting using the Content search tool to choose content locations to search and configure a keyword query to search for specific items. Or, you can just leave the query blank and return all items in the target locations.
+
- [Create and run](content-search.md) a Content search -- [Feature reference] for Content search (content-search-reference.md)
+- [Feature reference](content-search-reference.md) for Content search
- [Build search queries and use conditions](keyword-queries-and-search-conditions.md) to narrow your search
The first step is to starting using the Content Search tool to choose content lo
- [Bulk edit](bulk-edit-content-searches.md) the query and content locations for multiple searches -- [Retry a Content Search](retry-failed-content-search.md) to resolve a content location error
+- [Retry a Content search](retry-failed-content-search.md) to resolve a content location error
- [Preserve Bcc recipients](/exchange/policy-and-compliance/holds/preserve-bcc-recipients-and-group-members) so you can search for them ## Perform actions on content you find After you run a search and refine it as necessary, the next step is to do something with the results returned by the search. You can export and download the results to your local computer or in the case of a email attack on your organization, you can delete the results of a search from user mailboxes.-
+
- [Export the results of a content search](export-search-results.md) and download them to your local computer -- [Search for and delete email messages](search-for-and-delete-messages-in-your-organization.md) , such as messages that content a virus, dangerous attachments, or phishing messages
+- [Search for and delete email messages](search-for-and-delete-messages-in-your-organization.md), such as messages that content a virus, dangerous attachments, or phishing messages
- [Export a report](export-a-content-search-report.md) about the results of a content search, without exporting the actual results ## Learn more about content search
-Content Search is easy to use, but it's also a powerful tool. Behind-the-scenes, there's a lot going on. The more you know about it and understand its behavior and its limitations, the more successful you'll be using it for your organization's search and investigation needs. Learn about:
-
+Content search is easy to use, but it's also a powerful tool. Behind-the-scenes, there's a lot going on. The more you know about it and understand its behavior and its limitations, the more successful you'll be using it for your organization's search and investigation needs. Learn about:
+
- [Partially indexed items in Exchange and SharePoint](partially-indexed-items-in-content-search.md) and how to include or exclude them when you export and download search results - [Investigate partially indexed items](investigating-partially-indexed-items-in-ediscovery.md) and determine your organization's exposure to them -- [Limits of the Content Search tool](limits-for-content-search.md), such as the maximum number of searches that you can run at one time and the maximum number of content locations you can include in a single search
+- [Limits of the Content search tool](limits-for-content-search.md), such as the maximum number of searches that you can run at one time and the maximum number of content locations you can include in a single search
- [Estimated and actual search results](differences-between-estimated-and-actual-ediscovery-search-results.md) and the reasons why there might be differences between them when you export and download search results
compliance Search The Audit Log In Security And Compliance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance.md
Need to find if a user viewed a specific document or purged an item from their mailbox? If so, you can use the Microsoft 365 compliance center to search the unified audit log to view user and administrator activity in your organization. Why a unified audit log? Because you can search for the following types of [user and admin activity](#audited-activities) in Microsoft 365: - User activity in SharePoint Online and OneDrive for Business- - User activity in Exchange Online (Exchange mailbox audit logging)- - Admin activity in SharePoint Online- - Admin activity in Azure Active Directory (the directory service for Microsoft 365)- - Admin activity in Exchange Online (Exchange admin audit logging)- - eDiscovery activities in the security and compliance center- - User and admin activity in Power BI- - User and admin activity in Microsoft Teams- - User and admin activity in Dynamics 365- - User and admin activity in Yammer- - User and admin activity in Microsoft Power Automate- - User and admin activity in Microsoft Stream- - Analyst and admin activity in Microsoft Workplace Analytics- - User and admin activity in Microsoft Power Apps- - User and admin activity in Microsoft Forms- - User and admin activity for sensitivity labels for sites that use SharePoint Online or Microsoft Teams- - Admin activity in Briefing email and MyAnalytics ## Requirements to search the audit log
Be sure to read the following items before you start searching the audit log.
```powershell Get-AdminAuditLogConfig | FL UnifiedAuditLogIngestionEnabled ```+ The value of `True` for the *UnifiedAuditLogIngestionEnabled* property indicates that audit log search is turned on. For more information, see [Turn audit log search on or off](turn-audit-log-search-on-or-off.md). - You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log. By default, these roles are assigned to the Compliance Management and Organization Management role groups on the **Permissions** page in the Exchange admin center. Note global administrators in Office 365 and Microsoft 365 are automatically added as members of the Organization Management role group in Exchange Online. To give a user the ability to search the audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group. For more information, see [Manage role groups in Exchange Online](/Exchange/permissions-exo/role-groups).
Be sure to read the following items before you start searching the audit log.
- It can take up to 30 minutes or up to 24 hours after an event occurs for the corresponding audit log record to be returned in the results of an audit log search. The following table shows the time it takes for the different services in Office 365.
+ <br>
+
+ ****
+ |Microsoft 365 service or feature|30 minutes|24 hours|
- |:--|:--:|:--:|
+ ||::|::|
|Defender for Office 365 and Threat Intelligence|![Check mark](../media/checkmark.png)|| |Azure Active Directory (user login events)||![Check mark](../media/checkmark.png)| |Azure Active Directory (admin events)||![Check mark](../media/checkmark.png)|
Be sure to read the following items before you start searching the audit log.
|Sensitivity labels||![Check mark](../media/checkmark.png)| |SharePoint Online and OneDrive for Business|![Check mark](../media/checkmark.png)|| |Workplace Analytics|![Check mark](../media/checkmark.png)||
- |Yammer||![Check mark](../media/checkmark.png)||
- |Microsoft Forms|![Check mark](../media/checkmark.png)|
- ||||
+ |Yammer||![Check mark](../media/checkmark.png)|
+ |Microsoft Forms|![Check mark](../media/checkmark.png)||
+ |
- Azure Active Directory (Azure AD) is the directory service for Office 365. The unified audit log contains user, group, application, domain, and directory activities performed in the Microsoft 365 admin center or in the Azure management portal. For a complete list of Azure AD events, see [Azure Active Directory Audit Report Events](/azure/active-directory/reports-monitoring/concept-audit-logs).
compliance Sensitive Information Type Entity Definitions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-entity-definitions.md
f1_keywords:
- 'ms.o365.cc.UnifiedDLPRuleContainsSensitiveInformation' localization_priority: Normal-+ - M365-security-compliance hideEdit: true feedback_system: None
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_argentina_national_id -- Argentina National Identity number -- cedula -- cédula -- dni -- documento nacional de identidad -- documento número -- documento numero -- registro nacional de las personas -- rnp
-
+- Argentina National Identity number
+- cedula
+- cédula
+- dni
+- documento nacional de identidad
+- documento n├║mero
+- documento numero
+- registro nacional de las personas
+- rnp
+ ## Argentina Unique Tax Identification Key (CUIT/CUIL) ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
- tax identification - Número de Identificación Fiscal - número de contribuyente
-
-
++ ## Australia bank account number ### Format
six to 10 digits with or without a bank state branch number
Account number is 6 to 10 digits. Australia bank state branch number:-- three digits -- a hyphen
+- three digits
+- a hyphen
- three digits ### Checksum
nine letters and digits
### Pattern
-nine letters and digits:
+nine letters and digits:
-- two digits or letters (not case-sensitive) -- two digits
+- two digits or letters (not case-sensitive)
+- two digits
- five digits or letters (not case-sensitive) OR -- one to two optional letters (not case-sensitive)
+- one to two optional letters (not case-sensitive)
- four to nine digits OR
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Driver's Lic# - Driver's Lics# - Driver's Licence#-- Driver's Licences#
+- Driver's Licences#
#### Keyword_australia_drivers_license_number_exclusions
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Driver'sLicenses# - Driver's License# - Driver's Licenses#
-
+ ## Australia medical account number ### Format
A DLP policy has high confidence that it's detected this type of sensitive infor
- local service - medicare
-
+ ## Australia passport number ### Format
-eight or nine alphanumeric characters
+eight or nine alphanumeric characters
### Pattern
A DLP policy has low confidence that it's detected this type of sensitive inform
<Pattern confidenceLevel="65"> <IdMatch idRef="Regex_australia_passport_number" /> </Pattern>
- </Entity>
+ </Entity>
``` ### Keywords
eight to nine digits
### Pattern eight to nine digits typically presented with spaces as follows:-- three digits -- an optional space -- three digits -- an optional space
+- three digits
+- an optional space
+- three digits
+- an optional space
- two to three digits where the last digit is a check digit ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
### Format eight digits without spaces and delimiters
-
+ ### Pattern eight digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The regular expression `Regex_austria_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_austria_eu_driver's_license_number` is found.
-
+
+- The regular expression `Regex_austria_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_austria_eu_driver's_license_number` is found.
+ ```xml <!-- Austria Driver's License Number --> <Entity id="682f18ce-44eb-482b-8198-2bcb96a0761e" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format A 24-character combination of letters, digits, and special characters
-
+ ### Pattern 24 characters:
-
-- 22 letters (not case-sensitive), digits, backslashes, forward slashes, or plus signs
-
+
+- 22 letters (not case-sensitive), digits, backslashes, forward slashes, or plus signs
+ - two letters (not case-sensitive), digits, backslashes, forward slashes, plus signs, or equal signs
-
+ ### Checksum Not applicable
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The regular expression `Regex_austria_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_austria_eu_national_id_card` is found.
-
+
+- The regular expression `Regex_austria_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_austria_eu_national_id_card` is found.
+ ```xml <!-- Austria Identity Card --> <Entity id="5ec06c3b-007e-4820-8343-7ff73b889735" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format One letter followed by an optional space and seven digits
-
+ ### Pattern A combination of one letter, seven digits, and one space:
-
+ - one letter (not case-sensitive) - one space (optional) - seven digits
-
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_austria_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_austria_eu_passport_number` is found.
+- The regular expression `Regex_austria_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_austria_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_austria_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_austria_eu_passport_number` is found.
-
+- The regular expression `Regex_austria_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_austria_eu_passport_number` is found.
+ ```xml <!-- Austria Passport Number --> <Entity id="1c96ae4e-303b-447d-86c7-77113ac266bf" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
- reisepassnummer - reisepasse-- No-Reisepass
+- No-Reisepass
- Nr-Reisepass - Reisepass-Nr - Passnummer
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 10 digits in the specified format
-
+ ### Pattern 10 digits:
-
-- three digits that correspond to a serial number +
+- three digits that correspond to a serial number
- one check digit - six digits that correspond to the birth date (DDMMYY)
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_austria_eu_ssn_or_equivalent` finds content that matches the pattern. -- a keyword from `Keywords_austria_eu_ssn_or_equivalent` is found.
-
+- The function `Func_austria_eu_ssn_or_equivalent` finds content that matches the pattern.
+- a keyword from `Keywords_austria_eu_ssn_or_equivalent` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_austria_eu_ssn_or_equivalent` finds content that matches the pattern.
-
+- The function `Func_austria_eu_ssn_or_equivalent` finds content that matches the pattern.
+ ```xml <!-- Austria Social Security Number --> <Entity id="6896a906-86c9-4d19-a2da-6e43ccd19b7b" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine digits with optional hyphen and forward slash
-
+ ### Pattern nine digits with optional hyphen and forward slash:
-
+ - two digits - a hyphen (optional) - three digits - a forward slash (optional) - four digits
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_austria_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_austria_eu_tax_file_number` is found.
-
+- The function `Func_austria_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_austria_eu_tax_file_number` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_austria_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_austria_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Austria Tax Identification Number --> <Entity id="4fd58d22-af28-4451-b18a-6f722430a56d" patternsProximity="300" recommendedConfidence="85">
A DLP policy has low confidence that it's detected this type of sensitive inform
- tin no - tin# - tax number
-
+ ## Austria value added tax This sensitive information type is only available for use in: - data loss prevention policies
A DLP policy has high confidence that it's detected this type of sensitive infor
### Format 10 digits without spaces and delimiters
-
+ ### Pattern 10 digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_belgium_eu_driver's_license_number` finds content that matches the pattern.
+- The regular expression `Regex_belgium_eu_driver's_license_number` finds content that matches the pattern.
- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_belgium_eu_driver's_license_number` is found.
-
+ ```xml <!-- Belgium Driver's License Number --> <Entity id="d89fd329-9324-433c-b687-2c37bd5166f3" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 11 digits plus delimiters:-- six digits and two optional periods in the format YY.MM.DD for date of birth -- An optional delimiter from dot, dash, space -- three sequential digits (odd for males, even for females) -- An optional delimiter from dot, dash, space
+- six digits and two optional periods in the format YY.MM.DD for date of birth
+- An optional delimiter from dot, dash, space
+- three sequential digits (odd for males, even for females)
+- An optional delimiter from dot, dash, space
- two check digits ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format two letters followed by six digits with no spaces or delimiters
-
+ ### Pattern two letters and followed by six digits
-
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_belgium_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_belgium_eu_passport_number` is found.
+- The regular expression `Regex_belgium_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_belgium_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date2` finds date in the format DD MM YY or a keyword from `Keywords_eu_passport_date` or `Keywords_belgium_eu_passport_number` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_belgium_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_belgium_eu_passport_number` is found.
+- The regular expression `Regex_belgium_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_belgium_eu_passport_number` is found.
```xml <!-- Belgium Passport Number -->
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Identification - Registration - Revenue-- Cadastro de Pessoas Físicas -- Imposto -- Identificação -- Inscrição -- Receita
+- Cadastro de Pessoas Físicas
+- Imposto
+- Identificação
+- Inscrição
+- Receita
+
-
## Brazil legal entity number (CNPJ) ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
14 digits, plus delimiters: -- two digits -- a period -- three digits -- a period -- three digits (these first eight digits are the registration number) -- a forward slash -- four-digit branch number -- a hyphen
+- two digits
+- a period
+- three digits
+- a period
+- three digits (these first eight digits are the registration number)
+- a forward slash
+- four-digit branch number
+- a hyphen
- two digits that are check digits ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_brazil_cnpj -- CNPJ -- CNPJ/MF -- CNPJ-MF -- National Registry of Legal Entities -- Taxpayers Registry -- Legal entity -- Legal entities -- Registration Status -- Business
+- CNPJ
+- CNPJ/MF
+- CNPJ-MF
+- National Registry of Legal Entities
+- Taxpayers Registry
+- Legal entity
+- Legal entities
+- Registration Status
+- Business
- Company-- CNPJ -- Cadastro Nacional da Pessoa Jurídica -- Cadastro Geral de Contribuintes -- CGC -- Pessoa jurídica -- Pessoas jurídicas -- Situação cadastral -- Inscrição -- Empresa -
-
+- CNPJ
+- Cadastro Nacional da Pessoa Jurídica
+- Cadastro Geral de Contribuintes
+- CGC
+- Pessoa jurídica
+- Pessoas jurídicas
+- Situação cadastral
+- Inscrição
+- Empresa
++ ## Brazil national identification card (RG) ### Format
Registro de Identidade (RIC) (new format): 11 digits
### Pattern Registro Geral (old format):-- two digits -- a period -- three digits -- a period -- three digits -- a hyphen
+- two digits
+- a period
+- three digits
+- a period
+- three digits
+- a hyphen
- one digit that is a check digit Registro de Identidade (RIC) (new format):-- 10 digits -- a hyphen
+- 10 digits
+- a hyphen
- one digit that is a check digit ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
- Cédula de identidade - identity card-- national id
+- national id
- n├║mero de rregistro-- registro de Iidentidade
+- registro de Iidentidade
- registro geral-- RG (this keyword is case-sensitive) -- RIC (this keyword is case-sensitive)
+- RG (this keyword is case-sensitive)
+- RIC (this keyword is case-sensitive)
## Bulgaria driver's license number
A DLP policy has high confidence that it's detected this type of sensitive infor
### Format nine digits without spaces and delimiters
-
+ ### Pattern nine digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_bulgaria_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_bulgaria_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_bulgaria_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_bulgaria_eu_driver's_license_number` is found.
+ ```xml <!-- Bulgaria Driver's License Number --> <Entity id="66d39258-94c2-43b2-804b-aa312258e54b" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
<Match idRef="Keywords_bulgaria_eu_driver's_license_number" /> </Any> </Pattern>
- </Entity>
+ </Entity>
``` ### Keywords
This sensitive information type is only available for use in:
### Format 10 digits without spaces and delimiters
-
+ ### Pattern 10 digits without spaces and delimiters
-
-- six digits that correspond to the birth date (YYMMDD) +
+- six digits that correspond to the birth date (YYMMDD)
- two digits that correspond to the birth order - one digit that corresponds to gender: An even digit for male and an odd digit for female - one check digit
This sensitive information type is only available for use in:
### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_bulgaria_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_bulgaria_eu_national_id_card` is found.
+- The function `Func_bulgaria_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_bulgaria_eu_national_id_card` is found.
A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_bulgaria_eu_national_id_card` finds content that matches the pattern.
-
+- The function `Func_bulgaria_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Bulgaria Uniform Civil Number --> <Entity id="100d58b1-0a35-4fb1-aa89-e4a86fb53fcc" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine digits without spaces and delimiters
-
+ ### Pattern
-nine digits
-
+nine digits
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_bulgaria_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_bulgaria_eu_passport_number` is found.
+- The regular expression `Regex_bulgaria_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_bulgaria_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_bulgaria_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_bulgaria_eu_passport_number` is found.
+- The regular expression `Regex_bulgaria_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_bulgaria_eu_passport_number` is found.
```xml <!-- Bulgaria Passport Number -->
A DLP policy has medium confidence that it's detected this type of sensitive inf
A Canada Bank Account Number is 7 or 12 digits. A Canada bank account transit number is:-- five digits -- a hyphen
+- five digits
+- a hyphen
- three digits OR-- a zero "0"
+- a zero "0"
- eight digits ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
- banking information - direct deposit
-
+ ## Canada driver's license number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
- identification #s - identification card - identification cards-- identification
+- identification
- DL#-- DLS# -- CDL# -- CDLS# -- DriverLic# -- DriverLics# -- DriverLicense# -- DriverLicenses# -- DriverLicence# -- DriverLicences#
+- DLS#
+- CDL#
+- CDLS#
+- DriverLic#
+- DriverLics#
+- DriverLicense#
+- DriverLicenses#
+- DriverLicence#
+- DriverLicences#
- Driver Lic#-- Driver Lics# -- Driver License# -- Driver Licenses# -- Driver License# -- Driver Licences# -- DriversLic# -- DriversLics# -- DriversLicense# -- DriversLicenses# -- DriversLicence# -- DriversLicences# -- Drivers Lic# -- Drivers Lics# -- Drivers License# -- Drivers Licenses# -- Drivers Licence# -- Drivers Licences# -- Driver'Lic# -- Driver'Lics# -- Driver'License# -- Driver'Licenses# -- Driver'Licence# -- Driver'Licences# -- Driver' Lic# -- Driver' Lics# -- Driver' License# -- Driver' Licenses# -- Driver' Licence# -- Driver' Licences# -- Driver'sLic# -- Driver'sLics# -- Driver'sLicense# -- Driver'sLicenses# -- Driver'sLicence# -- Driver'sLicences# -- Driver's Lic# -- Driver's Lics# -- Driver's License# -- Driver's Licenses# -- Driver's Licence# -- Driver's Licences# -- Permis de Conduire# -- id# -- ids# -- idcard card# -- idcard cards# -- idcard# -- identification card# -- identification cards# -- identification# -
-
+- Driver Lics#
+- Driver License#
+- Driver Licenses#
+- Driver License#
+- Driver Licences#
+- DriversLic#
+- DriversLics#
+- DriversLicense#
+- DriversLicenses#
+- DriversLicence#
+- DriversLicences#
+- Drivers Lic#
+- Drivers Lics#
+- Drivers License#
+- Drivers Licenses#
+- Drivers Licence#
+- Drivers Licences#
+- Driver'Lic#
+- Driver'Lics#
+- Driver'License#
+- Driver'Licenses#
+- Driver'Licence#
+- Driver'Licences#
+- Driver' Lic#
+- Driver' Lics#
+- Driver' License#
+- Driver' Licenses#
+- Driver' Licence#
+- Driver' Licences#
+- Driver'sLic#
+- Driver'sLics#
+- Driver'sLicense#
+- Driver'sLicenses#
+- Driver'sLicence#
+- Driver'sLicences#
+- Driver's Lic#
+- Driver's Lics#
+- Driver's License#
+- Driver's Licenses#
+- Driver's Licence#
+- Driver's Licences#
+- Permis de Conduire#
+- id#
+- ids#
+- idcard card#
+- idcard cards#
+- idcard#
+- identification card#
+- identification cards#
+- identification#
++ ## Canada health service number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
- workers compensation - disability
-
+ ## Canada passport number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
- The regular expression Regex_canada_passport_number finds content that matches the pattern. - A keyword from Keyword_canada_passport_number or Keyword_passport is found.
-```xml
+```xml
<!-- Canada Passport Number --> <Entity id="14d0db8b-498a-43ed-9fca-f6097ae687eb" patternsProximity="300" recommendedConfidence="75"> <Pattern confidenceLevel="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
- PasseportNon - Passeportn ┬░
-
+ ## Canada personal health identification number (PHIN) ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Prince Edward Island - Canada
-
+ ## Canada social insurance number ### Format
nine digits with optional hyphens or spaces
### Pattern Formatted:-- three digits -- a hyphen or space -- three digits -- a hyphen or space
+- three digits
+- a hyphen or space
+- three digits
+- a hyphen or space
- three digits Unformatted: nine digits
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_sin -- sin -- social insurance -- numero d'assurance sociale -- sins -- ssn -- ssns -- social security -- numero d'assurance social -- national identification number -- national id -- sin# -- soc ins -- social ins
+- sin
+- social insurance
+- numero d'assurance sociale
+- sins
+- ssn
+- ssns
+- social security
+- numero d'assurance social
+- national identification number
+- national id
+- sin#
+- soc ins
+- social ins
#### Keyword_sin_collaborative -- driver's license -- drivers license -- driver's licence -- drivers licence -- DOB -- Birthdate -- Birthday -- Date of Birth
+- driver's license
+- drivers license
+- driver's licence
+- drivers licence
+- DOB
+- Birthdate
+- Birthday
+- Date of Birth
+
-
## Chile identity card number ### Format
seven to eight digits plus delimiters a check digit or letter
### Pattern seven to eight digits plus delimiters:-- one to two digits -- an optional period -- three digits -- an optional period -- three digits -- a dash
+- one to two digits
+- an optional period
+- three digits
+- an optional period
+- three digits
+- a dash
- one digit or letter (not case-sensitive) which is a check digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Chile identity number - Chile identity #
-
+ ## China resident identity card (PRC) number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 18 digits:-- six digits that are an address code -- eight digits in the form YYYYMMDD, which are the date of birth -- three digits that are an order code
+- six digits that are an address code
+- eight digits in the form YYYYMMDD, which are the date of birth
+- three digits that are an order code
- one digit that is a check digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Keyword_china_resident_id -- Resident Identity Card -- PRC -- National Identification Card -- 身份证 -- 居民 身份证 -- 居民身份证 -- 鉴定 -- 身分證
+- Resident Identity Card
+- PRC
+- National Identification Card
+- 身份证
+- 居民 身份证
+- 居民身份证
+- 鉴定
+- 身分證
- 居民 身份證-- 鑑定
+- Θææσ«Ü
+
-
## Credit card number ### Format
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format eight digits without spaces and delimiters
-
+ ### Pattern eight digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The regular expression `Regex_croatia_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_croatia_eu_driver's_license_number` is found. +
+- The regular expression `Regex_croatia_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_croatia_eu_driver's_license_number` is found.
```xml <!-- Croatia Driver's License Number -->
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine digits without spaces and delimiters
-
+ ### Pattern
-nine digits
-
+nine digits
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_croatia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_croatia_eu_passport_number` is found.
+- The regular expression `Regex_croatia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_croatia_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_croatia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_croatia_eu_passport_number` is found.
-
+- The regular expression `Regex_croatia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_croatia_eu_passport_number` is found.
+ ```xml <!-- Croatia Passport Number --> <Entity id="7d7a729d-32d8-4204-8d01-d5e6a6c25581" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
- broj putovnice - br. Putovnice - br putovnice
-
+ ## Croatia personal identification (OIB) number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 11 digits:-- 10 digits
+- 10 digits
- final digit is a check digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 12 digits without spaces and delimiters
-
+ ### Pattern 12 digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_cyprus_eu_driver's_license_number` finds content that matches the pattern.
+- The regular expression `Regex_cyprus_eu_driver's_license_number` finds content that matches the pattern.
- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_cyprus_eu_driver's_license_number` is found. ```xml
This sensitive information type is only available for use in:
### Format 10 digits without spaces and delimiters
-
+ ### Pattern
-10 digits
-
+10 digits
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_cyprus_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_cyprus_eu_national_id_card` is found.
-
-```xml
+- The regular expression `Regex_cyprus_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_cyprus_eu_national_id_card` is found.
+
+```xml
<!-- Cyprus Identity Card --> <Entity id="3ba8afe5-7a6c-4929-8247-0001b6878438" patternsProximity="300" recommendedConfidence="75"> <Pattern confidenceLevel="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format one letter followed by 6-8 digits with no spaces or delimiters
-
+ ### Pattern one letter followed by six to eight digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_cyprus_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_cyprus_eu_passport_number` is found.
+- The regular expression `Regex_cyprus_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_cyprus_eu_passport_number` is found.
- The regular expression `Regex_cyprus_eu_passport_date` finds date in the format DD/MM/YYYY or a keyword from `Keywords_cyprus_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_cyprus_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_cyprus_eu_passport_number` is found.
-
+- The regular expression `Regex_cyprus_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_cyprus_eu_passport_number` is found.
+ ```xml <!-- Cyprus Passport Number --> <Entity id="9193e2e8-7f8c-43c1-a274-ac40d651936f" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format eight digits and one letter in the specified pattern
-
+ ### Pattern eight digits and one letter:
-
+ - a "0" or "9" - seven digits - one letter (not case-sensitive)
-
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_cyprus_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_cyprus_eu_tax_file_number` is found.
-
+- The function `Func_cyprus_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_cyprus_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_cyprus_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_cyprus_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Cyprus Tax Identification Number --> <Entity id="40e64bd9-55f3-4a09-9bd6-1db18dced9dd" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format two letters followed by six digits
-
+ ### Pattern eight letters and digits:
-
+ - letter 'E' (not case-sensitive) - a letter - a space (optional)
eight letters and digits:
### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_czech_republic_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_czech_republic_eu_driver's_license_number` is found.
+- The regular expression `Regex_czech_republic_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_czech_republic_eu_driver's_license_number` is found.
```xml <Entity id="86b40d3b-d8ea-4c36-aab0-ef9416a6769c" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight digits without spaces or delimiters
-
+ ### Pattern eight digits without spaces or delimiters
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_czech_republic_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_czech_republic_eu_passport_number` is found.
+- The regular expression `Regex_czech_republic_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_czech_republic_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_czech_republic_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_czech_republic_eu_passport_number` is found.
-
+- The regular expression `Regex_czech_republic_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_czech_republic_eu_passport_number` is found.
+ ```xml <!-- Czech Republic Passport Number --> <Entity id="7bcd8ce8-5e92-4bbe-bc92-fa669f0369fa" patternsProximity="300" recommendedConfidence="75">
nine digits (old format):
10 digits (new format): - six digits that represent date of birth-- an optional forward slash
+- an optional forward slash
- four digits where last digit is a check digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight digits without spaces and delimiters
-
+ ### Pattern eight digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_denmark_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_denmark_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_denmark_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_denmark_eu_driver's_license_number` is found.
+ ```xml <!-- Denmark Driver's License Number --> <Entity id="98a95812-6203-451a-a220-d39870ebef0e" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine digits without spaces and delimiters
-
+ ### Pattern
-nine digits
-
+nine digits
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_denmark_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_denmark_eu_passport_number` is found.
+- The regular expression `Regex_denmark_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_denmark_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date2` finds date in the format DD MM YY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_denmark_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_denmark_eu_passport_number` is found.
-
+- The regular expression `Regex_denmark_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_denmark_eu_passport_number` is found.
+ ```xml <!-- Denmark Passport Number --> <Entity id="25e8c47e-e6fe-4884-a211-74898f8c0196" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 10 digits:-- six digits in the format DDMMYY, which are the date of birth -- a hyphen
+- six digits in the format DDMMYY, which are the date of birth
+- a hyphen
- four digits where the final digit is a check digit ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
```xml <!-- Denmark Personal Identification Number -->
- <!-- Denmark Personal Identification Number -->
+ <!-- Denmark Personal Identification Number -->
<Entity id="6c4f2fef-56e1-4c00-8093-88d7a01cf460" patternsProximity="300" recommendedConfidence="75"> <Pattern confidenceLevel="75"> <IdMatch idRef="Func_denmark_eu_tax_file_number" />
two letters followed by seven digits
### Pattern Pattern must include all of the following:-- one letter (not case-sensitive) from this set of possible letters: abcdefghjklmnprstux, which is a registrant code
+- one letter (not case-sensitive) from this set of possible letters: abcdefghjklmnprstux, which is a registrant code
- one letter (not case-sensitive), which is the first letter of the registrant's last name or digit '9' - seven digits, the last of which is the check digit
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format two letters followed by six digits
-
+ ### Pattern two letters and six digits:
-
-- the letters "ET" (not case-sensitive) +
+- the letters "ET" (not case-sensitive)
- six digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_estonia_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_estonia_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_estonia_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_estonia_eu_driver's_license_number` is found.
+ ```xml <!-- Estonia Driver's License Number --> <Entity id="51da8171-da70-4cc1-9d65-055a59ca4f83" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format 11 digits without spaces and delimiters
-
+ ### Pattern 11 digits:
-
+ - one digit that corresponds to sex and century of birth (odd number male, even number female; 1-2: 19th century; 3-4: 20th century; 5-6: 21st century) - six digits that correspond to date of birth (YYMMDD) - three digits that correspond to a serial number separating persons born on the same date - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_estonia_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_estonia_eu_national_id_card` is found.
-
+- The function `Func_estonia_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_estonia_eu_national_id_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_estonia_eu_national_id_card` finds content that matches the pattern.
-
+- The function `Func_estonia_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Estonia Personal Identification Code --> <Entity id="bfb26de6-dad5-4d48-ab72-4789cdd0654c" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format one letter followed by seven digits with no spaces or delimiters
-
+ ### Pattern one letter followed by seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_estonia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_estonia_eu_passport_number` is found.
+- The regular expression `Regex_estonia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_estonia_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_estonia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_estonia_eu_passport_number` is found.
-
+- The regular expression `Regex_estonia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_estonia_eu_passport_number` is found.
+ ```xml <!-- Estonia Passport Number --> <Entity id="61f7073a-509e-425b-a754-bc01bb5d5b8c" patternsProximity="300" recommendedConfidence="75">
A DLP policy has high confidence that it's detected this type of sensitive infor
#### Keyword_eu_debit_card -- account number -- card number -- card no. -- security number -- cc#
+- account number
+- card number
+- card no.
+- security number
+- cc#
#### Keyword_card_terms_dict -- acct nbr -- acct num -- acct no -- american express -- americanexpress -- americano espresso -- amex -- atm card -- atm cards -- atm kaart -- atmcard -- atmcards -- atmkaart -- atmkaarten -- bancontact -- bank card -- bankkaart -- card holder -- card holders -- card num -- card number -- card numbers -- card type -- cardano numerico -- cardholder -- cardholders -- cardnumber -- cardnumbers -- carta bianca -- carta credito -- carta di credito -- cartao de credito -- cartao de crédito -- cartao de debito -- cartao de débito -- carte bancaire -- carte blanche -- carte bleue -- carte de credit -- carte de crédit -- carte di credito -- carteblanche -- cartão de credito -- cartão de crédito -- cartão de debito -- cartão de débito -- cb -- ccn -- check card -- check cards
+- acct nbr
+- acct num
+- acct no
+- american express
+- americanexpress
+- americano espresso
+- amex
+- atm card
+- atm cards
+- atm kaart
+- atmcard
+- atmcards
+- atmkaart
+- atmkaarten
+- bancontact
+- bank card
+- bankkaart
+- card holder
+- card holders
+- card num
+- card number
+- card numbers
+- card type
+- cardano numerico
+- cardholder
+- cardholders
+- cardnumber
+- cardnumbers
+- carta bianca
+- carta credito
+- carta di credito
+- cartao de credito
+- cartao de crédito
+- cartao de debito
+- cartao de débito
+- carte bancaire
+- carte blanche
+- carte bleue
+- carte de credit
+- carte de crédit
+- carte di credito
+- carteblanche
+- cartão de credito
+- cartão de crédito
+- cartão de debito
+- cartão de débito
+- cb
+- ccn
+- check card
+- check cards
- checkcard-- checkcards -- chequekaart -- cirrus -- cirrus-edc-maestro -- controlekaart -- controlekaarten -- credit card -- credit cards -- creditcard -- creditcards -- debetkaart -- debetkaarten -- debit card -- debit cards -- debitcard -- debitcards -- debito automatico -- diners club -- dinersclub -- discover -- discover card -- discover cards -- discovercard -- discovercards
+- checkcards
+- chequekaart
+- cirrus
+- cirrus-edc-maestro
+- controlekaart
+- controlekaarten
+- credit card
+- credit cards
+- creditcard
+- creditcards
+- debetkaart
+- debetkaarten
+- debit card
+- debit cards
+- debitcard
+- debitcards
+- debito automatico
+- diners club
+- dinersclub
+- discover
+- discover card
+- discover cards
+- discovercard
+- discovercards
- débito automático-- edc -- eigentümername -- european debit card -- hoofdkaart -- hoofdkaarten -- in viaggio -- japanese card bureau -- japanse kaartdienst -- jcb -- kaart -- kaart num -- kaartaantal -- kaartaantallen -- kaarthouder -- kaarthouders -- karte -- karteninhaber
+- edc
+- eigent├╝mername
+- european debit card
+- hoofdkaart
+- hoofdkaarten
+- in viaggio
+- japanese card bureau
+- japanse kaartdienst
+- jcb
+- kaart
+- kaart num
+- kaartaantal
+- kaartaantallen
+- kaarthouder
+- kaarthouders
+- karte
+- karteninhaber
- karteninhabers-- kartennr -- kartennummer -- kreditkarte -- kreditkarten-nummer -- kreditkarteninhaber -- kreditkarteninstitut -- kreditkartennummer -- kreditkartentyp -- maestro -- master card -- master cards -- mastercard -- mastercards -- mc -- mister cash -- n carta -- carta -- no de tarjeta -- no do cartao -- no do cartão -- no. de tarjeta -- no. do cartao -- no. do cartão -- nr carta -- nr. carta -- numeri di scheda -- numero carta -- numero de cartao -- numero de carte -- numero de cartão
+- kartennr
+- kartennummer
+- kreditkarte
+- kreditkarten-nummer
+- kreditkarteninhaber
+- kreditkarteninstitut
+- kreditkartennummer
+- kreditkartentyp
+- maestro
+- master card
+- master cards
+- mastercard
+- mastercards
+- mc
+- mister cash
+- n carta
+- carta
+- no de tarjeta
+- no do cartao
+- no do cartão
+- no. de tarjeta
+- no. do cartao
+- no. do cartão
+- nr carta
+- nr. carta
+- numeri di scheda
+- numero carta
+- numero de cartao
+- numero de carte
+- numero de cartão
- numero de tarjeta-- numero della carta -- numero di carta -- numero di scheda -- numero do cartao -- numero do cartão -- numéro de carte -- nº carta -- nº de carte -- nº de la carte -- nº de tarjeta -- nº do cartao -- nº do cartão -- nº. do cartão -- número de cartao -- número de cartão -- número de tarjeta -- número do cartao -- scheda dell'assegno -- scheda dell'atmosfera -- scheda dell'atmosfera -- scheda della banca -- scheda di controllo -- scheda di debito -- scheda matrice -- schede dell'atmosfera -- schede di controllo -- schede di debito -- schede matrici -- scoprono la scheda -- scoprono le schede -- solo -- supporti di scheda -- supporto di scheda -- switch -- tarjeta atm -- tarjeta credito -- tarjeta de atm -- tarjeta de credito -- tarjeta de debito -- tarjeta debito
+- numero della carta
+- numero di carta
+- numero di scheda
+- numero do cartao
+- numero do cartão
+- numéro de carte
+- n┬║ carta
+- n┬║ de carte
+- n┬║ de la carte
+- n┬║ de tarjeta
+- n┬║ do cartao
+- nº do cartão
+- nº. do cartão
+- n├║mero de cartao
+- número de cartão
+- n├║mero de tarjeta
+- n├║mero do cartao
+- scheda dell'assegno
+- scheda dell'atmosfera
+- scheda dell'atmosfera
+- scheda della banca
+- scheda di controllo
+- scheda di debito
+- scheda matrice
+- schede dell'atmosfera
+- schede di controllo
+- schede di debito
+- schede matrici
+- scoprono la scheda
+- scoprono le schede
+- solo
+- supporti di scheda
+- supporto di scheda
+- switch
+- tarjeta atm
+- tarjeta credito
+- tarjeta de atm
+- tarjeta de credito
+- tarjeta de debito
+- tarjeta debito
- tarjeta no-- tarjetahabiente -- tipo della scheda -- ufficio giapponese della -- scheda -- v pay -- v-pay -- visa -- visa plus -- visa electron -- visto -- visum -- vpay
+- tarjetahabiente
+- tipo della scheda
+- ufficio giapponese della
+- scheda
+- v pay
+- v-pay
+- visa
+- visa plus
+- visa electron
+- visto
+- visum
+- vpay
#### Keyword_card_security_terms_dict - card identification number-- card verification -- cardi la verifica -- cid -- cod seg -- cod seguranca -- cod segurança -- cod sicurezza -- cod. seg -- cod. seguranca -- cod. segurança -- cod. sicurezza -- codice di sicurezza -- codice di verifica -- codigo -- codigo de seguranca -- codigo de segurança -- crittogramma -- cryptogram -- cryptogramme -- cv2 -- cvc -- cvc2 -- cvn -- cvv -- cvv2 -- cód seguranca -- cód segurança -- cód. seguranca -- cód. segurança -- código -- código de seguranca -- código de segurança -- de kaart controle -- geeft nr uit -- issue no -- issue number -- kaartidentificatienummer -- kreditkartenprufnummer -- kreditkartenprüfnummer -- kwestieaantal -- no. dell'edizione -- no. di sicurezza -- numero de securite -- numero de verificacao -- numero dell'edizione -- numero di identificazione della -- scheda -- numero di sicurezza -- numero van veiligheid -- numéro de sécurité -- nº autorizzazione -- número de verificação -- perno il blocco -- pin block -- prufziffer -- prüfziffer -- security code -- security no -- security number -- sicherheits kode -- sicherheitscode -- sicherheitsnummer -- speldblok -- veiligheid nr -- veiligheidsaantal -- veiligheidscode -- veiligheidsnummer -- verfalldatum -
-#### Keyword_card_expiration_terms_dict
--- ablauf -- data de expiracao -- data de expiração -- data del exp -- data di exp -- data di scadenza -- data em que expira -- data scad -- data scadenza -- date de validité -- datum afloop -- datum van exp -- de afloop -- espira -- espira -- exp date -- exp datum -- expiration -- expire -- expires -- expiry -- fecha de expiracion -- fecha de venc -- gultig bis -- gultigkeitsdatum -- gültig bis -- gültigkeitsdatum -- la scadenza -- scadenza -- valable -- validade -- valido hasta -- valor -- venc -- vencimento -- vencimiento -- verloopt -- vervaldag -- vervaldatum -- vto -- válido hasta --
-## EU driver's license number
-
-These entities are in the EU Driver's License Number and are sensitive information types.
--- [Austria](#austria-drivers-license-number)
+- card verification
+- cardi la verifica
+- cid
+- cod seg
+- cod seguranca
+- cod segurança
+- cod sicurezza
+- cod. seg
+- cod. seguranca
+- cod. segurança
+- cod. sicurezza
+- codice di sicurezza
+- codice di verifica
+- codigo
+- codigo de seguranca
+- codigo de segurança
+- crittogramma
+- cryptogram
+- cryptogramme
+- cv2
+- cvc
+- cvc2
+- cvn
+- cvv
+- cvv2
+- c├│d seguranca
+- cód segurança
+- c├│d. seguranca
+- cód. segurança
+- c├│digo
+- c├│digo de seguranca
+- código de segurança
+- de kaart controle
+- geeft nr uit
+- issue no
+- issue number
+- kaartidentificatienummer
+- kreditkartenprufnummer
+- kreditkartenpr├╝fnummer
+- kwestieaantal
+- no. dell'edizione
+- no. di sicurezza
+- numero de securite
+- numero de verificacao
+- numero dell'edizione
+- numero di identificazione della
+- scheda
+- numero di sicurezza
+- numero van veiligheid
+- numéro de sécurité
+- n┬║ autorizzazione
+- número de verificação
+- perno il blocco
+- pin block
+- prufziffer
+- pr├╝fziffer
+- security code
+- security no
+- security number
+- sicherheits kode
+- sicherheitscode
+- sicherheitsnummer
+- speldblok
+- veiligheid nr
+- veiligheidsaantal
+- veiligheidscode
+- veiligheidsnummer
+- verfalldatum
+
+#### Keyword_card_expiration_terms_dict
+
+- ablauf
+- data de expiracao
+- data de expiração
+- data del exp
+- data di exp
+- data di scadenza
+- data em que expira
+- data scad
+- data scadenza
+- date de validité
+- datum afloop
+- datum van exp
+- de afloop
+- espira
+- espira
+- exp date
+- exp datum
+- expiration
+- expire
+- expires
+- expiry
+- fecha de expiracion
+- fecha de venc
+- gultig bis
+- gultigkeitsdatum
+- g├╝ltig bis
+- g├╝ltigkeitsdatum
+- la scadenza
+- scadenza
+- valable
+- validade
+- valido hasta
+- valor
+- venc
+- vencimento
+- vencimiento
+- verloopt
+- vervaldag
+- vervaldatum
+- vto
+- válido hasta
++
+## EU driver's license number
+
+These entities are in the EU Driver's License Number and are sensitive information types.
+
+- [Austria](#austria-drivers-license-number)
- [Belgium](#belgium-drivers-license-number) - [Bulgaria](#bulgaria-drivers-license-number) - [Croatia](#croatia-drivers-license-number)
These entities are in the EU Driver's License Number and are sensitive informati
- [Denmark](#denmark-drivers-license-number) - [Estonia](#estonia-drivers-license-number) - [Finland](#finland-drivers-license-number)-- [France](#france-drivers-license-number)
+- [France](#france-drivers-license-number)
- [Germany](#germany-drivers-license-number) - [Greece](#greece-drivers-license-number) - [Hungary](#hungary-drivers-license-number)
These entities are in the EU Driver's License Number and are sensitive informati
- [Luxemburg](#luxemburg-drivers-license-number) - [Malta](#malta-drivers-license-number) - [Netherlands](#netherlands-drivers-license-number)-- [Poland](#poland-drivers-license-number)
+- [Poland](#poland-drivers-license-number)
- [Portugal](#portugal-drivers-license-number) - [Romania](#romania-drivers-license-number) - [Slovakia](#slovakia-drivers-license-number)
These entities are in the EU National Identification Number and are sensitive in
- [Slovakia](#slovakia-personal-number) - [Slovenia](#slovenia-unique-master-citizen-number) - [Spain](#spain-dni)-- [U.K.](#uk-national-insurance-number-nino)
+- [U.K.](#uk-national-insurance-number-nino)
-## EU passport number
+## EU passport number
These entities are in the EU passport number and are sensitive information types. These entities are in the EU passport number bundle.
These entities are in the EU Tax identification number sensitive information typ
### Format 10 digits containing a hyphen
-
+ ### Pattern 10 digits containing a hyphen:
-
-- six digits +
+- six digits
- a hyphen-- three digits
+- three digits
- a digit or letter
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_finland_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_finland_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_finland_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_finland_eu_driver's_license_number` is found.
+ ```xml <!-- Finland Driver's License Number --> <Entity id="bb3b27a3-79bd-4ac4-81a7-f9fca3c7d1a7" patternsProximity="300" recommendedConfidence="75">
six digits plus a character indicating a century plus three digits plus a check
### Pattern Pattern must include all of the following:-- six digits in the format DDMMYY, which are a date of birth -- century marker (either '-', '+' or 'a') -- three-digit personal identification number
+- six digits in the format DDMMYY, which are a date of birth
+- century marker (either '-', '+' or 'a')
+- three-digit personal identification number
- a digit or letter (case insensitive) which is a check digit ### Checksum
combination of nine letters and digits
### Pattern combination of nine letters and digits:-- two letters (not case-sensitive)
+- two letters (not case-sensitive)
- seven digits ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
- numéro d'assurance maladie - numéro de carte vitale
-
+ ## France passport number This entity is available in the EU Passport Number sensitive information type. It's also available as a stand-alone sensitive information type entity.
nine digits and letters
### Pattern nine digits and letters:-- two digits -- two letters (not case-sensitive)
+- two digits
+- two letters (not case-sensitive)
- five digits ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 13 digits
-
+ ### Pattern 13 digits
-
+ - One digit that must be 0, 1, 2, or 3 - One digit - A space (optional)-- Two digits
+- Two digits
- A space (optional)-- Three digits
+- Three digits
- A space (optional)-- Three digits
+- Three digits
- A space (optional)-- Three check digits
+- Three check digits
+
-
### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_france_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_france_eu_tax_file_number` is found.
-
+- The function `Func_france_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_france_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_france_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_france_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- France Tax Identification Number (numéro SPI.) --> <Entity id="ed59e77e-171d-442c-9ec1-88e2ebcb5b0a" patternsProximity="300" recommendedConfidence="85">
combination of 11 digits and letters
### Pattern 11 digits and letters (not case-sensitive):-- a digit or letter -- two digits -- six digits or letters -- a digit
+- a digit or letter
+- two digits
+- six digits or letters
+- a digit
- a digit or letter ### Checksum
from 1 April 1987 until 31 October 2010: 10 digits
### Pattern since 1 November 2010:-- one letter (not case-sensitive)
+- one letter (not case-sensitive)
- eight digits from 1 April 1987 until 31 October 2010:
This entity is included in the EU Passport Number sensitive information type and
### Pattern Pattern must include all of the following:-- first character is a digit or a letter from this set (C, F, G, H, J, K) -- three digits -- five digits or letters from this set (C, -H, J-N, P, R, T, V-Z)
+- first character is a digit or a letter from this set (C, F, G, H, J, K)
+- three digits
+- five digits or letters from this set (C, -H, J-N, P, R, T, V-Z)
- a digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
- reisepasse - reisepassnummer-- No-Reisepass
+- No-Reisepass
- Nr-Reisepass - Reisepass-Nr - Passnummer
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 11 digits without spaces and delimiters
-
+ ### Pattern 11 digits
-
-- Two digits +
+- Two digits
- An optional space-- Three digits
+- Three digits
- An optional space-- Three digits
+- Three digits
- An optional space - Two digits - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_germany_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_germany_eu_tax_file_number` is found.
-
+- The function `Func_germany_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_germany_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_germany_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_germany_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Germany Tax Identification Number --> <Entity id="43316a89-9880-40cf-b980-04bc7eefcec5" patternsProximity="300" recommendedConfidence="85">
This entity is included in the EU Driver's License Number sensitive information
### Format nine digits without spaces and delimiters
-
+ ### Pattern
-nine digits
-
+nine digits
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_greece_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_greece_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_greece_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_greece_eu_driver's_license_number` is found.
+ ```xml <!-- Greece Driver's License Number --> <Entity id="7a2200b5-aacf-4e3c-ab36-136d3e68b7da" patternsProximity="300" recommendedConfidence="75">
Combination of 7-8 letters and numbers plus a dash
### Pattern Seven letters and numbers (old format):-- One letter (any letter of the Greek alphabet) -- A dash
+- One letter (any letter of the Greek alphabet)
+- A dash
- Six digits Eight letters and numbers (new format):-- Two letters whose uppercase character occurs in both the Greek and Latin alphabets (ABEZHIKMNOPTYX) -- A dash
+- Two letters whose uppercase character occurs in both the Greek and Latin alphabets (ABEZHIKMNOPTYX)
+- A dash
- Six digits ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format Two letters followed by seven digits with no spaces or delimiters
-
+ ### Pattern Two letters followed by seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_greece_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_greece_eu_passport_number` is found.
+- The regular expression `Regex_greece_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_greece_eu_passport_number` is found.
- The regular expression `Regex_greece_eu_passport_date` finds date in the format DD MMM YY (Example - 28 Aug 19) or a keyword from `Keywords_greece_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_greece_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_greece_eu_passport_number` is found.
-
+- The regular expression `Regex_greece_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_greece_eu_passport_number` is found.
+ ```xml <!-- Greece Passport Number --> <Entity id="7e65eb47-cdf9-4f52-8f90-2a27d5ee67e3" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format 11 digits without spaces and delimiters
-
+ ### Pattern - Six digits as date of birth YYMMDD - Four digits - a check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_greece_eu_ssn` finds content that matches the pattern. -- A keyword from `Keywords_greece_eu_ssn_or_equivalent` is found.
-
+- The function `Func_greece_eu_ssn` finds content that matches the pattern.
+- A keyword from `Keywords_greece_eu_ssn_or_equivalent` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_greece_eu_ssn` finds content that matches the pattern.
+- The function `Func_greece_eu_ssn` finds content that matches the pattern.
```xml <!-- Greece Social Security Number (AMKA) -->
This sensitive information type is only available for use in:
### Format Nine digits without spaces and delimiters
-
+ ### Pattern Nine digits
-
+ ### Checksum Not applicable
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The regular expression `Regex_greece_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_greece_eu_tax_file_number` is found.
-
+
+- The regular expression `Regex_greece_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_greece_eu_tax_file_number` is found.
+ ```xml <!-- Greek Tax Identification Number --> <Entity id="15a54a5a-53d4-4080-ad43-a2a4fe1d3bf7" patternsProximity="300" recommendedConfidence="75">
Combination of 8-9 letters and numbers plus optional parentheses around the fina
### Pattern Combination of 8-9 letters:-- 1-2 letters (not case-sensitive) -- Six digits
+- 1-2 letters (not case-sensitive)
+- Six digits
- The final character (any digit or the letter A), which is the check digit and is optionally enclosed in parentheses. ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
- 香港特別行政區非永久性居民身分證 - 香港特別行政區非永久性居民身分証
-
+ ## Hungary driver's license number ### Format Two letters followed by six digits
-
+ ### Pattern Two letters and six digits:
-
-- Two letters (not case-sensitive) +
+- Two letters (not case-sensitive)
- Six digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The regular expression `Regex_hungary_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_hungary_eu_driver's_license_number` is found.
-
+
+- The regular expression `Regex_hungary_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_hungary_eu_driver's_license_number` is found.
+ ```xml <Entity id="9d31c46b-6e6b-444c-aeb1-6dd7e604bb24" patternsProximity="300" recommendedConfidence="75"> <Pattern confidenceLevel="75">
This sensitive information type is only available for use in:
### Format 11 digits
-
+ ### Pattern 11 digits:
-
+ - One digit that corresponds to gender, 1 for male, 2 for female. Other numbers are also possible for citizens born before 1900 or citizens with double citizenship. - Six digits that correspond to birth date (YYMMDD) - Three digits that correspond to a serial number - One check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The function `Func_hungary_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_hungary_eu_national_id_card` is found.
-
+
+- The function `Func_hungary_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_hungary_eu_national_id_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The function `Func_hungary_eu_national_id_card` finds content that matches the pattern.
-
+
+- The function `Func_hungary_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Hungary Personal Identification Number --> <Entity id="7b5cc218-7046-47d9-80c9-f325b50896ca" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format Two letters followed by six or seven digits with no spaces or delimiters
-
+ ### Pattern Two letters followed by six or seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_hungary_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_hungary_eu_passport_number` is found.
+- The regular expression `Regex_hungary_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_hungary_eu_passport_number` is found.
- The regular expression `Regex_hungary_eu_passport_date` finds date in the format DD MMM/MMM YY (Example - 01 MÁR/MAR 12) or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_hungary_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_hungary_eu_passport_number` is found.
-
+- The regular expression `Regex_hungary_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_hungary_eu_passport_number` is found.
+ ```xml <!-- Hungary Passport Number --> <Entity id="5b483910-9aa7-4c99-9917-f4001464bda7" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format Nine digits without spaces and delimiters
-
+ ### Pattern Nine digits
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The function `Func_hungary_eu_ssn_or_equivalent` finds content that matches the pattern. -- A keyword from `Keywords_hungary_eu_ssn_or_equivalent` is found.
-
+
+- The function `Func_hungary_eu_ssn_or_equivalent` finds content that matches the pattern.
+- A keyword from `Keywords_hungary_eu_ssn_or_equivalent` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The function `Func_hungary_eu_ssn_or_equivalent` finds content that matches the pattern.
-
+
+- The function `Func_hungary_eu_ssn_or_equivalent` finds content that matches the pattern.
+ ```xml <!-- Hungarian Social Security Number (TAJ) --> <Entity id="0de78315-9537-47f5-95ab-b3e77eba3993" patternsProximity="300" recommendedConfidence="85">
This sensitive information type is only available for use in:
### Format 10 digits with no spaces or delimiters
-
+ ### Pattern 10 digits:
-
-- One digit that must be "8" +
+- One digit that must be "8"
- Eight digits - One check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The function `Func_hungary_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_hungary_eu_tax_file_number` is found.
-
+
+- The function `Func_hungary_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_hungary_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The function `Func_hungary_eu_tax_file_number` finds content that matches the pattern.
-
+
+- The function `Func_hungary_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Hungary Tax Identification Number --> <Entity id="ede42eb4-59d9-49eb-9603-d7853fbda91d" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 10 letters or digits:-- Three letters (not case-sensitive)
+- Three letters (not case-sensitive)
- A letter in C, P, H, F, A, T, B, L, J, G (not case-sensitive) - A letter-- Four digits
+- Four digits
- A letter that is an alphabetic check digit ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
#### Keyword_india_permanent_account_number -- Permanent Account Number -- PAN
-
+- Permanent Account Number
+- PAN
+ ## India unique identification (Aadhaar) number ### Format
A DLP policy has low confidence that it's detected this type of sensitive inform
12 digits: - A digit which is not 0 or 1-- Three digits -- An optional space or dash -- Four digits -- An optional space or dash
+- Three digits
+- An optional space or dash
+- Four digits
+- An optional space or dash
- The final digit, which is the check digit ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
- The function Func_india_aadhaar finds content that matches the pattern. - A keyword from Keyword_india_aadhar is found. - The checksum passes.--
+-
A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - The function Func_india_aadhaar finds content that matches the pattern.
A DLP policy has medium confidence that it's detected this type of sensitive inf
</Entity> ``` ### Keywords
-
+ #### Keyword_india_aadhar - aadhaar - aadhar
A DLP policy has medium confidence that it's detected this type of sensitive inf
- uid - आधार - uidai
-
+ ## Indonesia identity card (KTP) number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 16 digits:-- Two-digit province code -- A period (optional) -- Two-digit regency or city code -- Two-digit subdistrict code -- A period (optional) -- Six digits in the format DDMMYY, which are the date of birth -- A period (optional)
+- Two-digit province code
+- A period (optional)
+- Two-digit regency or city code
+- Two-digit subdistrict code
+- A period (optional)
+- Six digits in the format DDMMYY, which are the date of birth
+- A period (optional)
- Four digits ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
``` ### Keywords
-
+ #### Keyword_indonesia_id_card - KTP-- Kartu Tanda Penduduk -- Nomor Induk Kependudukan
-
+- Kartu Tanda Penduduk
+- Nomor Induk Kependudukan
+ ## International banking account number (IBAN) ### Format
Country code (two letters) plus check digits (two digits) plus bban number (up t
Pattern must include all of the following: - Two-letter country code-- Two check digits (followed by an optional space)
+- Two check digits (followed by an optional space)
- 1-7 groups of four letters or digits (can be separated by spaces) - 1-3 letters or digits
A DLP policy has high confidence that it's detected this type of sensitive infor
None
-
+ ## International classification of diseases (ICD-10-CM) ### Format
For IPv6, a DLP policy has high confidence that it's detected this type of sensi
#### Keyword_ipaddress - IP (this keyword is case-sensitive)-- ip address
+- ip address
- ip addresses - internet protocol-- IP-כתובת ה
+- IP-כתובת ה
## Ireland driver's license number ### Format Six digits followed by four letters
-
+ ### Pattern Six digits and four letters:
-
+ - Six digits - Four letters (not case-sensitive)
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
-
-- The regular expression `Regex_ireland_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_ireland_eu_driver's_license_number` is found.
-
+
+- The regular expression `Regex_ireland_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_ireland_eu_driver's_license_number` is found.
+ ```xml <!-- Ireland Driver's License Number --> <Entity id="e01bccd9-eb4d-414f-ace1-e9b6a4c4a2ca" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format Two letters or digits followed by seven digits with no spaces or delimiters
-
+ ### Pattern Two letters or digits followed by seven digits:
-
+ - Two digits or letters (not case-sensitive) - Seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_ireland_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_ireland_eu_passport_number` is found.
+- The regular expression `Regex_ireland_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_ireland_eu_passport_number` is found.
- The regular expression `Regex_ireland_eu_passport_date` finds date in the format DD MMM/MMM YYYY (Example - 01 BEA/MAY 1988) or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_ireland_eu_passport_number` finds content that matches the pattern.
+- The regular expression `Regex_ireland_eu_passport_number` finds content that matches the pattern.
- A keyword from `Keywords_eu_passport_number` or `Keywords_ireland_eu_passport_number` is found.
-
+ ```xml <!-- Ireland Passport Number --> <Entity id="a2130f27-9ee2-4103-84f9-a6b1ee7d0cbf" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format Old format (until 31 December 2012):-- seven digits followed by 1-2 letters
+- seven digits followed by 1-2 letters
New format (1 January 2013 and after): - seven digits followed by two letters
New format (1 January 2013 and after):
### Pattern Old format (until 31 December 2012):-- seven digits -- one to two letters (not case-sensitive)
+- seven digits
+- one to two letters (not case-sensitive)
New format (1 January 2013 and after):-- seven digits -- a letter (not case-sensitive) which is an alphabetic check digit
+- seven digits
+- a letter (not case-sensitive) which is an alphabetic check digit
- An optional letter in the range A-I, or ΓÇ£WΓÇ¥ ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
### Pattern Formatted:-- two digits -- a dash -- three digits -- a dash
+- two digits
+- a dash
+- three digits
+- a dash
- eight digits Unformatted:
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_israel_bank_account_number -- Bank Account Number -- Bank Account -- Account Number -- מספר חשבון בנק
-
+- Bank Account Number
+- Bank Account
+- Account Number
+- מספר חשבון בנק
+ ## Israel national identification number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
-   personal id -   unique id  
-
+ ## Italy driver's license number This type entity is included in the EU Driver's License Number sensitive information type. It is also available as a stand-alone sensitive information type entity.
a combination of 10 letters and digits
### Pattern a combination of 10 letters and digits:-- one letter (not case-sensitive) -- the letter "A" or "V" (not case-sensitive)
+- one letter (not case-sensitive)
+- the letter "A" or "V" (not case-sensitive)
- seven digits - one letter (not case-sensitive)
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_italy_drivers_license_number - numero di patente-- patente di guida
+- patente di guida
- patente guida - patenti di guida - patenti guida
This sensitive information type is only available for use in:
### Format a 16-character combination of letters and digits in the specified pattern
-
+ ### Pattern A 16-character combination of letters and digits:
A 16-character combination of letters and digits:
- two digits that correspond to the day of the month of birth in order to differentiate between genders, 40 is added to the day of birth for women - four digits that correspond to the area code specific to the municipality where the person was born (country-wide codes are used for foreign countries) - one parity digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_italy_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_italy_eu_national_id_card` is found.
-
+- The function `Func_italy_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_italy_eu_national_id_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_italy_eu_national_id_card` finds content that matches the pattern.
-
+- The function `Func_italy_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Italy Fiscal Code --> <Entity id="4cd79172-8da9-4ff5-9188-98b1e7e2eca6" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format two letters or digits followed by seven digits with no spaces or delimiters
-
+ ### Pattern two letters or digits followed by seven digits:
-
+ - two digits or letters (not case-sensitive) - seven digits
-
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_italy_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_italy_eu_passport_number` is found.
+- The regular expression `Regex_italy_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_italy_eu_passport_number` is found.
- The regular expression `Regex_italy_eu_passport_date` finds date in the format DD MMM/MMM YYYY (Example - 01 GEN/JAN 1988) or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_italy_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_italy_eu_passport_number` is found.
-
+- The regular expression `Regex_italy_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_italy_eu_passport_number` is found.
+ ```xml <!-- Italy Passport Number --> <Entity id="39811019-4750-445f-b26d-4c0e6c431544" patternsProximity="300" recommendedConfidence="75">
seven or eight digits
bank account number: - seven or eight digits - bank account branch code:-- four digits -- a space or dash (optional)
+- four digits
+- a space or dash (optional)
- three digits Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
<Match idRef="Keyword_jp_bank_branch_code" /> </Any> </Pattern>
- </Version>
+ </Version>
<Pattern confidenceLevel="75"> <IdMatch idRef="Func_jp_bank_account" /> <Match idRef="Keyword_jp_bank_account" />
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_jp_bank_account -- Checking Account Number -- Checking Account -- Checking Account # -- Checking Acct Number -- Checking Acct # -- Checking Acct No. -- Checking Account No. -- Bank Account Number -- Bank Account -- Bank Account # -- Bank Acct Number -- Bank Acct # -- Bank Acct No. -- Bank Account No. -- Savings Account Number -- Savings Account -- Savings Account # -- Savings Acct Number -- Savings Acct # -- Savings Acct No. -- Savings Account No. -- Debit Account Number -- Debit Account -- Debit Account # -- Debit Acct Number -- Debit Acct # -- Debit Acct No. -- Debit Account No.
+- Checking Account Number
+- Checking Account
+- Checking Account #
+- Checking Acct Number
+- Checking Acct #
+- Checking Acct No.
+- Checking Account No.
+- Bank Account Number
+- Bank Account
+- Bank Account #
+- Bank Acct Number
+- Bank Acct #
+- Bank Acct No.
+- Bank Account No.
+- Savings Account Number
+- Savings Account
+- Savings Account #
+- Savings Acct Number
+- Savings Acct #
+- Savings Acct No.
+- Savings Account No.
+- Debit Account Number
+- Debit Account
+- Debit Account #
+- Debit Acct Number
+- Debit Acct #
+- Debit Acct No.
+- Debit Account No.
- 口座番号 - 銀行口座 - 銀行口座番号
A DLP policy has low confidence that it's detected this type of sensitive inform
- 個人識別ナンバー - 通知カード
-
+ ## Japan passport number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
12 letters and digits: - two letters (not case-sensitive)-- eight digits
+- eight digits
- two letters (not case-sensitive) ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_jp_resident_registration_number - Resident Registration Number-- Residents Basic Registry Number -- Resident Registration No. -- Resident Register No. -- Residents Basic Registry No. -- Basic Resident Register No.
+- Residents Basic Registry Number
+- Resident Registration No.
+- Resident Register No.
+- Residents Basic Registry No.
+- Basic Resident Register No.
- 外国人登録証明書番号 - 証明書番号 - 登録番号 - 外国人登録証
-
+ ## Japan social insurance number (SIN) ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 7-12 digits:-- four digits -- a hyphen (optional)
+- four digits
+- a hyphen (optional)
- six digits OR - 7-12 consecutive digits
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_jp_sin -- Social Insurance No. -- Social Insurance Num -- Social Insurance Number
+- Social Insurance No.
+- Social Insurance Num
+- Social Insurance Number
- 健康保険被保険者番号 - 健保番号 - 基礎年金番号
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format three letters followed by six digits
-
+ ### Pattern three letters and six digits:
-
-- three letters (not case-sensitive) +
+- three letters (not case-sensitive)
- six digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_latvia_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_latvia_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_latvia_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_latvia_eu_driver's_license_number` is found.
+ ```xml <!-- Latvia Driver's License Number --> <Entity id="ec996de0-30f2-46b1-b192-4d2ff8805fa7" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 11 digits and an optional hyphen
-
+ ### Pattern Old format 11 digits and a hyphen:
-
-- six digits that correspond to the birth date (DDMMYY) +
+- six digits that correspond to the birth date (DDMMYY)
- a hyphen - one digit that corresponds to the century of birth ("0" for 19th century, "1" for 20th century, and "2" for 21st century) - four digits, randomly generated
New format
- Two digits "32" - Nine digits
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_latvia_eu_national_id_card` or the regex `Regex_latvia_eu_national_id_card_new_format` finds content that matches the pattern. -- A keyword from `Keywords_latvia_eu_national_id_card` is found.
-
+- The function `Func_latvia_eu_national_id_card` or the regex `Regex_latvia_eu_national_id_card_new_format` finds content that matches the pattern.
+- A keyword from `Keywords_latvia_eu_national_id_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_latvia_eu_national_id_card` or the regex `Regex_latvia_eu_national_id_card_new_format` finds content that matches the pattern.
-
+- The function `Func_latvia_eu_national_id_card` or the regex `Regex_latvia_eu_national_id_card_new_format` finds content that matches the pattern.
+ ```xml <!-- Latvia Personal Code --> <Entity id="03fcf763-27c2-49ed-9422-2641c6c895c9" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format two letters or digits followed by seven digits with no spaces or delimiters
-
+ ### Pattern two letters or digits followed by seven digits:
-
+ - two digits or letters (not case-sensitive) - seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_latvia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_latvia_eu_passport_number` is found.
+- The regular expression `Regex_latvia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_latvia_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_latvia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_latvia_eu_passport_number` is found.
-
+- The regular expression `Regex_latvia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_latvia_eu_passport_number` is found.
+ ```xml <!-- Latvia Passport Number --> <Entity id="23ae25ec-cc28-421b-b77a-3054eadf1ede" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight digits without spaces and delimiters
-
+ ### Pattern
-eight digits
-
+eight digits
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_lithuania_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_lithuania_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_lithuania_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_lithuania_eu_driver's_license_number` is found.
+ ```xml <!-- Lithuania Driver's License Number --> <Entity id="86f7628b-e0f4-4dc3-9fbc-e4300e4c7d78" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format 11 digits without spaces and delimiters
-
+ ### Pattern 11 digits without spaces and delimiters:
-
+ - one digit (1-6) that corresponds to the person's gender and century of birth-- six digits that correspond to birth date (YYMMDD)
+- six digits that correspond to birth date (YYMMDD)
- three digits that correspond to the serial number of the date of birth - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_lithuania_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_lithuania_eu_tax_file_number` is found.
-
+- The function `Func_lithuania_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_lithuania_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_lithuania_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_lithuania_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Lithuania Personal Code --> <Entity id="cd6d3786-8ec3-4524-a2cf-1e0095379171" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight digits or letters with no spaces or delimiters
-
+ ### Pattern eight digits or letters (not case-sensitive)
-
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_lithuania_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_lithuania_eu_passport_number` is found.
+- The regular expression `Regex_lithuania_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_lithuania_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date3` finds date in the format DD MM YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_lithuania_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_lithuania_eu_passport_number` is found.
-
+- The regular expression `Regex_lithuania_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_lithuania_eu_passport_number` is found.
+ ```xml <!-- Lithuania Passport Number --> <Entity id="1b79900f-047b-4c3f-846f-7d73b5534bce" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format six digits without spaces and delimiters
-
+ ### Pattern
-six digits
-
+six digits
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_luxemburg_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_luxemburg_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_luxemburg_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_luxemburg_eu_driver's_license_number` is found.
+ ```xml <!-- Luxemburg Driver's License Number --> <Entity id="89daf717-1544-4860-9a2e-fc9166dd8852" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format 13 digits with no spaces or delimiters
-
+ ### Pattern 13 digits:
-
-- 11 digits +
+- 11 digits
- two check digits
-
+ ### Checksum yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_luxemburg_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_luxemburg_eu_national_id_card` is found.
+- The function `Func_luxemburg_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_luxemburg_eu_national_id_card` is found.
A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_luxemburg_eu_tax_file_number` finds content that matches the pattern.
+- The function `Func_luxemburg_eu_tax_file_number` finds content that matches the pattern.
```xml
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight digits or letters with no spaces or delimiters
-
+ ### Pattern eight digits or letters (not case-sensitive)
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_luxemburg_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_luxemburg_eu_passport_number` is found.
+- The regular expression `Regex_luxemburg_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_luxemburg_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date3` finds date in the format DD MM YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_luxemburg_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_luxemburg_eu_passport_number` is found.
-
+- The regular expression `Regex_luxemburg_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_luxemburg_eu_passport_number` is found.
+ ```xml <!-- Luxemburg Passport Number --> <Entity id="81d5c027-bed9-4421-91a0-3b2e55b3eb85" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 11 digits
-
+ ### Pattern 11 digits
-
+ - two digits-- an optional space -- three digits - an optional space-- three digits
+- three digits
+- an optional space
+- three digits
- an optional space - two digits - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_luxemburg_eu_tax_file_number_non_natural` finds content that matches the pattern. -- A keyword from `Keywords_luxemburg_eu_tax_file_number` is found.
-
+- The function `Func_luxemburg_eu_tax_file_number_non_natural` finds content that matches the pattern.
+- A keyword from `Keywords_luxemburg_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_luxemburg_eu_tax_file_number_non_natural` finds content that matches the pattern.
-
+- The function `Func_luxemburg_eu_tax_file_number_non_natural` finds content that matches the pattern.
+ ```xml <!-- Luxemburg National Identification Number (Non-natural persons) --> <Entity id="84bffa3a-d805-4788-a613-b1e4df3804cf" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 12 digits:-- six digits in the format YYMMDD, which are the date of birth -- a dash (optional) -- two-letter place-of-birth code -- a dash (optional) -- three random digits
+- six digits in the format YYMMDD, which are the date of birth
+- a dash (optional)
+- two-letter place-of-birth code
+- a dash (optional)
+- three random digits
- one-digit gender code ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
``` ### Keywords
-
+ #### Keyword_malaysia_id_card_number - digital application card
A DLP policy has high confidence that it's detected this type of sensitive infor
### Format Combination of two characters and six digits in the specified pattern
-
+ ### Pattern combination of two characters and six digits:
-
+ - two characters (digits or letters, not case-sensitive) - a space (optional) - three digits - a space (optional) - three digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_malta_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_malta_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_malta_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_malta_eu_driver's_license_number` is found.
+ ```xml <!-- Malta Driver's License Number --> <Entity id="a3bdaa4a-8371-4735-8fa5-56ee0fb4afc4" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format seven digits followed by one letter
-
+ ### Pattern seven digits followed by one letter:
-
-- seven digits +
+- seven digits
- one letter in "M, G, A, P, L, H, B, Z" (case insensitive)
-
+ ### Checksum Not applicable
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_malta_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_malta_eu_national_id_card` is found.
-
+- The regular expression `Regex_malta_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_malta_eu_national_id_card` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_malta_eu_national_id_card` finds content that matches the pattern.
-
+- The regular expression `Regex_malta_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Malta Identity Card Number --> <Entity id="854b36b3-a388-4ac8-a4ec-677c2b5e4356" patternsProximity="300" recommendedConfidence="75">
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format seven digits without spaces or delimiters
-
+ ### Pattern
-seven digits
-
+seven digits
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_malta_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_malta_eu_passport_number` is found.
+- The regular expression `Regex_malta_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_malta_eu_passport_number` is found.
- A keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_malta_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_malta_eu_passport_number` is found.
-
+- The regular expression `Regex_malta_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_malta_eu_passport_number` is found.
+ ```xml <!-- Malta Passport Number --> <Entity id="b2b21198-48f9-4d13-b2a5-03969bff0fb8" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
For Maltese nationals: - seven digits and one letter in the specified pattern
-
+ Non-Maltese nationals and Maltese entities: - nine digits
-
+ ### Pattern Maltese nationals: seven digits and one letter
-
-- seven digits +
+- seven digits
- one letter (not case-sensitive)
-
+ Non-Maltese nationals and Maltese entities: nine digits
-
-- nine digits
-
+
+- nine digits
+ ### Checksum Not applicable
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regex `Regex_malta_eu_tax_file_number` or `Regex_malta_eu_tax_file_number_non_maltese_national` finds content that matches the pattern. -- A keyword from `Keywords_malta_eu_tax_file_number` is found.
-
+- The regex `Regex_malta_eu_tax_file_number` or `Regex_malta_eu_tax_file_number_non_maltese_national` finds content that matches the pattern.
+- A keyword from `Keywords_malta_eu_tax_file_number` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regex `Regex_malta_eu_tax_file_number` or `Regex_malta_eu_tax_file_number_non_maltese_national` finds content that matches the pattern.
-
+- The regex `Regex_malta_eu_tax_file_number` or `Regex_malta_eu_tax_file_number_non_maltese_national` finds content that matches the pattern.
+ ```xml <!-- Malta Tax ID Number --> <Entity id="ec830c63-65f4-45d0-9d8c-910dc8334b20" patternsProximity="300" recommendedConfidence="75">
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format 11 character alphanumeric pattern
-
+ ### Pattern - one digit between 1 to 9
A DLP policy has low confidence that it's detected this type of sensitive inform
- an optional Hyphen - two letters excluding S, L, O, I, B, Z - two digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_mbi_card` finds content that matches the pattern. -- A keyword from `Keyword_mbi_card` is found.
-
+- The regular expression `Regex_mbi_card` finds content that matches the pattern.
+- A keyword from `Keyword_mbi_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_mbi_card` finds content that matches the pattern.
-
+- The regular expression `Regex_mbi_card` finds content that matches the pattern.
+ ```xml <!-- Medicare Beneficiary Identifier (MBI) card --> <Entity id="f753a286-f5cc-47e6-a592-4be25fd02591" patternsProximity="300" recommendedConfidence="75" relaxProximity="true">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 18 character alphanumeric pattern
-
+ ### Pattern - four letters (case insensitive)
A DLP policy has medium confidence that it's detected this type of sensitive inf
- three letters - one letter or digit - one digit
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_mexico_population_registry_code` finds content that matches the pattern. -- A keyword from `Keyword_mexico_population_registry_code` is found.
-
+- The function `Func_mexico_population_registry_code` finds content that matches the pattern.
+- A keyword from `Keyword_mexico_population_registry_code` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_mexico_population_registry_code` finds content that matches the pattern.
-
+- The function `Func_mexico_population_registry_code` finds content that matches the pattern.
+ ```xml <!-- Mexico Unique Population Registry Code (CURP) --> <Entity id="e905ad4d-5a74-406d-bf36-b1efca798af4" patternsProximity="300" recommendedConfidence="75" relaxProximity="true">
eight or nine digits containing optional spaces
### Pattern eight-nine digits:-- three digits -- a space (optional) -- three digits -- a space (optional)
+- three digits
+- a space (optional)
+- three digits
+- a space (optional)
- two-three digits ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
### Keywords #### Keywords_netherlands_eu_national_id_card
-
+ - bsn# - bsn - burgerservicenummer
A DLP policy has high confidence that it's detected this type of sensitive infor
### Format 10 digits without spaces and delimiters
-
+ ### Pattern 10 digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_netherlands_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_netherlands_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_netherlands_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_netherlands_eu_driver's_license_number` is found.
+ ```xml <!-- Netherlands Driver's License Number --> <Entity id="6247fbea-ab80-4be5-8233-308b7c031401" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine letters or digits with no spaces or delimiters
-
+ ### Pattern nine letters or digits
-
+ ### Checksum not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_netherlands_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_netherlands_eu_passport_number` is found.
+- The regular expression `Regex_netherlands_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_netherlands_eu_passport_number` is found.
- The regular expression `Regex_netherlands_eu_passport_date` finds date in the format DD MMM/MMM YYYY (Example - 26 MAA/MAR 2012) A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_netherlands_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_netherlands_eu_passport_number` is found.
-
+- The regular expression `Regex_netherlands_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_netherlands_eu_passport_number` is found.
+ ```xml <!-- Netherlands Passport Number --> <Entity id="61786727-bafd-45f6-94d9-888d815e228e" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format nine digits without spaces or delimiters
-
+ ### Pattern
-nine digits
-
+nine digits
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_netherlands_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_netherlands_eu_tax_file_number` is found.
-
+- The function `Func_netherlands_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_netherlands_eu_tax_file_number` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_netherlands_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_netherlands_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Netherlands Tax Identification Number --> <Entity id="01f42a64-eba7-4892-a67b-398237e4ade2" patternsProximity="300" recommendedConfidence="85">
eight character alphanumeric pattern
eight character alphanumeric pattern -- two letters
+- two letters
- six digits ### Checksum
three letters, a space (optional), and four digits
### Pattern - three letters (not case-sensitive) except 'I' and 'O'-- a space (optional)
+- a space (optional)
- four digits ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
- social welfare number - swn#
-
+ ## Norway identification number ### Format
A DLP policy has low confidence that it's detected this type of sensitive inform
### Pattern 11 digits:-- six digits in the format DDMMYY, which are the date of birth -- three-digit individual number
+- six digits in the format DDMMYY, which are the date of birth
+- three-digit individual number
- two check digits ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Personnummer - F├╕dselsnummer
-
+ ## Philippines unified multi-purpose identification number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 12 digits:-- four digits -- a hyphen -- seven digits -- a hyphen
+- four digits
+- a hyphen
+- seven digits
+- a hyphen
- one digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
``` ### Keywords
-
+ #### Keyword_philippines_id -- Unified Multi-Purpose ID -- UMID -- Identity Card
+- Unified Multi-Purpose ID
+- UMID
+- Identity Card
- Pinag-isang Multi-Layunin ID ## Poland driver's license number
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format 14 digits containing two forward slashes
-
+ ### Pattern 14 digits and two forward slashes:
-
-- five digits +
+- five digits
- a forward slash - two digits - a forward slash - seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_poland_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_poland_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_poland_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_poland_eu_driver's_license_number` is found.
+ ```xml <!-- Poland Driver's License Number --> <Entity id="24d51f99-ee9e-4060-a077-cae58cab1ee4" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
- Dowód Tożsamości - dow. os.
-
+ ## Poland national ID (PESEL) ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
- pesel - tożsamości narodowej
-
+ ## Poland passport number This sensitive information type entity is included in the EU Passport Number sensitive information type. It's also available as a stand-alone sensitive information type entity.
This sensitive information type is only available for use in:
nine digit or 14-digit number: - nine digits
-or
+or
- nine digits - hyphen - five digits
This sensitive information type is only available for use in:
### Format 11 digits with no spaces or delimiters
-
+ ### Pattern 11 digits
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_poland_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_poland_eu_tax_file_number` is found.
-
-
+- The function `Func_poland_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_poland_eu_tax_file_number` is found.
++ ```xml <!-- Poland Tax Identification Number --> <Entity id="1ff28b4d-40f2-49e9-b677-9606a88e2bca" patternsProximity="300" recommendedConfidence="85">
A DLP policy has high confidence that it's detected this type of sensitive infor
- vatid# - vatid - vatno#
-
+ ## Portugal citizen card number
A DLP policy has high confidence that it's detected this type of sensitive infor
### Format two patterns - two letters followed by 5-8 digits with special characters
-
+ ### Pattern Pattern 1:
Two letters followed by 5/6 with special characters:
- A space - One digit
-Pattern 2:
+Pattern 2:
One letter followed by 6/8 digits with special characters: - One letter (not case-sensitive) - A hyphen
One letter followed by 6/8 digits with special characters:
- A space - One digit
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_portugal_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_portugal_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_portugal_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_portugal_eu_driver's_license_number` is found.
+ ```xml <!-- Portugal Driver's License Number --> <Entity id="977f1e5a-2c33-4bcc-b516-95bb275cff23" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format one letter followed by six digits with no spaces or delimiters
-
+ ### Pattern one letter followed by six digits:
-
+ - one letter (not case-sensitive) - six digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_portugal_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_portugal_eu_passport_number` is found.
+- The regular expression `Regex_portugal_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_portugal_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_portugal_eu_passport_number` finds content that matches the pattern.
+- The regular expression `Regex_portugal_eu_passport_number` finds content that matches the pattern.
- A keyword from `Keywords_eu_passport_number` or `Keywords_portugal_eu_passport_number` is found.
-
+ ```xml <!-- Portugal Passport Number --> <Entity id="080a52fd-a7bc-431e-b54d-51f08f59db11" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine digits with optional spaces
-
+ ### Pattern - three digits
nine digits with optional spaces
- three digits - an optional space - three digits
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_portugal_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_portugal_eu_tax_file_number` is found.
-
+- The function `Func_portugal_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_portugal_eu_tax_file_number` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_portugal_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_portugal_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Portugal Tax Identification Number --> <Entity id="65372402-3131-4f1e-9983-4439841d1f15" patternsProximity="300" recommendedConfidence="85">
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format one character followed by eight digits
-
+ ### Pattern one character followed by eight digits:-- one letter (not case-sensitive) or digit
+- one letter (not case-sensitive) or digit
- eight digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_romania_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_romania_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_romania_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_romania_eu_driver's_license_number` is found.
+ ```xml <!-- Romania Driver's License Number --> <Entity id="b5511ace-2fd8-4ae4-b6fc-c7c6e4689e3c" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format 13 digits without spaces and delimiters
-
+ ### Pattern - one digit from 1-9
This sensitive information type is only available for use in:
### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_romania_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_romania_eu_national_id_card` is found.
-
+- The function `Func_romania_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_romania_eu_national_id_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_romania_eu_national_id_card` finds content that matches the pattern.
-
+- The function `Func_romania_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Romania Personal Numerical Code (CNP) --> <Entity id="eb5fa399-fe28-4c67-8188-d63a616ed89c" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight or nine digits without spaces and delimiters
-
+ ### Pattern eight or nine digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_romania_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_romania_eu_passport_number` is found.
+- The regular expression `Regex_romania_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_romania_eu_passport_number` is found.
- The regular expression `Regex_romania_eu_passport_date` finds date in the format DD MMM/MMM YY (Example- 01 FEB/FEB 10) or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_romania_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_romania_eu_passport_number` is found.
-
+- The regular expression `Regex_romania_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_romania_eu_passport_number` is found.
+ ```xml <!-- Romania Passport Number --> <Entity id="5d31b90c-7fe2-4a76-a14b-767b8fd19d6c" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_saudi_arabia_national_id -- Identification Card -- I card number -- ID number -- الوطنية الهوية بطاقة رقم
+- Identification Card
+- I card number
+- ID number
+- الوطنية الهوية بطاقة رقم
+
-
## Singapore national registration identity card (NRIC) number ### Format
nine letters and digits
### Pattern - nine letters and digits:-- the letter "F", "G", "S", or "T" (not case-sensitive) -- seven digits
+- the letter "F", "G", "S", or "T" (not case-sensitive)
+- seven digits
- an alphabetic check digit ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
``` ### Keywords
-
+ #### Keyword_singapore_nric -- National Registration Identity Card -- Identity Card Number -- NRIC -- IC -- Foreign Identification Number -- FIN -- 身份证 -- 身份證
+- National Registration Identity Card
+- Identity Card Number
+- NRIC
+- IC
+- Foreign Identification Number
+- FIN
+- 身份证
+- 身份證
## Slovakia driver's license number ### Format one character followed by seven digits
-
+ ### Pattern one character followed by seven digits
-
+ - one letter (not case-sensitive) or digit-- seven digits
-
+- seven digits
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_slovakia_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_slovakia_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_slovakia_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_slovakia_eu_driver's_license_number` is found.
+ ```xml <!-- Slovakia Driver's License Number --> <Entity id="14240c22-b6de-4ce5-a90b-137f74252513" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format nine or 10 digits containing optional backslash
-
+ ### Pattern - six digits representing date of birth - optional slash (/) - three digits - one optional check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_slovakia_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_slovakia_eu_national_id_card` is found.
-
+- The function `Func_slovakia_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_slovakia_eu_national_id_card` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_slovakia_eu_national_id_card` finds content that matches the pattern.
-
+- The function `Func_slovakia_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Slovakia Personal Number --> <Entity id="951c26b7-3b35-4f73-924b-15dd599cb9ab" patternsProximity="300" recommendedConfidence="85">
A DLP policy has low confidence that it's detected this type of sensitive inform
### Format one digit or letter followed by seven digits with no spaces or delimiters
-
+ ### Pattern one digit or letter (not case-sensitive) followed by seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_slovakia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_slovakia_eu_passport_number` is found.
+- The regular expression `Regex_slovakia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_slovakia_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_slovakia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_slovakia_eu_passport_number` is found.
-
+- The regular expression `Regex_slovakia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_slovakia_eu_passport_number` is found.
+ ```xml <!-- Slovakia Passport Number --> <Entity id="238e1f08-d80e-4793-af33-9b57918335b7" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format nine digits without spaces and delimiters
-
+ ### Pattern nine digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_slovenia_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_slovenia_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_slovenia_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_slovenia_eu_driver's_license_number` is found.
+ ```xml <!-- Slovenia Driver's License Number --> <Entity id="d5bc089a-f2ee-433d-a6b1-5c253051d6f2" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format 13 digits without spaces or delimiters
-
+ ### Pattern 13 digits in the specified pattern:
-
-- seven digits that correspond to the birth date (DDMMLLL) where "LLL" corresponds to the last three digits of the birth year +
+- seven digits that correspond to the birth date (DDMMLLL) where "LLL" corresponds to the last three digits of the birth year
- two digits that correspond to the area of birth "50" - three digits that correspond to a combination of gender and serial number for persons born on the same day. 000-499 for male and 500-999 for female. - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_slovenia_eu_national_id_card` finds content that matches the pattern. -- A keyword from `Keywords_slovenia_eu_national_id_card` is found.
-
+- The function `Func_slovenia_eu_national_id_card` finds content that matches the pattern.
+- A keyword from `Keywords_slovenia_eu_national_id_card` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_slovenia_eu_national_id_card` finds content that matches the pattern.
-
+- The function `Func_slovenia_eu_national_id_card` finds content that matches the pattern.
+ ```xml <!-- Slovenia Unique Master Citizen Number --> <Entity id="68948b27-803d-41e4-adf1-13e05eb541bb" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format two letters followed by seven digits with no spaces or delimiters
-
+ ### Pattern two letters followed by seven digits:
-
+ - the letter "P" - one uppercase letter - seven digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_slovenia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_slovenia_eu_passport_number` is found.
+- The regular expression `Regex_slovenia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_slovenia_eu_passport_number` is found.
- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_slovenia_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_slovenia_eu_passport_number` is found.
-
+- The regular expression `Regex_slovenia_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_slovenia_eu_passport_number` is found.
+ ```xml <!-- Slovenia Passport Number --> <Entity id="235b7976-7bbe-4df5-bb40-08678e749d1a" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format eight digits with no spaces or delimiters
-
+ ### Pattern - one digit from 1-9 - six digits - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_slovenia_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_slovenia_eu_tax_file_number` is found.
-
+- The function `Func_slovenia_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_slovenia_eu_tax_file_number` is found.
+ A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_slovenia_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_slovenia_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Slovenia Tax Identification Number --> <Entity id="e47b071e-c352-4d70-8241-8c215ad65505" patternsProximity="300" recommendedConfidence="85">
A DLP policy has low confidence that it's detected this type of sensitive inform
### Pattern 13 digits:-- six digits in the format YYMMDD, which are the date of birth -- four digits -- a single-digit citizenship indicator -- the digit "8" or "9"
+- six digits in the format YYMMDD, which are the date of birth
+- four digits
+- a single-digit citizenship indicator
+- the digit "8" or "9"
- one digit, which is a checksum digit ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
``` ### Keywords
-
+ #### Keyword_south_africa_identification_number - Identity card - ID-- Identification
-
+- Identification
+ ## South Korea resident registration number ### Format
A DLP policy has high confidence that it's detected this type of sensitive infor
### Pattern 13 digits:-- six digits in the format YYMMDD, which are the date of birth -- a hyphen -- one digit determined by the century and gender -- four-digit region-of-birth code -- one digit used to differentiate people for whom the preceding numbers are identical
+- six digits in the format YYMMDD, which are the date of birth
+- a hyphen
+- one digit determined by the century and gender
+- four-digit region-of-birth code
+- one digit used to differentiate people for whom the preceding numbers are identical
- a check digit. ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
``` ### Keywords
-
+ #### Keyword_south_korea_resident_number -- National ID card -- Citizen's Registration Number -- Jumin deungnok beonho -- RRN
+- National ID card
+- Citizen's Registration Number
+- Jumin deungnok beonho
+- RRN
- 주민등록번호 ## Spain driver's license number
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format eight digits followed by one character
-
+ ### Pattern eight digits followed by one character:
-
-- eight digits +
+- eight digits
- one digit or letter (not case-sensitive)
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_spain_eu_driver's_license_number` is found.
+- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_spain_eu_driver's_license_number` is found.
A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern.
-
+- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern.
+ ```xml <!-- Spain Driver's License Number --> <Entity id="d5a82922-b501-4f40-8868-341321146aa2" patternsProximity="300" recommendedConfidence="75">
This sensitive information type is only available for use in:
### Format eight digits followed by one character
-
+ ### Pattern seven digits followed by one character
-
+ - eight digits - An optional space or hyphen - one check letter (not case-sensitive)
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern. -- A keyword from `Keywords_spain_eu_national_id_card"` is found.
+- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern.
+- A keyword from `Keywords_spain_eu_national_id_card"` is found.
A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern.
+- The function `Func_spain_eu_DL_and_NI_number_citizen` or `Func_spain_eu_DL_and_NI_number_foreigner` finds content that matches the pattern.
+
-
```xml <!-- Spain DNI --> <Entity id="8e6251b9-47b4-40e8-a42b-0f80876be192" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Format an eight- or nine-character combination of letters and numbers with no spaces or delimiters
-
+ ### Pattern an eight- or nine-character combination of letters and numbers:
-
-- two digits or letters +
+- two digits or letters
- one digit or letter (optional) - six digits
-
+ ### Checksum Not applicable
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_spain_eu_passport_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_passport_number` or `Keywords_spain_eu_passport_number` is found.
+- The regular expression `Regex_spain_eu_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_spain_eu_passport_number` is found.
- The regular expression `Regex_spain_eu_passport_date` finds date in the format DD-MM-YYYY or a keyword from `Keywords_eu_passport_date` is found A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_spain_eu_passport_number` finds content that matches the pattern.
+- The regular expression `Regex_spain_eu_passport_number` finds content that matches the pattern.
- A keyword from `Keywords_eu_passport_number` or `Keywords_spain_eu_passport_number` is found.
-
+ ```xml <!-- Spain Passport Number --> <Entity id="d17a57de-9fa5-4e9f-85d3-85c26d89686e" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 11-12 digits:-- two digits -- a forward slash (optional) -- seven to eight digits -- a forward slash (optional)
+- two digits
+- a forward slash (optional)
+- seven to eight digits
+- a forward slash (optional)
- two digits ### Checksum
Yes
A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - The function Func_spanish_social_security_number finds content that matches the pattern. - The checksum passes.-+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - The function Func_spanish_social_security_number finds content that matches the pattern.
This sensitive information type is only available for use in:
### Format seven or eight digits and one or two letters in the specified pattern
-
+ ### Pattern Spanish Natural Persons with a Spain National Identity Card:
-
-- eight digits -- one uppercase letter (case-sensitive)
-
+
+- eight digits
+- one uppercase letter (case-sensitive)
+ Non-resident Spaniards without a Spain National Identity Card
-
+ - one uppercase letter "L" (case-sensitive) - seven digits-- one uppercase letter (case-sensitive)
-
+- one uppercase letter (case-sensitive)
+ Resident Spaniards under the age of 14 years without a Spain National Identity Card:
-
+ - one uppercase letter "K" (case-sensitive)-- seven digits
+- seven digits
- one uppercase letter (case-sensitive)
-
+ Foreigners with a Foreigner's Identification Number
-
-- one uppercase letter that is "X", "Y", or "Z" (case-sensitive) +
+- one uppercase letter that is "X", "Y", or "Z" (case-sensitive)
- seven digits-- one uppercase letter (case-sensitive)
-
+- one uppercase letter (case-sensitive)
+ Foreigners without a Foreigner's Identification Number
-
-- one uppercase letter that is "M" (case-sensitive) +
+- one uppercase letter that is "M" (case-sensitive)
- seven digits-- one uppercase letter (case-sensitive)
-
+- one uppercase letter (case-sensitive)
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_spain_eu_tax_file_number` or `Func_spain_eu_DL_and_NI_number_citizen` finds content that matches the pattern. -- A keyword from `Keywords_spain_eu_tax_file_number` is found.
-
+- The function `Func_spain_eu_tax_file_number` or `Func_spain_eu_DL_and_NI_number_citizen` finds content that matches the pattern.
+- A keyword from `Keywords_spain_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_spain_eu_tax_file_number` or `Func_spain_eu_DL_and_NI_number_citizen` finds content that matches the pattern.
-
+- The function `Func_spain_eu_tax_file_number` or `Func_spain_eu_DL_and_NI_number_citizen` finds content that matches the pattern.
+ ```xml <!-- Spain Tax Identification Number --> <Entity id="10f0d113-b0e1-47dc-872a-a4f45b9376a3" patternsProximity="300" recommendedConfidence="85">
This sensitive information type identifies these keywords by using a regular exp
### Format 10 digits containing a hyphen
-
+ ### Pattern 10 digits containing a hyphen:
-
-- six digits +
+- six digits
- a hyphen - four digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression `Regex_sweden_eu_driver's_license_number` finds content that matches the pattern. -- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_sweden_eu_driver's_license_number` is found.
-
+- The regular expression `Regex_sweden_eu_driver's_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keywords_sweden_eu_driver's_license_number` is found.
+ ```xml <!-- Sweden Driver's License Number --> <Entity id="70088720-90dd-47f5-805e-5525f3567391" patternsProximity="300" recommendedConfidence="75">
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 10 or 12 digits and an optional delimiter:-- two digits (optional) -- Six digits in date format YYMMDD
+- two digits (optional)
+- Six digits in date format YYMMDD
- delimiter of "-" or "+" (optional) - four digits
A DLP policy has medium confidence that it's detected this type of sensitive inf
- personnummer# - personnummer - skatteidentifikationsnummer
-
+ ## Sweden passport number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
``` ### Keywords
-
+ #### Keywords_eu_passport_number - passport#
This sensitive information type is only available for use in:
### Format 10 digits and a symbol in the specified pattern
-
+ ### Pattern 10 digits and a symbol:
-
-- six digits that correspond to the birth date (YYMMDD) +
+- six digits that correspond to the birth date (YYMMDD)
- a plus sign or minus sign-- three digits that make the identification number unique where:
+- three digits that make the identification number unique where:
- for numbers issued before 1990, the seventh and eighth digit identify the county of birth or foreign-born people - the digit in the ninth position indicates gender by either odd for male or even for female - one check digit
-
+ ### Checksum Yes
-
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_sweden_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_sweden_eu_tax_file_number` is found.
-
+- The function `Func_sweden_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_sweden_eu_tax_file_number` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_sweden_eu_tax_file_number` finds content that matches the pattern.
-
+- The function `Func_sweden_eu_tax_file_number` finds content that matches the pattern.
+ ```xml <!-- Sweden Tax Identification Number --> <Entity id="139acba0-a5bc-4fbb-876d-f7a493ae8a40" patternsProximity="300" recommendedConfidence="85">
four letters followed by 5-31 letters or digits
### Pattern four letters followed by 5-31 letters or digits:-- four-letter bank code (not case-sensitive) -- an optional space -- 4-28 letters or digits (the Basic Bank Account Number (BBAN)) -- an optional space
+- four-letter bank code (not case-sensitive)
+- an optional space
+- 4-28 letters or digits (the Basic Bank Account Number (BBAN))
+- an optional space
- one to three letters or digits (remainder of the BBAN) ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
``` ### Keywords
-
+ #### Keyword_swift - international organization for standardization 9362
A DLP policy has medium confidence that it's detected this type of sensitive inf
- identification personnelle id - numéro de sécurité sociale
-
+ ## Taiwan national identification number ### Format
one letter (in English) followed by nine digits
### Pattern one letter (in English) followed by nine digits:-- one letter (in English, not case-sensitive) -- the digit "1" or "2"
+- one letter (in English, not case-sensitive)
+- the digit "1" or "2"
- eight digits ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_taiwan_national_id -- 身份證字號 -- 身份證 -- 身份證號碼 -- 身份證號 -- 身分證字號 -- 身分證 -- 身分證號碼 -- 身份證號 -- 身分證統一編號 -- 國民身分證統一編號 -- 簽名 -- 蓋章 -- 簽名或蓋章 -- 簽章
-
+- 身份證字號
+- 身份證
+- 身份證號碼
+- 身份證號
+- 身分證字號
+- 身分證
+- 身分證號碼
+- 身份證號
+- 身分證統一編號
+- 國民身分證統一編號
+- 簽名
+- 蓋章
+- 簽名或蓋章
+- 簽章
+ ## Taiwan passport number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern biometric passport number:-- the character "3"
+- the character "3"
- eight digits non-biometric passport number:
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_taiwan_passport -- ROC passport number -- Passport number -- Passport no -- Passport Num -- Passport # -- 护照 -- 中華民國護照
+- ROC passport number
+- Passport number
+- Passport no
+- Passport Num
+- Passport #
+- 护照
+- 中華民國護照
- Zhōnghuá Mínguó hùzhào
-
+ ## Taiwan-resident certificate (ARC/TARC) number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 10 letters and digits:-- two letters (not case-sensitive)
+- two letters (not case-sensitive)
- eight digits ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_taiwan_resident_certificate -- Resident Certificate -- Resident Cert -- Resident Cert. -- Identification card -- Alien Resident Certificate -- ARC -- Taiwan Area Resident Certificate -- TARC -- 居留證 -- 外僑居留證 -- 台灣地區居留證
+- Resident Certificate
+- Resident Cert
+- Resident Cert.
+- Identification card
+- Alien Resident Certificate
+- ARC
+- Taiwan Area Resident Certificate
+- TARC
+- 居留證
+- 外僑居留證
+- 台灣地區居留證
## Thai population identification code
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 13 digits:-- first digit isn't zero or nine
+- first digit isn't zero or nine
- 12 digits ### Checksum
A DLP policy has medium confidence that it's detected this type of sensitive inf
- รหัสบัตรประชาชน - บัตรประชาชน - รหัสบัตรประชาชน
-
+ ## Turkish national identification number ### Format
Combination of 18 letters and digits in the specified format
### Pattern 18 letters and digits:-- Five letters (not case-sensitive) or the digit "9" in place of a letter.
+- Five letters (not case-sensitive) or the digit "9" in place of a letter.
- One digit. - Five digits in the date format MMDDY for date of birth. The seventh character is incremented by 50 if driver is female; for exampe, 51 to 62 instead of 01 to 12.-- Two letters (not case-sensitive) or the digit "9" in place of a letter.
+- Two letters (not case-sensitive) or the digit "9" in place of a letter.
- Five digits. ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
- dlno - dl number
-
+ ## U.K. electoral roll number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_uk_electoral -- council nomination -- nomination form -- electoral register
+- council nomination
+- nomination form
+- electoral register
- electoral roll
-
+ ## U.K. national health service number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
### Pattern 10-17 digits:-- either 3 or 10 digits -- a space -- three digits -- a space
+- either 3 or 10 digits
+- a space
+- three digits
+- a space
- four digits ### Checksum
A DLP policy has high confidence that it's detected this type of sensitive infor
``` ### Keywords
-
+ #### Keyword_uk_nhs_number -- national health service -- nhs -- health services authority
+- national health service
+- nhs
+- health services authority
- health authority #### Keyword_uk_nhs_number1 -- patient id -- patient identification -- patient no
+- patient id
+- patient identification
+- patient no
- patient number #### Keyword_uk_nhs_number_dob -- GP -- DOB -- D.O.B -- Date of Birth -- Birth Date
-
+- GP
+- DOB
+- D.O.B
+- Date of Birth
+- Birth Date
+ ## U.K. national insurance number (NINO) This sensitive information type entity is included in the EU National Identification Number sensitive information type. It's also available as a stand-alone sensitive information type entity.
A DLP policy has medium confidence that it's detected this type of sensitive inf
- nationalinsurance# - nationalinsurancenumber
-
+ ## U.K. Unique Taxpayer Reference Number This sensitive information type is only available for use in: - data loss prevention policies
This sensitive information type is only available for use in:
### Format 10 digits without spaces and delimiters
-
-
++ ### Pattern 10 digits
-
+ ### Checksum No
-
+ ### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function `Func_uk_eu_tax_file_number` finds content that matches the pattern. -- A keyword from `Keywords_uk_eu_tax_file_number` is found.
-
+- The function `Func_uk_eu_tax_file_number` finds content that matches the pattern.
+- A keyword from `Keywords_uk_eu_tax_file_number` is found.
+ ```xml <!-- U.K. Unique Taxpayer Reference Number --> <Entity id="ad4a8116-0db8-439a-b545-6d967642f0ec" patternsProximity="300" recommendedConfidence="85">
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keyword_usa_Bank_Account -- Checking Account Number -- Checking Account -- Checking Account # -- Checking Acct Number -- Checking Acct # -- Checking Acct No. -- Checking Account No. -- Bank Account Number -- Bank Account # -- Bank Acct Number -- Bank Acct # -- Bank Acct No. -- Bank Account No. -- Savings Account Number -- Savings Account. -- Savings Account # -- Savings Acct Number -- Savings Acct # -- Savings Acct No. -- Savings Account No. -- Debit Account Number -- Debit Account -- Debit Account # -- Debit Acct Number -- Debit Acct # -- Debit Acct No. -- Debit Account No.
+- Checking Account Number
+- Checking Account
+- Checking Account #
+- Checking Acct Number
+- Checking Acct #
+- Checking Acct No.
+- Checking Account No.
+- Bank Account Number
+- Bank Account #
+- Bank Acct Number
+- Bank Acct #
+- Bank Acct No.
+- Bank Account No.
+- Savings Account Number
+- Savings Account.
+- Savings Account #
+- Savings Acct Number
+- Savings Acct #
+- Savings Acct No.
+- Savings Account No.
+- Debit Account Number
+- Debit Account
+- Debit Account #
+- Debit Acct Number
+- Debit Acct #
+- Debit Acct No.
+- Debit Account No.
## U.S. driver's license number
A DLP policy has low confidence that it's detected this type of sensitive inform
#### Keyword_us_drivers_license_abbreviations -- DL -- DLS -- CDL -- CDLS -- ID -- IDs -- DL# -- DLS# -- CDL# -- CDLS#
+- DL
+- DLS
+- CDL
+- CDLS
+- ID
+- IDs
+- DL#
+- DLS#
+- CDL#
+- CDLS#
- ID#-- IDs# -- ID number -- ID numbers -- LIC -- LIC#
+- IDs#
+- ID number
+- ID numbers
+- LIC
+- LIC#
#### Keyword_us_drivers_license -- DriverLic -- DriverLics -- DriverLicense -- DriverLicenses -- Driver Lic -- Driver Lics -- Driver License -- Driver Licenses -- DriversLic -- DriversLics -- DriversLicense -- DriversLicenses -- Drivers Lic -- Drivers Lics -- Drivers License -- Drivers Licenses -- Driver'Lic -- Driver'Lics -- Driver'License -- Driver'Licenses -- Driver' Lic -- Driver' Lics -- Driver' License
+- DriverLic
+- DriverLics
+- DriverLicense
+- DriverLicenses
+- Driver Lic
+- Driver Lics
+- Driver License
+- Driver Licenses
+- DriversLic
+- DriversLics
+- DriversLicense
+- DriversLicenses
+- Drivers Lic
+- Drivers Lics
+- Drivers License
+- Drivers Licenses
+- Driver'Lic
+- Driver'Lics
+- Driver'License
+- Driver'Licenses
+- Driver' Lic
+- Driver' Lics
+- Driver' License
- Driver' Licenses-- Driver'sLic -- Driver'sLics -- Driver'sLicense -- Driver'sLicenses -- Driver's Lic -- Driver's Lics -- Driver's License -- Driver's Licenses -- identification number -- identification numbers -- identification # -- id card -- id cards -- identification card -- identification cards -- DriverLic# -- DriverLics# -- DriverLicense# -- DriverLicenses# -- Driver Lic# -- Driver Lics# -- Driver License# -- Driver Licenses# -- DriversLic# -- DriversLics# -- DriversLicense# -- DriversLicenses# -- Drivers Lic# -- Drivers Lics# -- Drivers License# -- Drivers Licenses# -- Driver'Lic# -- Driver'Lics# -- Driver'License# -- Driver'Licenses# -- Driver' Lic# -- Driver' Lics# -- Driver' License# -- Driver' Licenses# -- Driver'sLic# -- Driver'sLics# -- Driver'sLicense# -- Driver'sLicenses# -- Driver's Lic# -- Driver's Lics# -- Driver's License# -- Driver's Licenses# -- id card# -- id cards# -- identification card# -- identification cards#
+- Driver'sLic
+- Driver'sLics
+- Driver'sLicense
+- Driver'sLicenses
+- Driver's Lic
+- Driver's Lics
+- Driver's License
+- Driver's Licenses
+- identification number
+- identification numbers
+- identification #
+- id card
+- id cards
+- identification card
+- identification cards
+- DriverLic#
+- DriverLics#
+- DriverLicense#
+- DriverLicenses#
+- Driver Lic#
+- Driver Lics#
+- Driver License#
+- Driver Licenses#
+- DriversLic#
+- DriversLics#
+- DriversLicense#
+- DriversLicenses#
+- Drivers Lic#
+- Drivers Lics#
+- Drivers License#
+- Drivers Licenses#
+- Driver'Lic#
+- Driver'Lics#
+- Driver'License#
+- Driver'Licenses#
+- Driver' Lic#
+- Driver' Lics#
+- Driver' License#
+- Driver' Licenses#
+- Driver'sLic#
+- Driver'sLics#
+- Driver'sLicense#
+- Driver'sLicenses#
+- Driver's Lic#
+- Driver's Lics#
+- Driver's License#
+- Driver's Licenses#
+- id card#
+- id cards#
+- identification card#
+- identification cards#
#### Keyword_[state_name]_drivers_license_name -- state abbreviation (for example, "NY")
+- state abbreviation (for example, "NY")
- state name (for example, "New York") ## U.S. individual taxpayer identification number (ITIN)
nine digits that start with a "9" and contain a "7" or "8" as the fourth digit,
### Pattern formatted:-- the digit "9" -- two digits -- a space or dash -- a "7" or "8" -- a digit -- a space, or dash
+- the digit "9"
+- two digits
+- a space or dash
+- a "7" or "8"
+- a digit
+- a space, or dash
- four digits unformatted:-- the digit "9" -- two digits -- a "7" or "8"
+- the digit "9"
+- two digits
+- a "7" or "8"
- five digits ### Checksum
A DLP policy has low confidence that it's detected this type of sensitive inform
#### Keyword_itin -- taxpayer -- tax id -- tax identification -- itin
+- taxpayer
+- tax id
+- tax identification
+- itin
- i.t.i.n.-- ssn -- tin -- social security -- tax payer -- itins -- taxid -- individual taxpayer
+- ssn
+- tin
+- social security
+- tax payer
+- itins
+- taxid
+- individual taxpayer
## U.S. social security number (SSN)
A DLP policy has low confidence that it's detected this type of sensitive inform
- SSN# - SS# - SSID
-
+ ## U.S. / U.K. passport number ### Format
A DLP policy has medium confidence that it's detected this type of sensitive inf
#### Keywords_uk_eu_passport_number -- british passport -- uk passport
+- british passport
+- uk passport
## Ukraine passport domestic
compliance Sensitive Information Type Learn About https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-learn-about.md
To create custom sensitive information types in the Security & Compliance Center
> [!NOTE] > Improved confidence levels are available for immediate use within Data Loss Prevention for Microsoft 365 services, Microsoft Information Protection for Microsoft 365 services, Communication Compliance, Information Governance, and Records Management.- > Microsoft 365 Information Protection now supports double byte character set languages for: > - Chinese (simplified) > - Chinese (traditional) > - Korean > - Japanese-
->This support is available for sensitive information types. See, [Information protection support for double byte character sets release notes (preview)](mip-dbcs-relnotes.md) for more information.
+>
+> This support is available for sensitive information types. See, [Information protection support for double byte character sets release notes (preview)](mip-dbcs-relnotes.md) for more information.
> [!TIP] > To detect patterns containing Chinese/Japanese characters and single byte characters or to detect patterns containing Chinese/Japanese and English, define two variants of the keyword or regex. > For example, to detect a keyword like "机密的document", use two variants of the keyword; one with a space between the Japanese and English text and another without a space between the Japanese and English text. So, the keywords to be added in the SIT should be "机密的 document" and "机密的document". Similarly, to detect a phrase "東京オリンピック2020", two variants should be used; "東京オリンピック 2020" and "東京オリンピック2020".
-
+>
> While creating a regex using a double byte hyphen or a double byte period, make sure to escape both the characters like one would escape a hyphen or period in a regex. Here is a sample regex for reference:
- - (?<!\d)([4][0-9]{3}[\-?\-\t]*[0-9]{4}
-
+> - (?<!\d)([4][0-9]{3}[\-?\-\t]*[0-9]{4}
+>
> We recommend using string match instead of word match in a keyword list. ## For further information
compliance Sensitivity Labels Sharepoint Onedrive Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files.md
Last updated localization_priority: Normal-+ - M365-security-compliance - SPO_Content
+search.appverid:
- MOE150 - MET150 description: "Administrators can enable sensitivity label support for Word, Excel, and PowerPoint files in SharePoint and OneDrive."
After you enable sensitivity labels for Office files in SharePoint and OneDrive,
- Use Office for the web (Word, Excel, PowerPoint) to open and edit Office files that have sensitivity labels that apply encryption. The permissions that were assigned with the encryption are enforced. You can also use [auto-labeling](apply-sensitivity-label-automatically.md) for these documents. -- External users can access documents that are labeled with encryption by using guest accounts. For more information, see [Support for external users and labeled content](sensitivity-labels-office-apps.md#support-for-external-users-and-labeled-content).
+- External users can access documents that are labeled with encryption by using guest accounts. For more information, see [Support for external users and labeled content](sensitivity-labels-office-apps.md#support-for-external-users-and-labeled-content).
- Office 365 eDiscovery supports full-text search for these files and Data Loss Prevention (DLP) policies support content in these files.
After you enable sensitivity labels for Office files in SharePoint and OneDrive,
> The SharePoint and OneDrive behavior also doesn't change for existing files in these locations that are labeled with encryption using a single Azure-based key. For these files to benefit from the new capabilities after you enable sensitivity labels for Office files in SharePoint and OneDrive, the files must be either downloaded and uploaded again, or edited. After you enable sensitivity labels for Office files in SharePoint and OneDrive, three new [audit events](search-the-audit-log-in-security-and-compliance.md#sensitivity-label-activities) are available for monitoring sensitivity labels that are applied to documents in SharePoint and OneDrive:+ - **Applied sensitivity label to file** - **Changed sensitivity label applied to file** - **Removed sensitivity label from file**
Watch the following video (no audio) to see the new capabilities in action:
You always have the choice to disable sensitivity labels for Office files in SharePoint and OneDrive ([opt-out](#how-to-disable-sensitivity-labels-for-sharepoint-and-onedrive-opt-out)) at any time.
-If you are currently protecting documents in SharePoint by using SharePoint Information Rights Management (IRM), be sure to check the [SharePoint Information Rights Management (IRM) and sensitivity labels](#sharepoint-information-rights-management-irm-and-sensitivity-labels) section on this page.
+If you are currently protecting documents in SharePoint by using SharePoint Information Rights Management (IRM), be sure to check the [SharePoint Information Rights Management (IRM) and sensitivity labels](#sharepoint-information-rights-management-irm-and-sensitivity-labels) section on this page.
## Requirements
Use the OneDrive sync app version 19.002.0121.0008 or later on Windows, and vers
## Limitations - SharePoint and OneDrive can't process some files that are labeled and encrypted from Office desktop apps when these files contain PowerQuery data, data stored by custom add-ins, or custom XML parts such as Cover Page Properties, content type schemas, custom Document Information Panel, and Custom XSN. This limitation also applies to files that have a [Document ID](https://support.microsoft.com/office/enable-and-configure-unique-document-ids-ea7fee86-bd6f-4cc8-9365-8086e794c984) added when they are uploaded.
-
+ For these files, either apply a label without encryption so that they can later be opened in Office on the web, or instruct users to open the files in their desktop apps. Files that are labeled and encrypted only in Office on the web aren't affected. - SharePoint and OneDrive don't automatically apply sensitivity labels to existing files that you've already encrypted using Azure Information Protection labels. Instead, for the features to work after you enable sensitivity labels for Office files in SharePoint and OneDrive, complete these tasks:
-
+ 1. Make sure you have [migrated the Azure Information Protection labels](/azure/information-protection/configure-policy-migrate-labels) to sensitivity labels and [published them](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) from the Microsoft 365 compliance center. 2. Download the labeled files and then upload them to their original location in SharePoint or OneDrive. - SharePoint and OneDrive can't process encrypted files when the label that applied the encryption has any of the following [configurations for encryption](encryption-sensitivity-labels.md#configure-encryption-settings):
- - **Let users assign permissions when they apply the label** and the checkbox **In Word, PowerPoint, and Excel, prompt users to specify permissions** is selected. This setting is sometimes referred to as "user-defined permissions".
- - **User access to content expires** is set to a value other than **Never**.
- - **Double Key Encryption** is selected.
-
+ - **Let users assign permissions when they apply the label** and the checkbox **In Word, PowerPoint, and Excel, prompt users to specify permissions** is selected. This setting is sometimes referred to as "user-defined permissions".
+ - **User access to content expires** is set to a value other than **Never**.
+ - **Double Key Encryption** is selected.
+ For labels with any of these encryption configurations, the labels aren't displayed to users in Office for the web. Additionally, the new capabilities can't be used with labeled documents that already have these encryption settings. For example, these documents won't be returned in search results, even if they are updated. - For performance reasons, when you upload or save a document to SharePoint and the file's label doesn't apply encryption, the **Sensitivity** column in the document library can take a while to display the label name. Factor in this delay if you use scripts or automation that depend on the label name in this column. -- Users might experience delays in being able to open encrypted documents in the following Save As scenario: Using a desktop version of Office, a user chooses Save As for a document that has a sensitivity label that applies encryption. The user selects SharePoint or OneDrive for the location, and then immediately tries to open that document in Office for the web. If the service is still processing the encryption, the user sees a message that the document must be opened in their desktop app. If they try again in a couple of minutes, the document successfully opens in Office for the web.
+- Users might experience delays in being able to open encrypted documents in the following Save As scenario: Using a desktop version of Office, a user chooses Save As for a document that has a sensitivity label that applies encryption. The user selects SharePoint or OneDrive for the location, and then immediately tries to open that document in Office for the web. If the service is still processing the encryption, the user sees a message that the document must be opened in their desktop app. If they try again in a couple of minutes, the document successfully opens in Office for the web.
- For encrypted documents, printing is not supported. - For an encrypted document that grants edit permissions to a user, copying can't be blocked in the web versions of the Office apps. - By default, Office desktop apps and mobile apps don't support co-authoring for files that are labeled with encryption. These apps continue to open labeled and encrypted files in exclusive editing mode.
-
+ > [!NOTE] > Co-authoring is now supported in preview. For more information, see [Enable co-authoring for files encrypted with sensitivity labels](sensitivity-labels-coauthoring.md). - If an admin changes settings for a published label that's already applied to files downloaded to users' sync client, users might be unable to save changes they make to the file in their OneDrive Sync folder. This scenario applies to files that are labeled with encryption, and also when the label change is from a label that didn't apply encryption to a label that does apply encryption. Users see a [red circle with a white cross icon error](https://support.office.com/article/what-do-the-onedrive-icons-mean-11143026-8000-44f8-aaa9-67c985aa49b3), and they are asked to save new changes as a separate copy. Instead, they can close and reopen the file, or use Office for the web. -- Users can experience save problems after going offline or into a sleep mode when instead of using Office for the web, they use the desktop and mobile apps for Word, Excel, or PowerPoint. For these users, when they resume their Office app session and try to save changes, they see an upload failure message with an option to save a copy instead of saving the original file.
+- Users can experience save problems after going offline or into a sleep mode when instead of using Office for the web, they use the desktop and mobile apps for Word, Excel, or PowerPoint. For these users, when they resume their Office app session and try to save changes, they see an upload failure message with an option to save a copy instead of saving the original file.
- Documents that have been encrypted in the following ways can't be opened in Office for the web:
- - Encryption that uses an on-premises key ("hold your own key" or HYOK)
- - Encryption that was applied by using [Double Key Encryption](double-key-encryption.md)
- - Encryption that was applied independently from a label, for example, by directly applying a Rights Management protection template.
+ - Encryption that uses an on-premises key ("hold your own key" or HYOK)
+ - Encryption that was applied by using [Double Key Encryption](double-key-encryption.md)
+ - Encryption that was applied independently from a label, for example, by directly applying a Rights Management protection template.
- Labels configured for [other languages](create-sensitivity-labels.md#additional-label-settings-with-security--compliance-center-powershell) are not supported and display the original language only.
You can enable the new capabilities by using the Microsoft 365 compliance center
This option is the easiest way to enable sensitivity labels for SharePoint and OneDrive, but you must sign in as a global administrator for your tenant. 1. Sign in to the [Microsoft 365 compliance center](https://compliance.microsoft.com/) as a global administrator, and navigate to **Solutions** > **Information protection**
-
- If you don't immediately see this option, first select **Show all**.
+
+ If you don't immediately see this option, first select **Show all**.
2. If you see a message to turn on the ability to process content in Office online files, select **Turn on now**:
-
+ ![Turn on now button to enable sensitivity labels for Office Online](../media/sensitivity-labels-turn-on-banner.png)
-
+ The command runs immediately and when the page is next refreshed, you no longer see the message or button. > [!NOTE]
This option is the easiest way to enable sensitivity labels for SharePoint and O
### Use PowerShell to enable support for sensitivity labels
-As an alternative to using the compliance center, you can enable support for sensitivity labels by using the [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant) cmdlet from SharePoint Online PowerShell.
+As an alternative to using the compliance center, you can enable support for sensitivity labels by using the [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant) cmdlet from SharePoint Online PowerShell.
If you have Microsoft 365 Multi-Geo, you must use PowerShell to enable this support for all your geo-locations.
Before you run the PowerShell command to enable sensitivity labels for Office fi
To enable the new capabilities, use the [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant) cmdlet with the *EnableAIPIntegration* parameter: 1. Using a work or school account that has global administrator or SharePoint admin privileges in Microsoft 365, connect to SharePoint. To learn how, see [Getting started with SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).
-
+ > [!NOTE] > If you have Microsoft 365 Multi-Geo, use the -Url parameter with [Connect-SPOService](/powershell/module/sharepoint-online/connect-sposervice), and specify the SharePoint Online Administration Center site URL for one of your geo-locations.
To enable the new capabilities, use the [Set-SPOTenant](/powershell/module/share
When you use sensitivity labels with SharePoint and OneDrive, keep in mind that you need to allow for replication time when you publish new sensitivity labels or update existing sensitivity labels. This is especially important for new labels that apply encryption.
-For example: You create and publish a new sensitivity label that applies encryption and it very quickly appears in a user's desktop app. The user applies this label to a document and then uploads it to SharePoint or OneDrive. If the label replication hasn't completed for the service, the new capabilities won't be applied to that document on upload. As a result, the document won't be returned in search or for eDiscovery and the document can't be opened in Office for the web.
+For example: You create and publish a new sensitivity label that applies encryption and it very quickly appears in a user's desktop app. The user applies this label to a document and then uploads it to SharePoint or OneDrive. If the label replication hasn't completed for the service, the new capabilities won't be applied to that document on upload. As a result, the document won't be returned in search or for eDiscovery and the document can't be opened in Office for the web.
The following changes replicate within one hour: New and deleted sensitivity labels, and sensitivity label policy settings that include which labels are in the policy.
Because the replication delay is only one hour for new sensitivity labels, you a
In comparison, sensitivity labels provide the protection settings of visual markings (headers, footers, watermarks) in addition to encryption. The encryption settings support the full range of [usage rights](/azure/information-protection/configure-usage-rights) to restrict what users can do with the content, and the same sensitivity labels are supported for [many scenarios](get-started-with-sensitivity-labels.md#common-scenarios-for-sensitivity-labels). Using the same protection method with consistent settings across workloads and apps results in a consistent protection strategy.
-However, you can use both protection solutions together and the behavior is as follows:
+However, you can use both protection solutions together and the behavior is as follows:
- If you upload a file with a sensitivity label that applies encryption, SharePoint can't process the content of these files so coauthoring, eDiscovery, DLP, and search are not supported for these files.
InformationProtectionLabelId:8faca7b8-8d20-48a3-8ea2-0f96310a848e
Search won't find labeled documents in a compressed file, such as a .zip file.
-To get the GUIDs for your sensitivity labels, use the [Get-Label](/powershell/module/exchange/get-label) cmdlet:
+To get the GUIDs for your sensitivity labels, use the [Get-Label](/powershell/module/exchange/get-label) cmdlet:
-1. First, [connect to Office 365 Security & Compliance Center PowerShell](/powershell/exchange/office-365-scc/connect-to-scc-powershell/connect-to-scc-powershell).
-
- For example, in a PowerShell session that you run as administrator, sign in with a global administrator account.
+1. First, [connect to Office 365 Security & Compliance Center PowerShell](/powershell/exchange/office-365-scc/connect-to-scc-powershell/connect-to-scc-powershell).
-2. Then run the following command:
+ For example, in a PowerShell session that you run as administrator, sign in with a global administrator account.
- ```powershell
- Get-Label |ft Name, Guid
- ```
+2. Then run the following command:
+
+ ```powershell
+ Get-Label |ft Name, Guid
+ ```
For more information about using managed properties, see [Manage the search schema in SharePoint](/sharepoint/manage-search-schema).
For more information about using managed properties, see [Manage the search sche
There might be rare occasions when a SharePoint administrator needs to remove encryption from a document stored in SharePoint. Any user who has the [Rights Management usage right](/azure/information-protection/configure-usage-rights#usage-rights-and-descriptions) of Export or Full Control assigned to them for that document can remove encryption that was applied by the Azure Rights Management service from Azure Information Protection. For example, users with either of these usage rights can replace a label that applies encryption with a label without encryption. Alternatively, a [super user](/azure/information-protection/configure-super-users) could download the file and save a local copy without the encryption.
-As an alternative, a global admin or [SharePoint admin](/sharepoint/sharepoint-admin-role) can run the [Unlock-SPOSensitivityLabelEncryptedFile](/powershell/module/sharepoint-online/unlock-sposensitivitylabelencryptedFile) cmdlet, which removes both the sensitivity label and the encryption. This cmdlet runs even if the admin doesn't have access permissions to the site or file, or if the Azure Rights Management service is unavailable.
+As an alternative, a global admin or [SharePoint admin](/sharepoint/sharepoint-admin-role) can run the [Unlock-SPOSensitivityLabelEncryptedFile](/powershell/module/sharepoint-online/unlock-sposensitivitylabelencryptedFile) cmdlet, which removes both the sensitivity label and the encryption. This cmdlet runs even if the admin doesn't have access permissions to the site or file, or if the Azure Rights Management service is unavailable.
For example:
compliance Sit Edm Notifications Activities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-edm-notifications-activities.md
# Create notifications for exact data match activities
-When you [create custom sensitive information types with exact data match (EDM)](create-custom-sensitive-information-types-with-exact-data-match-based-classification.md) there are a number of activities that are created in the [audit log](search-the-audit-log-in-security-and-compliance.md#requirements-to-search-the-audit-log). You can use the [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert?view=exchange-ps) PowerShell cmdlet to create notifications that let you know when these activities occur:
+When you [create custom sensitive information types with exact data match (EDM)](create-custom-sensitive-information-types-with-exact-data-match-based-classification.md) there are a number of activities that are created in the [audit log](search-the-audit-log-in-security-and-compliance.md#requirements-to-search-the-audit-log). You can use the [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert) PowerShell cmdlet to create notifications that let you know when these activities occur:
- CreateSchema - EditSchema
To learn more about DLP licensing, see [Microsoft 365 licensing guidance for sec
## Configure notifications for EDM activities
-1. Connect to the [Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell?view=exchange-ps)
+1. Connect to the [Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell)
2. Run the `New-ProtectionAlert` cmdlet using the activity that you want to create the notification for. For example, if you want to be notified when the **UploadDataCompleted** action occured, run
New-ProtectionAlert -Name "EdmUploadFailAlertPolicy" -Category Others -NotifyUse
## Related articles - [Create custom sensitive information types with exact data match (EDM)](create-custom-sensitive-information-types-with-exact-data-match-based-classification.md)-- [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert?view=exchange-ps)
+- [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert)
compliance Supported Filetypes Ediscovery20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/supported-filetypes-ediscovery20.md
Advanced eDiscovery supports many file types at many different levels. The suppo
## Archive / Container
-| Mime type | File identification | Metadata extraction | Container extraction | Possible Extensions |
-|:- |:- |:- |:- |:- |
-|application/x-7z-compressed | Yes | Yes | Yes | .7z |
-|application/x-rar-compressed | Yes | Yes | Yes | .rar |
-|application/x-tar | Yes | Yes | Yes | .tar |
-|application/zip | Yes | Yes | Yes | .zip |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Container extraction|Possible Extensions|
+||::|::|::|::|
+|application/x-7z-compressed|Yes|Yes|Yes|.7z|
+|application/x-rar-compressed|Yes|Yes|Yes|.rar|
+|application/x-tar|Yes|Yes|Yes|.tar|
+|application/zip|Yes|Yes|Yes|.zip|
+|
## Audio / Video
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-| application/mp4 | Yes | Yes | No | Yes | No | .f4v; .m4a; .m4v; .mp4; .mp4v; .mpeg; .mpeg4 |
-|audio/mpeg | Yes | Yes | No | Yes | No | .mpeg |
-|video/3gpp | Yes | Yes | No | Yes | No | .3gp |
-|video/3gpp2 | Yes | Yes | No | Yes | No | .3g2; .3gp2 |
-|video/quicktime | Yes | Yes | No | Yes | No | .moov; .mov; .qt |
-|video/x-m4v | Yes | Yes | No | Yes | No | .m4v |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/mp4|Yes|Yes|No|Yes|No|.f4v; .m4a; .m4v; .mp4; .mp4v; .mpeg; .mpeg4|
+|audio/mpeg|Yes|Yes|No|Yes|No|.mpeg|
+|video/3gpp|Yes|Yes|No|Yes|No|.3gp|
+|video/3gpp2|Yes|Yes|No|Yes|No|.3g2; .3gp2|
+|video/quicktime|Yes|Yes|No|Yes|No|.moov; .mov; .qt|
+|video/x-m4v|Yes|Yes|No|Yes|No|.m4v|
+|
## Database
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/x-msaccess | Yes | Yes | Yes | No | No | .mdb |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/x-msaccess|Yes|Yes|Yes|No|No|.mdb|
+|
## Email
-|Mime type |File identification |Metadata extraction |Text extraction |Native viewer |Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.ms-outlook | Yes | Yes | Yes | Yes | Yes | .msg |
-|message/rfc822 | Yes | Yes | Yes | Yes | Yes | .eml |
-|text/vcard-contact | Yes | Yes | Yes | Yes | Yes | .vcf |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.ms-outlook|Yes|Yes|Yes|Yes|Yes|.msg|
+|message/rfc822|Yes|Yes|Yes|Yes|Yes|.eml|
+|text/vcard-contact|Yes|Yes|Yes|Yes|Yes|.vcf|
+|
## Email Container
-| Mime type | File identification | Metadata extraction | Container extraction | Possible Extensions |
-|:| :| :| :| :|
-|application/mbox | Yes | Yes | Yes | .mbox |
-|application/vnd.ms-outlook-pst | Yes | Yes | Yes | .pst |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Container extraction|Possible Extensions|
+||::|::|::|::|
+|application/mbox|Yes|Yes|Yes|.mbox|
+|application/vnd.ms-outlook-pst|Yes|Yes|Yes|.pst|
+|
## HTML
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/xhtml+xml | Yes | Yes | Yes | Yes | Yes | .xhtml |
-|application/xml | Yes | Yes | Yes | Yes | Yes | .xml |
-|text/html | Yes | Yes | Yes | Yes | Yes | .htm; .html; .shtml |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/xhtml+xml|Yes|Yes|Yes|Yes|Yes|.xhtml|
+|application/xml|Yes|Yes|Yes|Yes|Yes|.xml|
+|text/html|Yes|Yes|Yes|Yes|Yes|.htm; .html; .shtml|
+|
## Image
-|Mime type |File identification |Metadata extraction |OCR text extraction |Native viewer |Annotate viewer |Possible Extensions |
-|:| :| :| :| :| :| :|
-|image/bmp | Yes | Yes | Yes | Yes | Yes | .bmp |
-|image/emf | Yes | Yes | Yes | Yes | Yes | .emf |
-|image/gif | Yes | Yes | Yes | Yes | Yes | .gif |
-|image/jpeg | Yes | Yes | Yes | Yes | Yes | .jpeg; .jpg |
-|image/png | Yes | Yes | Yes | Yes | Yes | .png |
-|image/svg+xml | Yes | Yes | Yes | Yes | No | .svg |
-|image/tiff | Yes | Yes | Yes | Yes | Yes | .tif |
-|image/vnd.dwg | Yes | Yes | Yes | Yes | Yes | .dwg; .dxf |
-|image/wmf | Yes | Yes | Yes | Yes | Yes | .wmf |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|OCR text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|image/bmp|Yes|Yes|Yes|Yes|Yes|.bmp|
+|image/emf|Yes|Yes|Yes|Yes|Yes|.emf|
+|image/gif|Yes|Yes|Yes|Yes|Yes|.gif|
+|image/jpeg|Yes|Yes|Yes|Yes|Yes|.jpeg; .jpg|
+|image/png|Yes|Yes|Yes|Yes|Yes|.png|
+|image/svg+xml|Yes|Yes|Yes|Yes|No|.svg|
+|image/tiff|Yes|Yes|Yes|Yes|Yes|.tif|
+|image/vnd.dwg|Yes|Yes|Yes|Yes|Yes|.dwg; .dxf|
+|image/wmf|Yes|Yes|Yes|Yes|Yes|.wmf|
+|
## Microsoft Excel
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.ms-excel | Yes | Yes | Yes | Yes | Yes | .dat; .xls |
-|application/vnd.ms-excel.sheet.binary.macroenabled.12 | Yes | Yes | Yes | Yes | No | .xlsb |
-|application/vnd.ms-excel.sheet.macroenabled.12 | Yes | Yes | Yes | Yes | Yes | .xlsm |
-|application/vnd.ms-excel.template.macroenabled.12 | Yes | Yes | Yes | No | No | .xltm |
-|application/vnd.openxmlformats-officedocument.spreadsheetml.sheet | Yes | Yes | Yes | Yes | Yes | .xlsx |
-|application/vnd.openxmlformats-officedocument.spreadsheetml.template | Yes | Yes | Yes | Yes | Yes | .xltx |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.ms-excel|Yes|Yes|Yes|Yes|Yes|.dat; .xls|
+|application/vnd.ms-excel.sheet.binary.macroenabled.12|Yes|Yes|Yes|Yes|No|.xlsb|
+|application/vnd.ms-excel.sheet.macroenabled.12|Yes|Yes|Yes|Yes|Yes|.xlsm|
+|application/vnd.ms-excel.template.macroenabled.12|Yes|Yes|Yes|No|No|.xltm|
+|application/vnd.openxmlformats-officedocument.spreadsheetml.sheet|Yes|Yes|Yes|Yes|Yes|.xlsx|
+|application/vnd.openxmlformats-officedocument.spreadsheetml.template|Yes|Yes|Yes|Yes|Yes|.xltx|
+|
## Microsoft OneNote
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/onenote | Yes | Yes | Yes | No | No | .one |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/onenote|Yes|Yes|Yes|No|No|.one|
+|
## Microsoft PowerPoint
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.ms-powerpoint | Yes | Yes | Yes | Yes | Yes | .pot; .pps; .ppt |
-|application/vnd.openxmlformats-officedocument.presentationml.presentation | Yes | Yes | Yes | Yes | Yes | .pptx |
-|application/vnd.openxmlformats-officedocument.presentationml.slideshow | Yes | Yes | Yes | Yes | Yes | .ppsx |
-|application/vnd.openxmlformats-officedocument.presentationml.template | Yes | Yes | Yes | Yes | Yes | .potx |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.ms-powerpoint|Yes|Yes|Yes|Yes|Yes|.pot; .pps; .ppt|
+|application/vnd.openxmlformats-officedocument.presentationml.presentation|Yes|Yes|Yes|Yes|Yes|.pptx|
+|application/vnd.openxmlformats-officedocument.presentationml.slideshow|Yes|Yes|Yes|Yes|Yes|.ppsx|
+|application/vnd.openxmlformats-officedocument.presentationml.template|Yes|Yes|Yes|Yes|Yes|.potx|
+|
## Microsoft Project
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.ms-project | Yes | Yes | Yes | No | Yes | .mpp |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.ms-project|Yes|Yes|Yes|No|Yes|.mpp|
+|
## Microsoft Publisher
-|Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/x-mspublisher | Yes | Yes | Yes | Yes | Yes | .pub |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/x-mspublisher|Yes|Yes|Yes|Yes|Yes|.pub|
+|
## Microsoft Visio
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.ms-visio.drawing | Yes | Yes | Yes | Yes | No | |
-|application/vnd.visio | Yes | Yes | Yes | Yes | Yes | .vsd |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.ms-visio.drawing|Yes|Yes|Yes|Yes|No||
+|application/vnd.visio|Yes|Yes|Yes|Yes|Yes|.vsd|
+|
## Microsoft Word
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/msword | Yes | Yes | Yes | Yes | Yes | .dat; .doc |
-| application/rtf | Yes | Yes | Yes | Yes | Yes | .doc; .rtf |
-|application/vnd.ms-word.document.macroenabled.12 | Yes | Yes | Yes | Yes | Yes | .docm |
-|application/vnd.ms-word.template.macroenabled.12 | Yes | Yes | Yes | Yes | Yes | .dotm |
-|application/vnd.openxmlformats-officedocument.wordprocessingml.document | Yes | Yes | Yes | Yes | Yes | .docx |
-|application/vnd.openxmlformats-officedocument.wordprocessingml.template | Yes | Yes | Yes | Yes | Yes | .dotx |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/msword|Yes|Yes|Yes|Yes|Yes|.dat; .doc|
+|application/rtf|Yes|Yes|Yes|Yes|Yes|.doc; .rtf|
+|application/vnd.ms-word.document.macroenabled.12|Yes|Yes|Yes|Yes|Yes|.docm|
+|application/vnd.ms-word.template.macroenabled.12|Yes|Yes|Yes|Yes|Yes|.dotm|
+|application/vnd.openxmlformats-officedocument.wordprocessingml.document|Yes|Yes|Yes|Yes|Yes|.docx|
+|application/vnd.openxmlformats-officedocument.wordprocessingml.template|Yes|Yes|Yes|Yes|Yes|.dotx|
+|
## Microsoft Works
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.ms-works-ss | Yes | Yes | No | No | No | .wps |
-|application/vnd.ms-works-wp | Yes | Yes | No | No | No | .wps |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.ms-works-ss|Yes|Yes|No|No|No|.wps|
+|application/vnd.ms-works-wp|Yes|Yes|No|No|No|.wps|
+|
## Open Document Format
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.oasis.opendocument.text | Yes | Yes | Yes | Yes | Yes | .odt |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.oasis.opendocument.text|Yes|Yes|Yes|Yes|Yes|.odt|
+|
## Other
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/json | Yes | Yes | Yes | Yes | Yes | n/a |
-|application/vnd.ms-graph | Yes | Yes | No | No | No | |
-|application/winhlp | Yes | Yes | No | No | No | .hlp |
-|application/x-tnef | Yes | Yes | No | No | No | |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/json|Yes|Yes|Yes|Yes|Yes|n/a|
+|application/vnd.ms-graph|Yes|Yes|No|No|No||
+|application/winhlp|Yes|Yes|No|No|No|.hlp|
+|application/x-tnef|Yes|Yes|No|No|No||
+|
## Plain Text
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|text/csv | Yes | Yes | Yes | Yes | Yes | .csv |
-|text/plain | Yes | Yes | Yes | Yes | Yes | .con; .css; .csv; .dat; .pl; .txt |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|text/csv|Yes|Yes|Yes|Yes|Yes|.csv|
+|text/plain|Yes|Yes|Yes|Yes|Yes|.con; .css; .csv; .dat; .pl; .txt|
+|
## Portable Document Format
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/pdf | Yes | Yes | Yes | Yes | Yes | .pdf |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/pdf|Yes|Yes|Yes|Yes|Yes|.pdf|
+|
## Word Perfect
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.wordperfect; version=5.0 | Yes | Yes | Yes | No | No | .wpd |
-|application/vnd.wordperfect; version=5.1 | Yes | Yes | Yes | No | No | .wpd |
-|application/vnd.wordperfect; version=6.x | Yes | Yes | Yes | No | No | .wpd |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.wordperfect; version=5.0|Yes|Yes|Yes|No|No|.wpd|
+|application/vnd.wordperfect; version=5.1|Yes|Yes|Yes|No|No|.wpd|
+|application/vnd.wordperfect; version=6.x|Yes|Yes|Yes|No|No|.wpd|
+|
## Word Pro
-| Mime type | File identification | Metadata extraction | Text extraction | Native viewer | Annotate viewer | Possible Extensions |
-|:| :| :| :| :| :| :|
-|application/vnd.lotus-wordpro | Yes | Yes | No | No | No | .lwp |
-||||||||
+<br>
+
+****
+
+|Mime type|File identification|Metadata extraction|Text extraction|Native viewer|Annotate viewer|Possible Extensions|
+||::|::|::|::|::|::|
+|application/vnd.lotus-wordpro|Yes|Yes|No|No|No|.lwp|
+|
compliance Using Communications Editor https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/using-communications-editor.md
You can use email merge fields by selecting the **Merge field** icons on the top
### List of merge field variables
-| Field name | Field details |
-| :- | :- |
-| Display Name | The custodian's first and last name. |
-| Acknowledgment Link | A customized link to record each custodian's acknowledgment.| |
-| Portal Link | A customized link for the custodian's Compliance Portal.| |
-| Issuing Officer | The email address of the specified issuing officer.| |
-| Issuing Date | The date that the notice was issued (UTC). |
-|||
+<br>
+
+****
+
+|Field name|Field details|
+|||
+|Display Name|The custodian's first and last name.|
+|Acknowledgment Link|A customized link to record each custodian's acknowledgment.|
+|Portal Link|A customized link for the custodian's Compliance Portal.|
+|Issuing Officer|The email address of the specified issuing officer.|
+|Issuing Date|The date that the notice was issued (UTC).|
+|
compliance What Is Stored In Exo Mailbox https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/what-is-stored-in-exo-mailbox.md
A mailbox in Exchange Online is primarily used to store email-related items such
The following table lists the apps that either stores or associates data with a cloud-based mailbox. The table also describes the type of content that each app produces.
+<br>
+
+****
+ |Microsoft 365 app|Description|
-|:|:|
-|Forms<sup>*</sup>|Forms and responses to a form are stored in files that are attached to email messages and stored in a hidden folder in the mailbox of the user who created the form. Forms created before April 2020 are stored as a PDF file. Forms created after 2020 are stored as a JSON file. Responses to a form are stored in a CSV file. When you export content from Forms in a PST file, this data is located in the **ApplicationDataRoot** folder in a subfolder named with the following globally unique identified (GUID): **c9a559d2-7aab-4f13-a6ed-e7e9c52aec87**. |
+|||
+|Forms<sup>*</sup>|Forms and responses to a form are stored in files that are attached to email messages and stored in a hidden folder in the mailbox of the user who created the form. Forms created before April 2020 are stored as a PDF file. Forms created after 2020 are stored as a JSON file. Responses to a form are stored in a CSV file. When you export content from Forms in a PST file, this data is located in the **ApplicationDataRoot** folder in a subfolder named with the following globally unique identified (GUID): **c9a559d2-7aab-4f13-a6ed-e7e9c52aec87**.|
|Microsoft 365 Groups|Email messages, calendar items, contacts (People), notes, and tasks are stored in the mailbox that's associated with a Microsoft 365 group.| |Outlook/Exchange Online|Email messages, calendar items, contacts (People), notes, and tasks are stored in a user's mailbox.| |People|Contacts in the People app (which are the same contacts as the ones accessible in Outlook) are stored in a user's mailbox.| |Class Schedule|Plans created in Class Schedule are stored in the mailbox of the corresponding Microsoft 365 Group that is provisioned when a new plan is created. The alias for the group mailbox is the name of the plan.| |Skype for Business|Conversations in Skype for Business are stored in the Conversation History folder in a user's mailbox. If the mailbox of a participant of a Skype meeting is placed on Litigation Hold or assigned to a retention policy, files attached to a meeting are retained in the participants mailbox.|
-|Sway<sup>*</sup>|Sways are stored as an HTML file that is attached to an email message and stored in a hidden folder in the mailbox of the user who created the sway. When you export content from Sway in a PST file, this data is located in the **ApplicationDataRoot** folder in a subfolder named with the following GUID: **905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba**.|
+|Sway<sup>*</sup>|Sways are stored as an HTML file that is attached to an email message and stored in a hidden folder in the mailbox of the user who created the sway. When you export content from Sway in a PST file, this data is located in the **ApplicationDataRoot** folder in a subfolder named with the following GUID: **905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba**.|
|Tasks|Tasks in the Tasks app (which are the same tasks as the ones accessible in Outlook) are stored in a user's mailbox.| |Teams|Conversations that are part of a Teams channel are associated with the Teams mailbox. Conversations that are part of the Chat list in Teams (also called *1 x N chats*) are associated with the mailbox of the users who participate in the chat. Also, summary information for meetings and calls in a Teams channel are associated with mailboxes of users who dialed into the meeting or call. So when searching for Teams content, you would search the Teams mailbox for content in channel conversations and search user mailboxes for content in 1 x N chats.| |To-Do|Tasks (called *to-dos*, which are saved in to-do lists) in the To-Do app are stored in a user's mailbox.|
-|Yammer|Conversations and comments within a Yammer community are associated with the Microsoft 365 Group mailbox, as well as the user mailbox of the author and any named recipients (@ mentioned or Cc'ed users). Private messages sent outside of a Yammer community are stored in the mailbox of the users who participate in the private message.|
-||||
+|Yammer|Conversations and comments within a Yammer community are associated with the Microsoft 365 Group mailbox, as well as the user mailbox of the author and any named recipients (@ mentioned or Cc'ed users). Private messages sent outside of a Yammer community are stored in the mailbox of the users who participate in the private message.|
+|
> [!NOTE]
-> <sup>*</sup> At this time, if a hold is placed on a mailbox (by using holds in Core eDiscovery or Advanced eDiscovery cases), content from this app will not be preserved by the hold.
+> <sup>*</sup> At this time, if a hold is placed on a mailbox (by using holds in Core eDiscovery or Advanced eDiscovery cases), content from this app will not be preserved by the hold.
compliance What The Dlp Functions Look For https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/what-the-dlp-functions-look-for.md
audience: Admin
localization_priority: Normal-+ - M365-security-compliance
+search.appverid:
- MOE150 - MET150
description: Learn what the data loss prevention (DLP) functions look for.
# What the DLP functions look for Data loss prevention (DLP) policies can use sensitive information types to identify sensitive items. Credit card number and EU debit card number are examples of sensitive information types. Sensitive information types look for specific patterns. Sensitive information types validate the data by looking at it's format, it's checksums, and looks for relevant keywords or other information. Some of this functionality is performed by internal functions. For example, the Credit Card Number sensitive information type uses a function to look for dates that are formatted like an expiration date. This helps to corroborate that a number is a credit card number.
-
+ This article explains what these functions look for, to help you understand how the predefined sensitive information types work. For more information, see [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
-
+ ## Table of functions
-|function name |function action |is a validator|
-||||
+<br>
+
+****
+
+|function name|function action|is a validator|
+|||::|
|Func_Argentina_Unique_Tax_Key|detects and validates Argentina Unique tax key|no|
-|Func_aba_routing|detects ABA routing number| yes|
+|Func_aba_routing|detects ABA routing number|yes|
|Func_alabama_drivers_license_number|detects Alabama driverΓÇÖs license number|no| |Func_alaska_delaware_oregon_drivers_license_number|detects Alaska, Delaware, Oregon driverΓÇÖs license number|no| |Func_alaska_drivers_license_number|detects Alaska driverΓÇÖs license number|no|
This article explains what these functions look for, to help you understand how
|Func_china_resident_id|detects China-resident ID|no| |Func_colorado_drivers_license_number|detects Colorado driverΓÇÖs license number|no| |Func_connecticut_drivers_license_number|detects Connecticut driverΓÇÖs license number|no|
-|Func_credit_card|detects credit card|yes|no|
+|Func_credit_card|detects credit card|yes|
|Func_croatia_id_card|detects Croatia ID card|no| |Func_croatia_oib_number|detects Croatia OIB number|no| |Func_cyprus_eu_tax_file_number|detects Cyprus tax file number|no|
This article explains what these functions look for, to help you understand how
|Func_germany_value_added_tax_number|detects Germany value added tax number|no| |Func_greece_eu_ssn|detects Greece sin (AMKA)|no| |Func_hawaii_drivers_license_number|detects Hawaii driverΓÇÖs license number|no|
-|Func_hong_kong_id_card |detects Hong Kong ID card|no|
+|Func_hong_kong_id_card|detects Hong Kong ID card|no|
|Func_hungarian_value_added_tax_number|detects Hungary value added tax number|no| |Func_hungary_eu_national_id_card|detects Hungary personal identification number|no| |Func_hungary_eu_ssn_or_equivalent|detects Hungary social security number|no|
This article explains what these functions look for, to help you understand how
|Func_iowa_drivers_license_number|detects Iowa driverΓÇÖs license number|no| |Func_ireland_pps|detects Ireland PPS|no| |Func_israeli_national_id_number|detects Israel national ID number|no|
-|Func_italy_eu_national_id_card |detects Italy fiscal code|no|
+|Func_italy_eu_national_id_card|detects Italy fiscal code|no|
|Func_italy_value_added_tax_number|detects Italy value added tax number|no| |Func_japanese_my_number_corporate|detects Japan my number corporate|yes| |Func_japanese_my_number_personal|detects Japan my number personal|yes|
This article explains what these functions look for, to help you understand how
|Func_nevada_drivers_license_number|detects Nevada driverΓÇÖs license number|no| |Func_new_brunswick_drivers_license_number|detects New Brunswick driverΓÇÖs license number|no| |Func_new_hampshire_drivers_license_number|detects New Hampshire driverΓÇÖs license number|no|
-|Func_new_jersey_drivers_license_number |detects New Jersey driverΓÇÖs license number|no|
-|Func_new_mexico_drivers_license_number |detects New Mexico driverΓÇÖs license number|no|
-|Func_new_york_drivers_license_number |detects New York driverΓÇÖs license number|no|
-|Func_new_zealand_bank_account_number |detects New Zealand bank account number|no|
-|Func_new_zealand_inland_revenue_number |detects New Zealand inland revenue number|no|
+|Func_new_jersey_drivers_license_number|detects New Jersey driverΓÇÖs license number|no|
+|Func_new_mexico_drivers_license_number|detects New Mexico driverΓÇÖs license number|no|
+|Func_new_york_drivers_license_number|detects New York driverΓÇÖs license number|no|
+|Func_new_zealand_bank_account_number|detects New Zealand bank account number|no|
+|Func_new_zealand_inland_revenue_number|detects New Zealand inland revenue number|no|
|Func_new_zealand_ministry_of_health_number|detects New Zealand ministry of health number|no| |Func_newfoundland_labrador_drivers_license_number|detects Newfoundland Labrador driverΓÇÖs license number|no|
-|Func_newzealand_driver_license_number |detects New Zealand driver license number|no|
-|Func_newzealand_social_welfare_number |detects New Zealand social welfare number|no|
+|Func_newzealand_driver_license_number|detects New Zealand driver license number|no|
+|Func_newzealand_social_welfare_number|detects New Zealand social welfare number|no|
|Func_north_carolina_drivers_license_number|detects North Carolina driverΓÇÖs license number|no| |Func_north_dakota_drivers_license_number|detects North Dakota driverΓÇÖs license number|no|
-|Func_norway_id_number |detects Norway ID number|no|
+|Func_norway_id_number|detects Norway ID number|no|
|Func_nova_scotia_drivers_license_number|detects Nova Scotia driverΓÇÖs license number|no|
-|Func_ohio_drivers_license_number |detects Ohio driverΓÇÖs license number|no|
-|Func_ontario_drivers_license_number |detects Ontario driverΓÇÖs license number|no|
+|Func_ohio_drivers_license_number|detects Ohio driverΓÇÖs license number|no|
+|Func_ontario_drivers_license_number|detects Ontario driverΓÇÖs license number|no|
|Func_pennsylvania_drivers_license_number|detects Pennsylvania driverΓÇÖs license number|no|
-|Func_pesel_identification_number |detects Poland National ID (PESEL)|no|
-|Func_poland_eu_tax_file_number |detects Poland tax file number|no|
-|Func_polish_national_id |detects Poland identity card|no|
-|Func_polish_passport_number |detects Polish passport number|no|
-|Func_polish_regon_number |detects Polish REGON number|no|
+|Func_pesel_identification_number|detects Poland National ID (PESEL)|no|
+|Func_poland_eu_tax_file_number|detects Poland tax file number|no|
+|Func_polish_national_id|detects Poland identity card|no|
+|Func_polish_passport_number|detects Polish passport number|no|
+|Func_polish_regon_number|detects Polish REGON number|no|
|Func_portugal_eu_tax_file_number|detects Portugal Tax Identification Number|no| |Func_prince_edward_island_drivers_license_number|detects Prince Edward Island driverΓÇÖs license number|no|
-|Func_quebec_drivers_license_number |detects Quebec driverΓÇÖs license number|no|
-|Func_randomized_formatted_ssn |detects randomized formatted US SSN|yes|
+|Func_quebec_drivers_license_number|detects Quebec driverΓÇÖs license number|no|
+|Func_randomized_formatted_ssn|detects randomized formatted US SSN|yes|
|Func_randomized_unformatted_ssn|detects randomized unformatted US SSN|yes| |Func_rhode_island_drivers_license_number|detects Rhode Island driverΓÇÖs license number|no|
-|Func_romania_eu_national_id_card |detects Romania personal numeric code (CNP)|no|
+|Func_romania_eu_national_id_card|detects Romania personal numeric code (CNP)|no|
|Func_saskatchewan_drivers_license_number|detects Saskatchewan driverΓÇÖs license number|no|
-|Func_slovakia_eu_national_id_card |detects Slovakia personal number|no|
-|Func_slovenia_eu_national_id_card |detects Slovenia Unique Master Citizen Number|no|
-|Func_slovenia_eu_tax_file_number |detects Slovenia tax file number|no|
+|Func_slovakia_eu_national_id_card|detects Slovakia personal number|no|
+|Func_slovenia_eu_national_id_card|detects Slovenia Unique Master Citizen Number|no|
+|Func_slovenia_eu_tax_file_number|detects Slovenia tax file number|no|
|Func_south_africa_identification_number|detects South Africa identification number|yes| |Func_south_carolina_drivers_license_number|detects South Carolina driverΓÇÖs license number|no| |Func_south_dakota_drivers_license_number|detects South Dakota driverΓÇÖs license number|no|
-|Func_south_korea_resident_number |detects South Korea resident number|no|
-|Func_spain_eu_DL_and_NI_number_citizen |detects Spain DL and NI number citizen|no|
+|Func_south_korea_resident_number|detects South Korea resident number|no|
+|Func_spain_eu_DL_and_NI_number_citizen|detects Spain DL and NI number citizen|no|
|Func_spain_eu_DL_and_NI_number_foreigner|detects Spain DL and NI number foreigner|no|
-|Func_spain_eu_driver's_license_number |detects Spain driver's license number|no|
-|Func_spain_eu_tax_file_number |detects Spain tax file number|no|
+|Func_spain_eu_driver's_license_number|detects Spain driver's license number|no|
+|Func_spain_eu_tax_file_number|detects Spain tax file number|no|
|Func_spanish_social_security_number|detects Spanish social security number|no|
-|Func_ssn |Function to detect non-randomized formatted US SSN|yes|
+|Func_ssn|Function to detect non-randomized formatted US SSN|yes|
|Func_sweden_eu_tax_file_number|detects Sweden tax file number|no| |Func_swedish_national_identifier|detects Swedish national identifier|yes| |Func_swiss_social_security_number_ahv|detects Swiss social security number AHV|no|
-|Func_taiwanese_national_id |detects Taiwanese national ID|no|
+|Func_taiwanese_national_id|detects Taiwanese national ID|no|
|Func_tennessee_drivers_license_number|detects Tennessee driverΓÇÖs license number|no|
-|Func_texas_drivers_license_number |detects Texas driverΓÇÖs license number|no|
-|Func_Thai_Citizen_Id |detects Thai Citizen ID|no|
+|Func_texas_drivers_license_number|detects Texas driverΓÇÖs license number|no|
+|Func_Thai_Citizen_Id|detects Thai Citizen ID|no|
|Func_Turkish_National_Id|detects Turkish National ID|yes| |Func_uk_drivers_license|detects UK driverΓÇÖs license|no| |Func_uk_eu_tax_file_number|detects UK unique taxpayer number|no|
-|Func_uk_nhs_number |detects UK NHS number|yes|
-|Func_uk_nino |detects UK NINO|no|
+|Func_uk_nhs_number|detects UK NHS number|yes|
+|Func_uk_nino|detects UK NINO|no|
|Func_unformatted_canadian_sin|detects unformatted Canadian SIN|no|
-|Func_unformatted_itin |detects unformatted US ITIN|yes|
-|Func_unformatted_ssn |detects non-randomized unformatted US SSN|yes|
-|Func_usa_uk_passport |detects USA and UK passport|yes|
+|Func_unformatted_itin|detects unformatted US ITIN|yes|
+|Func_unformatted_ssn|detects non-randomized unformatted US SSN|yes|
+|Func_usa_uk_passport|detects USA and UK passport|yes|
|Func_utah_drivers_license_number|detects Utah driverΓÇÖs license number|no| |Func_vermont_drivers_license_number|detects Vermont driverΓÇÖs license number|no| |Func_virginia_drivers_license_number|detects Virginia driverΓÇÖs license number|no| |Func_washington_drivers_license_number|detects Washington driverΓÇÖs license number|no| |Func_west_virginia_drivers_license_number|detects West Virginia driverΓÇÖs license number|no|
-|Func_wisconsin_drivers_license_number |detects Wisconsin driverΓÇÖs license number|no|
-|Func_wyoming_drivers_license_number |detects Wyoming driverΓÇÖs license number|no|
-
+|Func_wisconsin_drivers_license_number|detects Wisconsin driverΓÇÖs license number|no|
+|Func_wyoming_drivers_license_number|detects Wyoming driverΓÇÖs license number|no|
+|
## Func_us_date
-Func_us_date looks for dates in common U.S. formats. The common formats are "month/day/year", "month-day-year", and "month day year ". The names or abbreviations of months aren't case-sensitive.
-
+Func_us_date looks for dates in common U.S. formats. The common formats are "month/day/year", "month-day-year", and "month day year ". The names or abbreviations of months aren't case-sensitive.
+ Examples:
-
+ - December 2, 2016
-
- Dec 2, 2016
-
- dec 02 2016
-
- 12/2/2016
-
- 12/02/16
-
- Dec-2-2016
-
- 12-2-16
-
+ Accepted month names:
-
+ - English
-
- January, February, march, April, may, June, July, August, September, October, November, December
-
- Jan. Feb. Mar. Apr. May June July Aug. Sept. Oct. Nov. Dec.
-
+ ## Func_eu_date Fund_eu_dates looks for dates in common E.U. formats (and most places outside the U.S.), such as "day/month/year", "day-month-year", and "day month year". The names or abbreviations of months aren't case-sensitive.
-
+ Examples:
-
+ - 2 Dec 2016
-
- 02 dec 2016
-
- 2 Dec 16
-
- 2/12/2016
-
- 02/12/16
-
- 2-Dec-2016
-
- 2-12-16
-
+ Accepted month names:
-
+ - English
-
- January, February, march, April, may, June, July, August, September, October, November, December
-
- Jan. Feb. Mar. Apr. May June July Aug. Sept. Oct. Nov. Dec.
-
- Dutch
-
- januari, februari, maart, April, mei, juni, juli, augustus, September, ocktober, October, November, December
-
- jan feb maart apr mei jun jul aug sep sept oct okt nov dec
-
- French
-
- janvier, février, mars, avril, mai, juin juillet, août, septembre, octobre, novembre, décembre
-
- janv. févr. mars avril mai juin juil. août sept. oct. nov. déc.
-
- German
-
- jänuar, februar, märz, April, mai, juni juli, August, September, oktober, November, dezember
-
- Jan./Jän. Feb. März Apr. Mai Juni Juli Aug. Sept. Okt. Nov. Dez.
-
- Italian
-
- gennaio, febbraio, marzo, aprile, maggio, giugno, luglio, agosto, settembre, ottobre, novembre, dicembre
-
- genn. febbr. mar. apr. magg. giugno luglio ag. sett. ott. nov. dic.
-
- Portuguese
-
- janeiro, fevereiro, março, marco, abril, maio, junho, julho, agosto, setembro, outubro, novembro, dezembro
-
- jan fev mar abr mai jun jul ago set out nov dez
-
- Spanish
-
- enero, febrero, marzo, abril, mayo, junio, julio, agosto, septiembre, octubre, noviembre, diciembre
-
- enero feb. marzo abr. mayo jun. jul. agosto sept./set. oct. nov. dic.
-
+ ## Func_eu_date1 (deprecated) > [!NOTE]
-> This function is deprecated because it supports only Portuguese month names, which are now included in the `Func_eu_date` function above.
-
+> This function is deprecated because it supports only Portuguese month names, which are now included in the `Func_eu_date` function above.
+ This function looks for a date in the format commonly used in Portuguese. The format for this function is the same as `Func_eu_date`, differing only in the language used.
-
+ Examples:
-
+ - 2 Dez 2016
-
- 02 dez 2016
-
- 2 Dez 16
-
- 2/12/2016
-
- 02/12/16
-
- 2-Dez-2016
-
- 2-12-16
-
+ Accepted month names:
-
+ - Portuguese
-
- janeiro, fevereiro, março, marco, abril, maio, junho, julho, agosto, setembro, outubro, novembro, dezembro
-
- jan fev mar abr mai jun jul ago set out nov dez
-
+ ## Func_eu_date2 (deprecated) > [!NOTE]
-> This function is deprecated because it supports only Dutch month names, which are now included in the `Func_eu_date` function above.
-
+> This function is deprecated because it supports only Dutch month names, which are now included in the `Func_eu_date` function above.
+ This function looks for a date in the format commonly used in Dutch. The format for this function is the same as `Func_eu_date`, differing only in the language used.
-
+ Examples:
-
+ - 2 Mei 2016
-
- 02 mei 2016
-
- 2 Mei 16
-
- 2/12/2016
-
- 02/12/16
-
- 2-Mei-2016
-
- 2-12-16
-
+ Accepted month names:
-
+ - Dutch
-
- januari, februari, maart, April, mei, juni, juli, augustus, September, ocktober, October, November, December
-
- jan feb maart apr mei jun jul aug sep sept out okt nov dec
-
+ ## Func_expiration_date Func_expiration_date looks for dates that are in formats commonly used by credit and debit cards. This function will match dates in format of "month/year", "month-year", "[month name] year", and "[month abbreviation] year". The names or abbreviations of months aren't case-sensitive.
-
+ Examples:
-
+ - MM/YY -- for example, 01/11 or 1/11
-
- MM/YYYY -- for example, 01/2011 or 1/2011
-
- MM-YY -- for example, 01-22 or 1-11
-
- MM-YYYY -- for example, 01-2000 or 1-2000
-
+ The following formats support YY or YYYY:
-
+ - Month-YYYY -- for example Jan-2010 or january-2010 or Jan-10 or january-10
-
- Month YYYY -- for example, 'january 2010' or 'Jan 2010' or 'january 10' or 'Jan 10'
-
- MonthYYYY -- for example, 'january2010' or 'Jan2010' or 'january10' or 'Jan10'
-
- Month/YYYY -- for example, 'january/2010' or 'Jan/2010' or 'january/10' or 'Jan/10'
-
+ Accepted month names:
-
+ - English
-
- January, February, march, April, may, June, July, August, September, October, November, December
-
- Jan Feb Mar Apr May June July Aug Sept Oct Nov Dec
-
+ ## Func_us_address Func_us_address looks for a U.S. state name or postal abbreviation followed by a valid zip code. The zip code must be one of the correct zip codes associated with the U.S. state name or abbreviation. The U.S. state name and zip code cannot be separated by punctuation or letters.
-
+ Examples:
-
+ - Washington 98052
-
- Washington 98052-9998
-
- WA 98052
-
- WA 98052-9998
compliance Whats New https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md
The following insider risk management feature updates were released for public p
- Updated domain support in policies (REGEX) - Policy template enhancements and improvements
-The following topics were updated or added to support these new features:ΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇïΓÇï
+The following topics were updated or added to support these new features:
- [Learn about insider risk management](/microsoft-365/compliance/insider-risk-management) - [Plan for insider risk management](/microsoft-365/compliance/insider-risk-management-plan)
Content was added or updated in the following topics:
- [Customer-managed encryption features](/microsoft-365/compliance/office-365-customer-managed-encryption-features) - [Exchange Online mail encryption with AD RMS](/microsoft-365/compliance/information-rights-management-in-exchange-online). Support for this service has been deprecated. You can no longer use AD RMS in an Exchange hybrid environment. Instead, migrate to Azure RMS.
-ΓÇïΓÇïΓÇïΓÇï
+ #### Customer Key - [Customer Key for Microsoft 365 at the tenant level](/microsoft-365/compliance/customer-key-tenant-level)
contentunderstanding Adoption Getstarted https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/adoption-getstarted.md
audience: admin
ms.prod: microsoft-365-enterprise
- - enabler-strategic
- - m365initiative-syntex
+- enabler-strategic
+- m365initiative-syntex
search.appverid: localization_priority: Normal
To get ready for implementing SharePoint Syntex, you need to:
- Compliance - Automation 2. Identify
- - Understand existing information architecture and content management feature useΓÇï.
- - Are any existing content types good candidates for modelsΓÇï?
- - What existing processes would be improved by metadataΓÇï?
+ - Understand existing information architecture and content management feature use.
+ - Are any existing content types good candidates for models?
+ - What existing processes would be improved by metadata?
3. Design
- - Design your approach to information architecture, managed metadata and content typesΓÇï
- - Design the process for definition, creation, managementΓÇï.
+ - Design your approach to information architecture, managed metadata and content types.
+ - Design the process for definition, creation, management.
## Engage your organization
To get ready for implementing SharePoint Syntex, you need to:
## See also
-[Scenarios and use cases for SharePoint Syntex](adoption-scenarios.md)
+[Scenarios and use cases for SharePoint Syntex](adoption-scenarios.md)
contentunderstanding Import Term Set Skos https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/import-term-set-skos.md
search.appverid:
localization_priority: Priority + # Import a term set using a SKOS-based format You can import a term set using a SKOS-based format. For details about the format, see [SharePoint taxonomy SKOS format reference](skos-format-reference.md). This feature requires a [SharePoint Syntex](index.md) license.
We recommend keeping your import files to less than 20,000 terms. Larger files c
2. Select the term group where you want to import the term set. 3. In the command bar, click **Import term set**.
-
-4. If you want to download a sample file to use as a template, click **sample-metadata.ttl** to get a sample file that uses the SKOS-based format.
-
-5. Create the import file that contains the term sets & terms you wish to import.
-6. Under **File format**, select **SKOS (*.ttl)**.
+4. If you want to download a sample file to use as a template, click **sample-metadata.ttl** to get a sample file that uses the SKOS-based format.
+
+5. Create the import file that contains the term sets & terms you wish to import.
+
+6. Under **File format**, select **SKOS (*.ttl)**.
-7. Click **Browse** and navigate to and add your import file.
+7. Click **Browse** and navigate to and add your import file.
-8. Click **Import**. Do not close the panel until the import completes.
+8. Click **Import**. Do not close the panel until the import completes.
On successful import of the file, a success message will be displayed, and the term store will refresh and you can navigate to the newly created term sets.
On successful import of the file, a success message will be displayed, and the t
[Document understanding overview](document-understanding-overview.md)
-[Import term sets (site level)](https://support.microsoft.com/office/168fbc86-7fce-4288-9a1f-b83fc3921c18)
+[Import term sets (site level)](https://support.microsoft.com/office/168fbc86-7fce-4288-9a1f-b83fc3921c18)
contentunderstanding Rest Applymodel Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-applymodel-method.md
None
|Publications|yes|MachineLearningPublicationEntityData[]|The collection of MachineLearningPublicationEntityData each of which specifies the model and target document library.| ### MachineLearningPublicationEntityData+ | Name | Required | Type | Description | |--|-|--|| |ModelUniqueId|yes|string|The unique ID of the model file.|
None
|201 Created||This is a customized API to support applying a model to multi document libraries. In the case of partial success, 201 created could still be returned and the caller needs to inspect the response body to understand if the model has been successfully applied to a document library.| ## Response Body+ | Name | Type | Description| |--|-|| |TotalSuccesses|int|The total number of a model being successfully applied to a document library.|
None
|Details|MachineLearningPublicationResult[]|The collection of MachineLearningPublicationResult each of which specifies the detailed result of applying the model to the document library.| ### MachineLearningPublicationResult+ | Name | Type | Description| |--|-|| |StatusCode|int|The HTTP status code.|
None
|Publication|MachineLearningPublicationEntityData|It specifies the model info and the target document library.| ### MachineLearningPublicationEntityData+ | Name | Type | Description | |--|--|| |ModelUniqueId|string|The unique ID of the model file.|
In this sample, the ID of the Contoso Contract document understanding model is `
```HTTP {
- "__metadata": {
- "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningPublicationsEntityData"
- },
- "Publications": {
- "results": [
- {
- "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
- "TargetWebServerRelativeUrl": "/sites/repository",
- "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
- "ViewOption": "NewViewAsDefault"
- }
- ]
- }
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningPublicationsEntityData"
+ },
+ "Publications": {
+ "results": [
+ {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ }
+ ]
+ }
} ```
In the response, TotalFailures and TotalSuccesses refers to the number of failur
```JSON {
- "Details": [
- {
- "ErrorMessage": null,
- "Publication": {
- "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
- "TargetWebServerRelativeUrl": "/sites/repository",
- "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
- "ViewOption": "NewViewAsDefault"
- },
- "StatusCode": 201
- }
- ],
- "TotalFailures": 0,
- "TotalSuccesses": 1
+ "Details": [
+ {
+ "ErrorMessage": null,
+ "Publication": {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ },
+ "StatusCode": 201
+ }
+ ],
+ "TotalFailures": 0,
+ "TotalSuccesses": 1
} ```
contentunderstanding Rest Batchdelete Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-batchdelete-method.md
None
|Publications|yes|MachineLearningPublicationEntityData[]|The collection of MachineLearningPublicationEntityData each of which specifies the model and target document library.| ### MachineLearningPublicationEntityData+ | Name | Required | Type | Description | |--|-|--|| |ModelUniqueId|yes|string|The unique ID of the model file.|
None
|200 OK||This is a customized API to support removing a model from multi document libraries. In the case of partial success, 200 OK could still be returned and the caller needs to inspect the response body to understand if the model has been successfully removed from a document library.| ## Response Body+ | Name | Type | Description| |--|-|| |TotalSuccesses|int|The total number of a model being successfully removed from a document library.|
None
|Details|MachineLearningPublicationResult[]|The collection of MachineLearningPublicationResult each of which specifies the detailed result of removing the model from a document library.| ### MachineLearningPublicationResult+ | Name | Type | Description| |--|-|| |StatusCode|int|The HTTP status code.|
None
|Publication|MachineLearningPublicationEntityData|It specifies the model info and the target document library.| ### MachineLearningPublicationEntityData+ | Name | Type | Description | |--|--|| |ModelUniqueId|string|The unique ID of the model file.|
In this sample, the ID of the Contoso Contract document understanding model is `
```HTTP {
- "publications": [
- {
- "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "TargetSiteUrl": "https://constco.sharepoint-df.com/sites/docsite",
- "TargetWebServerRelativeUrl": "/sites/docsite ",
- "TargetLibraryServerRelativeUrl": "/sites/dcocsite/joedcos"
- }
- ]
+ "publications": [
+ {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://constco.sharepoint-df.com/sites/docsite",
+ "TargetWebServerRelativeUrl": "/sites/docsite ",
+ "TargetLibraryServerRelativeUrl": "/sites/dcocsite/joedcos"
+ }
+ ]
} ``` - #### Sample response In the response, TotalFailures and TotalSuccesses refer to the number of failures and successes of the model being removed from the specified libraries.
In the response, TotalFailures and TotalSuccesses refer to the number of failure
```JSON {
- "Details": [
- {
- "ErrorMessage": null,
- "Publication": {
- "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
- "TargetWebServerRelativeUrl": "/sites/repository",
- "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
- "ViewOption": "NewViewAsDefault"
- },
- "StatusCode": 200
- }
- ],
- "TotalFailures": 0,
- "TotalSuccesses": 1
+ "Details": [
+ {
+ "ErrorMessage": null,
+ "Publication": {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ },
+ "StatusCode": 200
+ }
+ ],
+ "TotalFailures": 0,
+ "TotalSuccesses": 1
} ```
contentunderstanding Rest Createclassificationrequest https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-createclassificationrequest.md
The SharePoint Online (and SharePoint 2016 and later on-premises) REST service s
## HTTP request
-```
+```http
POST /_api/machinelearning/workItems HTTP/1.1 ``` ## URI Parameters
None
#### Sample request
-```
+```JSON
{
- "__metadata": {
- "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningWorkItemEntityData"
- },
- "TargetSiteId": "f686e63b-aba7-48e5-97c7-68c4c1df292f",
- "TargetWebId": "66d6b64d-6f88-4dd9-b3db-47e6f00c53e8",
- "TargetUniqueId": "e6cff8b7-c90c-4564-b5b8-033449090932"
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningWorkItemEntityData"
+ },
+ "TargetSiteId": "f686e63b-aba7-48e5-97c7-68c4c1df292f",
+ "TargetWebId": "66d6b64d-6f88-4dd9-b3db-47e6f00c53e8",
+ "TargetUniqueId": "e6cff8b7-c90c-4564-b5b8-033449090932"
} ```
contentunderstanding Rest Createmodel Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-createmodel-method.md
Creates a model and its associated content type. Note that this only creates the
## HTTP request
-```
+```http
POST /_api/machinelearning/models HTTP/1.1 ``` ## URI Parameters
None
#### Sample request
-```
+```json
{
- "__metadata": {
- "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningModelEntityData"
- },
- "ContentTypeGroup": "Intelligent Document Content Types",
- "ContentTypeName": "Contoso Contract"
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningModelEntityData"
+ },
+ "ContentTypeGroup": "Intelligent Document Content Types",
+ "ContentTypeName": "Contoso Contract"
} ```
contentunderstanding Rest Getbytitle Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-getbytitle-method.md
GET /_api/machinelearning/models/getbytitle('Contoso Contract') HTTP/1.1
```HTTP {
- "@odata.context": "https://contoso.sharepoint.com/sites/filerepository/_api/$metadata#models/$entity",
- "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningModel",
- "@odata.id": "https://contoso.sharepoint.com/sites/filerepository/_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,111\"",
- "@odata.editLink": " https://contoso.sharepoint.com/sites/filerepository /_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "ConfidenceScore": "{\"trainingStatus\":{\"kind\":\"original\",\"ClassifierStatus\":{\"TrainingStatus\":\"success\",\"TimeStamp\":1611716640535},\"ExtractorsStatus\":[{\"TimeStamp\":1585175746775,\"ExtractorName\":\"Contract Name\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586905975794,\"ExtractorName\":\"Client \",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586906061099,\"ExtractorName\":\"Contract Date\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586907912388,\"ExtractorName\":\"Fee\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1611716640115,\"ExtractorName\":\"ServiceType\",\"TrainingStatus\":\"success\"}]},\"modelAccuracy\":{\"Classifier\":1,\"Extractors\":{\"Contract Name\":1,\"Client \":1,\"Contract Date\":1,\"Fee\":1,\"ServiceType\":1}},\"perSampleAccuracy\":{\"133\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"249\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"252\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"253\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"254\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"255\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"256\":{\"Extractors\":{\"ServiceType\":1}},\"257\":{\"Extractors\":{\"ServiceType\":1}}},\"perSamplePrediction\":{\"133\":{\"Extractors\":{\"ServiceType\":[]}},\"249\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"252\":{\"Extractors\":{\"ServiceType\":[\"Catering\"]}},\"253\":{\"Extractors\":{\"ServiceType\":[\"Design\"]}},\"254\":{\"Extractors\":{\"ServiceType\":[\"Marketing\"]}},\"255\":{\"Extractors\":{\"ServiceType\":[\"Financial Planning\"]}},\"256\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"257\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}}},\"trainingFailures\":{}}",
- "ContentTypeGroup": "Intelligent Document Content Types",
- "ContentTypeId": "0x01010083DF84D4F59BBD4CB06F075AA81F58AA",
- "ContentTypeName": "Contoso Contract",
- "Created": "2020-03-25T22:04:04Z",
- "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
- "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-h2NuHxlYUiTJyiwKQHZobK",
- "Explanations": "{\"Classifier\":[{\"id\":\"8122ac1d-8fcb-4705-8872-2825cbf05bfe\",\"kind\":\"dictionaryFeature\",\"name\":\"agreement\",\"active\":true,\"nGrams\":[\"CONSULTING AGREEMENT\",\"SERVICES AGREEMENT\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"af83bea8-bc53-4e93-a3da-f1e697eb6bef\",\"kind\":\"modelFeature\",\"name\":\"Contract Name\",\"active\":true,\"modelReference\":\"Contract Name\",\"conceptId\":\"841d0dcf-7f1d-4a39-931c-53923d10c346\"},{\"id\":\"e3734994-9e34-40e3-82c7-bb6c7bc5a0c3\",\"kind\":\"modelFeature\",\"name\":\"Client \",\"active\":true,\"modelReference\":\"Client \",\"conceptId\":\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\"},{\"id\":\"7c93e7fe-cbfb-47ee-8cca-46ecdf5f628f\",\"kind\":\"modelFeature\",\"name\":\"Contract Date\",\"active\":true,\"modelReference\":\"Contract Date\",\"conceptId\":\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\"},{\"id\":\"5cc85b62-148a-4b07-9155-d9fb7cebb6d0\",\"kind\":\"modelFeature\",\"name\":\"Fee\",\"active\":true,\"modelReference\":\"Fee\",\"conceptId\":\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\"},{\"id\":\"0f8a23a6-c744-4cae-82bd-d836332ceb56\",\"kind\":\"modelFeature\",\"name\":\"ServiceType\",\"active\":true,\"modelReference\":\"ServiceType\",\"conceptId\":\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\"}],\"Extractors\":{\"Contract Name\":[{\"id\":\"8804fbeb-bcf8-44c0-8ade-3fc65496037f\",\"kind\":\"dictionaryFeature\",\"name\":\"before\",\"active\":true,\"nGrams\":[\"- AND -\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Client \":[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"dictionaryFeature\",\"name\":\"start\",\"active\":true,\"nGrams\":[\"BETWEEN:\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"dictionaryFeature\",\"name\":\"after\",\"active\":true,\"nGrams\":[\"of\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"bccefd2e-88a4-406c-aa9d-81d508bbafb3\",\"kind\":\"proximityFeature\",\"name\":\"prox\",\"active\":true,\"patterns\":[[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"proximityFeatureReference\"},{\"kind\":\"proximityTokenRange\",\"minCount\":1,\"maxCount\":6},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"proximityFeatureReference\"}]]}],\"Contract Date\":[{\"id\":\"fabe1ed3-07af-4dc6-852d-fe9521c64801\",\"kind\":\"dictionaryFeature\",\"name\":\"dated\",\"active\":true,\"nGrams\":[\"dated\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"983da7b8-51d7-4a85-9644-007b488fce0b\",\"kind\":\"dictionaryFeature\",\"name\":\"betw\",\"active\":true,\"nGrams\":[\"between\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Fee\":[{\"id\":\"f4cf89dc-64d1-49a1-9be4-41debda251b6\",\"kind\":\"dictionaryFeature\",\"name\":\"flat fee of \",\"active\":true,\"nGrams\":[\"flat fee of $\",\"flat fee of $$\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"ServiceType\":[{\"id\":\"c04408f5-ce14-4eb0-81d0-f72ea9fa7e83\",\"kind\":\"dictionaryFeature\",\"name\":\"Before label\",\"active\":true,\"nGrams\":[\"will provide \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"ea94fa7f-e41b-4e09-a484-355912bfbdff\",\"kind\":\"dictionaryFeature\",\"name\":\"After label\",\"active\":true,\"nGrams\":[\"services for \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}]}}",
- "ID": 16,
- "LastTrained": "2021-01-27T03:04:00Z",
- "ListID": "f1e13676-8595-4c22-9ca2-c0a4076686ca",
- "ModelSettings": null,
- "ModelType": 2,
- "Modified": "2021-01-27T03:05:04Z",
- "ModifiedBy": "i:0#.f|membership|kevinche@contoso.com",
- "ObjectId": "01ZBWEM5E54ZCXN6ZBERFKC6U336T4WY64",
- "PublicationType": 0,
- "Schemas": "{\"Extractors\":{\"Contract Name\":{\"concepts\":{\"841d0dcf-7f1d-4a39-931c-53923d10c346\":{\"name\":\"Contract Name\"}},\"relationships\":[]},\"Client \":{\"concepts\":{\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\":{\"name\":\"Client \"}},\"relationships\":[]},\"Contract Date\":{\"concepts\":{\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\":{\"name\":\"Contract Date\"}},\"relationships\":[]},\"Fee\":{\"concepts\":{\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\":{\"name\":\"Fee\"}},\"relationships\":[]},\"ServiceType\":{\"concepts\":{\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\":{\"name\":\"ServiceType\",\"termSetId\":\"76c12efb-5173-4982-ae9b-5f9e37187171\"}},\"relationships\":[]}}}",
- "SourceUrl": null,
- "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc"
+ "@odata.context": "https://contoso.sharepoint.com/sites/filerepository/_api/$metadata#models/$entity",
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningModel",
+ "@odata.id": "https://contoso.sharepoint.com/sites/filerepository/_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,111\"",
+ "@odata.editLink": " https://contoso.sharepoint.com/sites/filerepository /_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "ConfidenceScore": "{\"trainingStatus\":{\"kind\":\"original\",\"ClassifierStatus\":{\"TrainingStatus\":\"success\",\"TimeStamp\":1611716640535},\"ExtractorsStatus\":[{\"TimeStamp\":1585175746775,\"ExtractorName\":\"Contract Name\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586905975794,\"ExtractorName\":\"Client \",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586906061099,\"ExtractorName\":\"Contract Date\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586907912388,\"ExtractorName\":\"Fee\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1611716640115,\"ExtractorName\":\"ServiceType\",\"TrainingStatus\":\"success\"}]},\"modelAccuracy\":{\"Classifier\":1,\"Extractors\":{\"Contract Name\":1,\"Client \":1,\"Contract Date\":1,\"Fee\":1,\"ServiceType\":1}},\"perSampleAccuracy\":{\"133\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"249\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"252\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"253\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"254\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"255\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"256\":{\"Extractors\":{\"ServiceType\":1}},\"257\":{\"Extractors\":{\"ServiceType\":1}}},\"perSamplePrediction\":{\"133\":{\"Extractors\":{\"ServiceType\":[]}},\"249\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"252\":{\"Extractors\":{\"ServiceType\":[\"Catering\"]}},\"253\":{\"Extractors\":{\"ServiceType\":[\"Design\"]}},\"254\":{\"Extractors\":{\"ServiceType\":[\"Marketing\"]}},\"255\":{\"Extractors\":{\"ServiceType\":[\"Financial Planning\"]}},\"256\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"257\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}}},\"trainingFailures\":{}}",
+ "ContentTypeGroup": "Intelligent Document Content Types",
+ "ContentTypeId": "0x01010083DF84D4F59BBD4CB06F075AA81F58AA",
+ "ContentTypeName": "Contoso Contract",
+ "Created": "2020-03-25T22:04:04Z",
+ "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-h2NuHxlYUiTJyiwKQHZobK",
+ "Explanations": "{\"Classifier\":[{\"id\":\"8122ac1d-8fcb-4705-8872-2825cbf05bfe\",\"kind\":\"dictionaryFeature\",\"name\":\"agreement\",\"active\":true,\"nGrams\":[\"CONSULTING AGREEMENT\",\"SERVICES AGREEMENT\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"af83bea8-bc53-4e93-a3da-f1e697eb6bef\",\"kind\":\"modelFeature\",\"name\":\"Contract Name\",\"active\":true,\"modelReference\":\"Contract Name\",\"conceptId\":\"841d0dcf-7f1d-4a39-931c-53923d10c346\"},{\"id\":\"e3734994-9e34-40e3-82c7-bb6c7bc5a0c3\",\"kind\":\"modelFeature\",\"name\":\"Client \",\"active\":true,\"modelReference\":\"Client \",\"conceptId\":\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\"},{\"id\":\"7c93e7fe-cbfb-47ee-8cca-46ecdf5f628f\",\"kind\":\"modelFeature\",\"name\":\"Contract Date\",\"active\":true,\"modelReference\":\"Contract Date\",\"conceptId\":\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\"},{\"id\":\"5cc85b62-148a-4b07-9155-d9fb7cebb6d0\",\"kind\":\"modelFeature\",\"name\":\"Fee\",\"active\":true,\"modelReference\":\"Fee\",\"conceptId\":\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\"},{\"id\":\"0f8a23a6-c744-4cae-82bd-d836332ceb56\",\"kind\":\"modelFeature\",\"name\":\"ServiceType\",\"active\":true,\"modelReference\":\"ServiceType\",\"conceptId\":\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\"}],\"Extractors\":{\"Contract Name\":[{\"id\":\"8804fbeb-bcf8-44c0-8ade-3fc65496037f\",\"kind\":\"dictionaryFeature\",\"name\":\"before\",\"active\":true,\"nGrams\":[\"- AND -\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Client \":[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"dictionaryFeature\",\"name\":\"start\",\"active\":true,\"nGrams\":[\"BETWEEN:\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"dictionaryFeature\",\"name\":\"after\",\"active\":true,\"nGrams\":[\"of\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"bccefd2e-88a4-406c-aa9d-81d508bbafb3\",\"kind\":\"proximityFeature\",\"name\":\"prox\",\"active\":true,\"patterns\":[[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"proximityFeatureReference\"},{\"kind\":\"proximityTokenRange\",\"minCount\":1,\"maxCount\":6},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"proximityFeatureReference\"}]]}],\"Contract Date\":[{\"id\":\"fabe1ed3-07af-4dc6-852d-fe9521c64801\",\"kind\":\"dictionaryFeature\",\"name\":\"dated\",\"active\":true,\"nGrams\":[\"dated\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"983da7b8-51d7-4a85-9644-007b488fce0b\",\"kind\":\"dictionaryFeature\",\"name\":\"betw\",\"active\":true,\"nGrams\":[\"between\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Fee\":[{\"id\":\"f4cf89dc-64d1-49a1-9be4-41debda251b6\",\"kind\":\"dictionaryFeature\",\"name\":\"flat fee of \",\"active\":true,\"nGrams\":[\"flat fee of $\",\"flat fee of $$\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"ServiceType\":[{\"id\":\"c04408f5-ce14-4eb0-81d0-f72ea9fa7e83\",\"kind\":\"dictionaryFeature\",\"name\":\"Before label\",\"active\":true,\"nGrams\":[\"will provide \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"ea94fa7f-e41b-4e09-a484-355912bfbdff\",\"kind\":\"dictionaryFeature\",\"name\":\"After label\",\"active\":true,\"nGrams\":[\"services for \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}]}}",
+ "ID": 16,
+ "LastTrained": "2021-01-27T03:04:00Z",
+ "ListID": "f1e13676-8595-4c22-9ca2-c0a4076686ca",
+ "ModelSettings": null,
+ "ModelType": 2,
+ "Modified": "2021-01-27T03:05:04Z",
+ "ModifiedBy": "i:0#.f|membership|kevinche@contoso.com",
+ "ObjectId": "01ZBWEM5E54ZCXN6ZBERFKC6U336T4WY64",
+ "PublicationType": 0,
+ "Schemas": "{\"Extractors\":{\"Contract Name\":{\"concepts\":{\"841d0dcf-7f1d-4a39-931c-53923d10c346\":{\"name\":\"Contract Name\"}},\"relationships\":[]},\"Client \":{\"concepts\":{\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\":{\"name\":\"Client \"}},\"relationships\":[]},\"Contract Date\":{\"concepts\":{\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\":{\"name\":\"Contract Date\"}},\"relationships\":[]},\"Fee\":{\"concepts\":{\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\":{\"name\":\"Fee\"}},\"relationships\":[]},\"ServiceType\":{\"concepts\":{\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\":{\"name\":\"ServiceType\",\"termSetId\":\"76c12efb-5173-4982-ae9b-5f9e37187171\"}},\"relationships\":[]}}}",
+ "SourceUrl": null,
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc"
} ```
contentunderstanding Rest Getbyuniqueid Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-getbyuniqueid-method.md
GET /_api/machinelearning/models/getbyuniqueid('7645e69d-21fb-4a24-a17a-9bdfa7cb
```HTTP {
- "@odata.context": "https://contoso.sharepoint.com/sites/filerepository/_api/$metadata#models/$entity",
- "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningModel",
- "@odata.id": "https://contoso.sharepoint.com/sites/filerepository/_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,111\"",
- "@odata.editLink": " https://contoso.sharepoint.com/sites/filerepository /_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "ConfidenceScore": "{\"trainingStatus\":{\"kind\":\"original\",\"ClassifierStatus\":{\"TrainingStatus\":\"success\",\"TimeStamp\":1611716640535},\"ExtractorsStatus\":[{\"TimeStamp\":1585175746775,\"ExtractorName\":\"Contract Name\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586905975794,\"ExtractorName\":\"Client \",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586906061099,\"ExtractorName\":\"Contract Date\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586907912388,\"ExtractorName\":\"Fee\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1611716640115,\"ExtractorName\":\"ServiceType\",\"TrainingStatus\":\"success\"}]},\"modelAccuracy\":{\"Classifier\":1,\"Extractors\":{\"Contract Name\":1,\"Client \":1,\"Contract Date\":1,\"Fee\":1,\"ServiceType\":1}},\"perSampleAccuracy\":{\"133\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"249\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"252\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"253\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"254\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"255\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"256\":{\"Extractors\":{\"ServiceType\":1}},\"257\":{\"Extractors\":{\"ServiceType\":1}}},\"perSamplePrediction\":{\"133\":{\"Extractors\":{\"ServiceType\":[]}},\"249\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"252\":{\"Extractors\":{\"ServiceType\":[\"Catering\"]}},\"253\":{\"Extractors\":{\"ServiceType\":[\"Design\"]}},\"254\":{\"Extractors\":{\"ServiceType\":[\"Marketing\"]}},\"255\":{\"Extractors\":{\"ServiceType\":[\"Financial Planning\"]}},\"256\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"257\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}}},\"trainingFailures\":{}}",
- "ContentTypeGroup": "Intelligent Document Content Types",
- "ContentTypeId": "0x01010083DF84D4F59BBD4CB06F075AA81F58AA",
- "ContentTypeName": "Contoso Contract",
- "Created": "2020-03-25T22:04:04Z",
- "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
- "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-h2NuHxlYUiTJyiwKQHZobK",
- "Explanations": "{\"Classifier\":[{\"id\":\"8122ac1d-8fcb-4705-8872-2825cbf05bfe\",\"kind\":\"dictionaryFeature\",\"name\":\"agreement\",\"active\":true,\"nGrams\":[\"CONSULTING AGREEMENT\",\"SERVICES AGREEMENT\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"af83bea8-bc53-4e93-a3da-f1e697eb6bef\",\"kind\":\"modelFeature\",\"name\":\"Contract Name\",\"active\":true,\"modelReference\":\"Contract Name\",\"conceptId\":\"841d0dcf-7f1d-4a39-931c-53923d10c346\"},{\"id\":\"e3734994-9e34-40e3-82c7-bb6c7bc5a0c3\",\"kind\":\"modelFeature\",\"name\":\"Client \",\"active\":true,\"modelReference\":\"Client \",\"conceptId\":\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\"},{\"id\":\"7c93e7fe-cbfb-47ee-8cca-46ecdf5f628f\",\"kind\":\"modelFeature\",\"name\":\"Contract Date\",\"active\":true,\"modelReference\":\"Contract Date\",\"conceptId\":\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\"},{\"id\":\"5cc85b62-148a-4b07-9155-d9fb7cebb6d0\",\"kind\":\"modelFeature\",\"name\":\"Fee\",\"active\":true,\"modelReference\":\"Fee\",\"conceptId\":\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\"},{\"id\":\"0f8a23a6-c744-4cae-82bd-d836332ceb56\",\"kind\":\"modelFeature\",\"name\":\"ServiceType\",\"active\":true,\"modelReference\":\"ServiceType\",\"conceptId\":\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\"}],\"Extractors\":{\"Contract Name\":[{\"id\":\"8804fbeb-bcf8-44c0-8ade-3fc65496037f\",\"kind\":\"dictionaryFeature\",\"name\":\"before\",\"active\":true,\"nGrams\":[\"- AND -\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Client \":[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"dictionaryFeature\",\"name\":\"start\",\"active\":true,\"nGrams\":[\"BETWEEN:\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"dictionaryFeature\",\"name\":\"after\",\"active\":true,\"nGrams\":[\"of\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"bccefd2e-88a4-406c-aa9d-81d508bbafb3\",\"kind\":\"proximityFeature\",\"name\":\"prox\",\"active\":true,\"patterns\":[[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"proximityFeatureReference\"},{\"kind\":\"proximityTokenRange\",\"minCount\":1,\"maxCount\":6},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"proximityFeatureReference\"}]]}],\"Contract Date\":[{\"id\":\"fabe1ed3-07af-4dc6-852d-fe9521c64801\",\"kind\":\"dictionaryFeature\",\"name\":\"dated\",\"active\":true,\"nGrams\":[\"dated\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"983da7b8-51d7-4a85-9644-007b488fce0b\",\"kind\":\"dictionaryFeature\",\"name\":\"betw\",\"active\":true,\"nGrams\":[\"between\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Fee\":[{\"id\":\"f4cf89dc-64d1-49a1-9be4-41debda251b6\",\"kind\":\"dictionaryFeature\",\"name\":\"flat fee of \",\"active\":true,\"nGrams\":[\"flat fee of $\",\"flat fee of $$\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"ServiceType\":[{\"id\":\"c04408f5-ce14-4eb0-81d0-f72ea9fa7e83\",\"kind\":\"dictionaryFeature\",\"name\":\"Before label\",\"active\":true,\"nGrams\":[\"will provide \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"ea94fa7f-e41b-4e09-a484-355912bfbdff\",\"kind\":\"dictionaryFeature\",\"name\":\"After label\",\"active\":true,\"nGrams\":[\"services for \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}]}}",
- "ID": 16,
- "LastTrained": "2021-01-27T03:04:00Z",
- "ListID": "f1e13676-8595-4c22-9ca2-c0a4076686ca",
- "ModelSettings": null,
- "ModelType": 2,
- "Modified": "2021-01-27T03:05:04Z",
- "ModifiedBy": "i:0#.f|membership|kevinche@contoso.com",
- "ObjectId": "01ZBWEM5E54ZCXN6ZBERFKC6U336T4WY64",
- "PublicationType": 0,
- "Schemas": "{\"Extractors\":{\"Contract Name\":{\"concepts\":{\"841d0dcf-7f1d-4a39-931c-53923d10c346\":{\"name\":\"Contract Name\"}},\"relationships\":[]},\"Client \":{\"concepts\":{\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\":{\"name\":\"Client \"}},\"relationships\":[]},\"Contract Date\":{\"concepts\":{\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\":{\"name\":\"Contract Date\"}},\"relationships\":[]},\"Fee\":{\"concepts\":{\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\":{\"name\":\"Fee\"}},\"relationships\":[]},\"ServiceType\":{\"concepts\":{\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\":{\"name\":\"ServiceType\",\"termSetId\":\"76c12efb-5173-4982-ae9b-5f9e37187171\"}},\"relationships\":[]}}}",
- "SourceUrl": null,
- "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc"
+ "@odata.context": "https://contoso.sharepoint.com/sites/filerepository/_api/$metadata#models/$entity",
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningModel",
+ "@odata.id": "https://contoso.sharepoint.com/sites/filerepository/_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,111\"",
+ "@odata.editLink": " https://contoso.sharepoint.com/sites/filerepository /_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "ConfidenceScore": "{\"trainingStatus\":{\"kind\":\"original\",\"ClassifierStatus\":{\"TrainingStatus\":\"success\",\"TimeStamp\":1611716640535},\"ExtractorsStatus\":[{\"TimeStamp\":1585175746775,\"ExtractorName\":\"Contract Name\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586905975794,\"ExtractorName\":\"Client \",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586906061099,\"ExtractorName\":\"Contract Date\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586907912388,\"ExtractorName\":\"Fee\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1611716640115,\"ExtractorName\":\"ServiceType\",\"TrainingStatus\":\"success\"}]},\"modelAccuracy\":{\"Classifier\":1,\"Extractors\":{\"Contract Name\":1,\"Client \":1,\"Contract Date\":1,\"Fee\":1,\"ServiceType\":1}},\"perSampleAccuracy\":{\"133\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"249\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"252\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"253\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"254\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"255\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"256\":{\"Extractors\":{\"ServiceType\":1}},\"257\":{\"Extractors\":{\"ServiceType\":1}}},\"perSamplePrediction\":{\"133\":{\"Extractors\":{\"ServiceType\":[]}},\"249\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"252\":{\"Extractors\":{\"ServiceType\":[\"Catering\"]}},\"253\":{\"Extractors\":{\"ServiceType\":[\"Design\"]}},\"254\":{\"Extractors\":{\"ServiceType\":[\"Marketing\"]}},\"255\":{\"Extractors\":{\"ServiceType\":[\"Financial Planning\"]}},\"256\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"257\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}}},\"trainingFailures\":{}}",
+ "ContentTypeGroup": "Intelligent Document Content Types",
+ "ContentTypeId": "0x01010083DF84D4F59BBD4CB06F075AA81F58AA",
+ "ContentTypeName": "Contoso Contract",
+ "Created": "2020-03-25T22:04:04Z",
+ "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-h2NuHxlYUiTJyiwKQHZobK",
+ "Explanations": "{\"Classifier\":[{\"id\":\"8122ac1d-8fcb-4705-8872-2825cbf05bfe\",\"kind\":\"dictionaryFeature\",\"name\":\"agreement\",\"active\":true,\"nGrams\":[\"CONSULTING AGREEMENT\",\"SERVICES AGREEMENT\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"af83bea8-bc53-4e93-a3da-f1e697eb6bef\",\"kind\":\"modelFeature\",\"name\":\"Contract Name\",\"active\":true,\"modelReference\":\"Contract Name\",\"conceptId\":\"841d0dcf-7f1d-4a39-931c-53923d10c346\"},{\"id\":\"e3734994-9e34-40e3-82c7-bb6c7bc5a0c3\",\"kind\":\"modelFeature\",\"name\":\"Client \",\"active\":true,\"modelReference\":\"Client \",\"conceptId\":\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\"},{\"id\":\"7c93e7fe-cbfb-47ee-8cca-46ecdf5f628f\",\"kind\":\"modelFeature\",\"name\":\"Contract Date\",\"active\":true,\"modelReference\":\"Contract Date\",\"conceptId\":\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\"},{\"id\":\"5cc85b62-148a-4b07-9155-d9fb7cebb6d0\",\"kind\":\"modelFeature\",\"name\":\"Fee\",\"active\":true,\"modelReference\":\"Fee\",\"conceptId\":\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\"},{\"id\":\"0f8a23a6-c744-4cae-82bd-d836332ceb56\",\"kind\":\"modelFeature\",\"name\":\"ServiceType\",\"active\":true,\"modelReference\":\"ServiceType\",\"conceptId\":\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\"}],\"Extractors\":{\"Contract Name\":[{\"id\":\"8804fbeb-bcf8-44c0-8ade-3fc65496037f\",\"kind\":\"dictionaryFeature\",\"name\":\"before\",\"active\":true,\"nGrams\":[\"- AND -\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Client \":[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"dictionaryFeature\",\"name\":\"start\",\"active\":true,\"nGrams\":[\"BETWEEN:\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"dictionaryFeature\",\"name\":\"after\",\"active\":true,\"nGrams\":[\"of\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"bccefd2e-88a4-406c-aa9d-81d508bbafb3\",\"kind\":\"proximityFeature\",\"name\":\"prox\",\"active\":true,\"patterns\":[[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"proximityFeatureReference\"},{\"kind\":\"proximityTokenRange\",\"minCount\":1,\"maxCount\":6},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"proximityFeatureReference\"}]]}],\"Contract Date\":[{\"id\":\"fabe1ed3-07af-4dc6-852d-fe9521c64801\",\"kind\":\"dictionaryFeature\",\"name\":\"dated\",\"active\":true,\"nGrams\":[\"dated\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"983da7b8-51d7-4a85-9644-007b488fce0b\",\"kind\":\"dictionaryFeature\",\"name\":\"betw\",\"active\":true,\"nGrams\":[\"between\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Fee\":[{\"id\":\"f4cf89dc-64d1-49a1-9be4-41debda251b6\",\"kind\":\"dictionaryFeature\",\"name\":\"flat fee of \",\"active\":true,\"nGrams\":[\"flat fee of $\",\"flat fee of $$\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"ServiceType\":[{\"id\":\"c04408f5-ce14-4eb0-81d0-f72ea9fa7e83\",\"kind\":\"dictionaryFeature\",\"name\":\"Before label\",\"active\":true,\"nGrams\":[\"will provide \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"ea94fa7f-e41b-4e09-a484-355912bfbdff\",\"kind\":\"dictionaryFeature\",\"name\":\"After label\",\"active\":true,\"nGrams\":[\"services for \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}]}}",
+ "ID": 16,
+ "LastTrained": "2021-01-27T03:04:00Z",
+ "ListID": "f1e13676-8595-4c22-9ca2-c0a4076686ca",
+ "ModelSettings": null,
+ "ModelType": 2,
+ "Modified": "2021-01-27T03:05:04Z",
+ "ModifiedBy": "i:0#.f|membership|kevinche@contoso.com",
+ "ObjectId": "01ZBWEM5E54ZCXN6ZBERFKC6U336T4WY64",
+ "PublicationType": 0,
+ "Schemas": "{\"Extractors\":{\"Contract Name\":{\"concepts\":{\"841d0dcf-7f1d-4a39-931c-53923d10c346\":{\"name\":\"Contract Name\"}},\"relationships\":[]},\"Client \":{\"concepts\":{\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\":{\"name\":\"Client \"}},\"relationships\":[]},\"Contract Date\":{\"concepts\":{\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\":{\"name\":\"Contract Date\"}},\"relationships\":[]},\"Fee\":{\"concepts\":{\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\":{\"name\":\"Fee\"}},\"relationships\":[]},\"ServiceType\":{\"concepts\":{\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\":{\"name\":\"ServiceType\",\"termSetId\":\"76c12efb-5173-4982-ae9b-5f9e37187171\"}},\"relationships\":[]}}}",
+ "SourceUrl": null,
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc"
} ```+ ### Get and delete the Contoso Contract model by ID In this sample, the ID of the Contoso Contract document understanding model is `7645e69d-21fb-4a24-a17a-9bdfa7cb63dc`.
contentunderstanding Rest Getmodelandlibraryinfo https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-getmodelandlibraryinfo.md
In this sample, the ID of the Contoso Contract document understanding model is `
```HTTP GET /sites/TestCC/_api/machinelearning/publications/getbymodeluniqueid('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc') HTTP/1.1 ```+ #### Sample response **Status code:** 200 ```JSON {
- "@odata.context": "https://contoso.sharepoint.com/sites/TestCC/_api/$metadata#publications",
- "value": [
- {
- "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningPublication",
- "@odata.id": "https://contoso.sharepoint.com/sites/repository /_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,94\"",
- "@odata.editLink": " https://contoso.sharepoint.com/sites/TestCC /_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "Created": "2021-04-27T03:05:25Z",
- "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
- "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-gPy9BrxT7GTrtXtdtv1Uzb",
- "ID": 26,
- "ModelId": 16,
- "ModelName": "contosocontract.classifier",
- "ModelType": 0,
- "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "ModelVersion": "8.0",
- "Modified": "2021-03-17T17:56:42Z",
- "ModifiedBy": "i:0#.f|membership|joedoe@contoso.com",
- "ObjectId": "01ZBWEM5FZRILGLXTEB5CZ2NNNSCTWBJMQ",
- "PublicationType": 1,
- "TargetLibraryRemoved": false,
- "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
- "TargetLibraryUrl": " https://contoso.sharepoint.com/sites/repository/contracts",
- "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository",
- "TargetWebServerRelativeUrl": "/sites/repository",
- "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "ViewOption": "NewViewAsDefault"
- },
- {
- "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningPublication",
- "@odata.id": "https://contoso.sharepoint.com /sites/legal/_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,101\"",
- "@odata.editLink": "https://contoso.sharepoint.com /sites/legal/_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
- "Created": "2021-01-27T03:17:44Z",
- "CreatedBy": "i:0#.f|membership|esherman@contoso.com ",
- "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-gPy9BrxT7GTrtXtdtv1Uzb",
- "ID": 27,
- "ModelId": 16,
- "ModelName": "dispositions.classifier",
- "ModelType": 0,
- "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "ModelVersion": "8.0",
- "Modified": "2021-03-17T23:17:46Z",
- "ModifiedBy": "i:0#.f|membership|esherman@contoso.com ",
- "ObjectId": "01ZBWEM5B3ERSZK4PAARGLFZ7JP6GMXG2R",
- "PublicationType": 1,
- "TargetLibraryRemoved": false,
- "TargetLibraryServerRelativeUrl": "/sites/legal/dispositions",
- "TargetLibraryUrl": "https://contoso.sharepoint.com/sites/legal/dispositions",
- "TargetSiteUrl": " https://contoso.sharepoint.com/sites/legal",
- "TargetWebServerRelativeUrl": "/sites/legal",
- "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
- "ViewOption": "NewViewAsDefault"
- }
- ]
+ "@odata.context": "https://contoso.sharepoint.com/sites/TestCC/_api/$metadata#publications",
+ "value": [
+ {
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningPublication",
+ "@odata.id": "https://contoso.sharepoint.com/sites/repository /_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,94\"",
+ "@odata.editLink": " https://contoso.sharepoint.com/sites/TestCC /_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "Created": "2021-04-27T03:05:25Z",
+ "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-gPy9BrxT7GTrtXtdtv1Uzb",
+ "ID": 26,
+ "ModelId": 16,
+ "ModelName": "contosocontract.classifier",
+ "ModelType": 0,
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ModelVersion": "8.0",
+ "Modified": "2021-03-17T17:56:42Z",
+ "ModifiedBy": "i:0#.f|membership|joedoe@contoso.com",
+ "ObjectId": "01ZBWEM5FZRILGLXTEB5CZ2NNNSCTWBJMQ",
+ "PublicationType": 1,
+ "TargetLibraryRemoved": false,
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "TargetLibraryUrl": " https://contoso.sharepoint.com/sites/repository/contracts",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ViewOption": "NewViewAsDefault"
+ },
+ {
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningPublication",
+ "@odata.id": "https://contoso.sharepoint.com /sites/legal/_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,101\"",
+ "@odata.editLink": "https://contoso.sharepoint.com /sites/legal/_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "Created": "2021-01-27T03:17:44Z",
+ "CreatedBy": "i:0#.f|membership|esherman@contoso.com ",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-gPy9BrxT7GTrtXtdtv1Uzb",
+ "ID": 27,
+ "ModelId": 16,
+ "ModelName": "dispositions.classifier",
+ "ModelType": 0,
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ModelVersion": "8.0",
+ "Modified": "2021-03-17T23:17:46Z",
+ "ModifiedBy": "i:0#.f|membership|esherman@contoso.com ",
+ "ObjectId": "01ZBWEM5B3ERSZK4PAARGLFZ7JP6GMXG2R",
+ "PublicationType": 1,
+ "TargetLibraryRemoved": false,
+ "TargetLibraryServerRelativeUrl": "/sites/legal/dispositions",
+ "TargetLibraryUrl": "https://contoso.sharepoint.com/sites/legal/dispositions",
+ "TargetSiteUrl": " https://contoso.sharepoint.com/sites/legal",
+ "TargetWebServerRelativeUrl": "/sites/legal",
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ViewOption": "NewViewAsDefault"
+ }
+ ]
} ```
contentunderstanding Rest Updatemodelsettings Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-updatemodelsettings-method.md
In this example, the model description and "Standard Hold" retention label are u
```HTTP {
- "ModelSettings": "{\"Description\":\"This model is used to set files classified as Contoso Contracts with a standard hold retention.\", \"RetentionLabel\":{\"Id\":\"27c5fcba-abfd-4c34-823d-0b4a48f7ffe6\",\"Name\":\"Standard Hold\"}}"
+ "ModelSettings": "{\"Description\":\"This model is used to set files classified as Contoso Contracts with a standard hold retention.\", \"RetentionLabel\":{\"Id\":\"27c5fcba-abfd-4c34-823d-0b4a48f7ffe6\",\"Name\":\"Standard Hold\"}}"
} ```
contentunderstanding Solution Manage Contracts In Microsoft 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-in-microsoft-365.md
description: Learn how to manage contracts using a Microsoft 365 solution of Sha
# Manage contracts using a Microsoft 365 solution
-This article describes how to create a contracts management solution for your organization by using SharePoint Syntex and components of Microsoft 365. It provides you with a framework to help you plan and create a solution that fits your unique business needs. Even if this solution doesn't suit your business needs as a whole, parts of it can be adopted in your planning to create a custom contract management solution.
+This article describes how to create a contracts management solution for your organization by using SharePoint Syntex and components of Microsoft 365. It provides you with a framework to help you plan and create a solution that fits your unique business needs. Even though this solution talks about contract management, you can adapt it to create other document management solutions, such as for statements of work or invoices.
*This content set documents a Microsoft 365 solution developed by Thomas Molbach with the Modern Work Solution Strategy Team at Microsoft.*
This contract management solution guidance includes four components of Microsoft
![Example of a contract.](../media/content-understanding/contract.png) 3. In Microsoft Teams, all stakeholders are members of a secure Teams channel in which all contracts in the document library are visible for approval or rejection. By using Teams functionality, all stakeholders are notified when new contracts need to be reviewed.
-
-4. By using Power Automate, contracts are moved through the approval process in the Teams channel. When a member approves a contract, the contract status is changed to approve, all members are notified through a Teams post, and a line item is created to show that the contract is ready for payout. This process can be extended to write directly to a third-party financial application for payment.
-5. When a member rejects a contract, the status is changed to rejected, and all members are notified through a Teams post.
+4. By using Power Automate, contracts are moved through the approval process in the Teams channel. When a member approves a contract, the contract status is changed to approved, all members are notified through a Teams post, and a line item is created to show that the contract is ready for payout. This process can be extended to write directly to a third-party financial application for payment.
+
+5. When a member rejects a contract, the status is changed to rejected, and all members are notified through a Teams post.
6. The end result of this solution is an automated business process for your organization. Employees can easily use the custom tile view in Teams to initiate and monitor the approval workflow of your documents.
This contract management solution guidance includes four components of Microsoft
This solution relies on the following functionality, all available as part of a Microsoft 365 Enterprise (E1, E3, E5, F3) or Business (Basic, Standard, or Premium) license: -- Microsoft SharePoint Syntex-- Microsoft Teams-- Power Automate
+- Microsoft SharePoint Syntex
+- Microsoft Teams
+- Power Automate
## Create the solution
contentunderstanding Solution Manage Contracts Step1 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-step1.md
Your organization needs a way to identify and classify all contract documents fr
## Overview of the process
-[Document understanding](document-understanding-overview.md) uses artificial intelligence (AI) models to automate classification of files and extraction of information. Document understanding models are also optimal in extracting information from unstructured and semi-structured documents where the information you need isn't contained in tables or forms, such as contracts.
+[Document understanding](document-understanding-overview.md) uses artificial intelligence (AI) models to automate classification of files and extraction of information. Document understanding models are also optimal in extracting information from unstructured and semi-structured documents where the information you need isn't contained in tables or forms, such as contracts.
+
+Document understanding models use Optical Character Recognition (OCR) technology to scan PDFs, images, and TIFF files, both when you train a model with example files and when you run the model against files in a document library.
1. First, you need to find at least five example files that you can use to "train" the model to search for characteristics that are specific to the content type you're trying to identify (a contract).
contentunderstanding Solution Manage Contracts Step2 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-step2.md
This section defines how the "Contractor" will display on the card, and uses the
```JSON {
- "elmType": "div",
- "txtContent": "Contractor",
- "style": {
- "color": "#767676",
- "font-size": "12px",
- "margin-bottom": "2px"
- }
- },
- {
- "elmType": "div",
- "style": {
- "margin-bottom": "12px",
- "font-size": "14px"
- },
- "txtContent": "[$Contractor]"
- },
+ "elmType": "div",
+ "txtContent": "Contractor",
+ "style": {
+ "color": "#767676",
+ "font-size": "12px",
+ "margin-bottom": "2px"
+ }
+ },
+ {
+ "elmType": "div",
+ "style": {
+ "margin-bottom": "12px",
+ "font-size": "14px"
+ },
+ "txtContent": "[$Contractor]"
+ },
``` ### Fee amount
enterprise Add A Domain To A Client Tenancy With Windows Powershell For Delegated Access Pe https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/add-a-domain-to-a-client-tenancy-with-windows-powershell-for-delegated-access-pe.md
Name Status Authentication
FQDN of new domain Verified Managed ``` - ## See also
-####
-
-[Help for partners](https://go.microsoft.com/fwlink/p/?LinkID=533477)
+[Help for partners](https://go.microsoft.com/fwlink/p/?LinkID=533477)
enterprise Additional Office365 Ip Addresses And Urls https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/additional-office365-ip-addresses-and-urls.md
Some network endpoints were previously published and have not been included in t
Apart from DNS, these are all optional for most customers unless you need the specific scenario that is described.
-| Row | Purpose | Destination | Type |
-|:--|:--|:--|:--|
-| 1 | [Import Service](https://support.office.com/article/use-network-upload-to-import-your-organization-pst-files-to-office-365-103f940c-0468-4e1a-b527-cc8ad13a5ea6) for PST and file ingestion | Refer to the [Import Service](https://support.office.com/article/use-network-upload-to-import-your-organization-pst-files-to-office-365-103f940c-0468-4e1a-b527-cc8ad13a5ea6) for additional requirements. | Uncommon outbound scenario |
-| 2 | [Microsoft Support and Recovery Assistant for Office 365](https://diagnostics.office.com/#/) | https<span>://</span>autodiscover.outlook.com <BR> <span>https://</span>officecdn.microsoft.com <BR> <span>https://</span>api.diagnostics.office.com <BR> <span>https://</span>apibasic.diagnostics.office.com <BR> <span>https://</span>autodiscover-s.outlook.com <BR> <span>https://</span>cloudcheckenabler.azurewebsites.net <BR> <span>https://</span>login.live.com <BR> <span>https://</span>login.microsoftonline.com <BR> <span>https://</span>login.windows.net <BR> <span>https://</span>o365diagtelemetry.trafficmanager.net <BR> <span>https://</span>odc.officeapps.live.com <BR> <span>https://</span>offcatedge.azureedge.net <BR> <span>https://</span>officeapps.live.com <BR> <span>https://</span>outlook.office365.com <BR> <span>https://</span>outlookdiagnostics.azureedge.net | Outbound server traffic |
-| 3 | Azure AD Connect (w/SSO option) ΓÇô WinRM & remote PowerShell | Customer STS environment (AD FS Server and AD FS Proxy) \| TCP ports 80 & 443 | Inbound server traffic |
-| 4 | STS such as AD FS Proxy server(s) (for federated customers only) | Customer STS (such as AD FS Proxy) \| Ports TCP 443 or TCP 49443 w/ClientTLS | Inbound server traffic |
-| 5 | [Exchange Online Unified Messaging/SBC integration](/exchange/voice-mail-unified-messaging/telephone-system-integration-with-um/configuration-notes-for-session-border-controllers) | Bidirectional between on-premises Session Border Controller and *.um.outlook.com | Outbound server only traffic |
-| 6 | Mailbox Migration. When mailbox migration is initiated from on-premises [Exchange Hybrid](/exchange/exchange-deployment-assistant) to Office 365, Office 365 will connect to your published Exchange Web Services (EWS)/Mailbox Replication Services (MRS) server. If you need the NAT IP addresses used by Exchange Online servers to restrict inbound connections from specific source IP ranges, they are listed in [Office 365 URL & IP ranges](urls-and-ip-address-ranges.md) under the "Exchange Online" service area. Care should be taken to ensure that access to published EWS endpoints like OWA is not impacted by ensuring the MRS proxy resolves to a separate FQDN and public IP address before restricting TCP 443 connections from specific source IP ranges. | Customer on-premises EWS/MRS Proxy<br> TCP port 443 | Inbound server traffic |
-| 7 | [Exchange Hybrid](/exchange/exchange-deployment-assistant) co-existence functions such as Free/Busy sharing. | Customer on-premises Exchange server | Inbound server traffic |
-| 8 | [Exchange Hybrid](/exchange/exchange-deployment-assistant) proxy authentication | Customer on-premises STS | Inbound server traffic |
-| 9 | Used to configure [Exchange Hybrid](/exchange/exchange-deployment-assistant), using the [Exchange Hybrid Configuration Wizard](/exchange/hybrid-configuration-wizard) <br> Note: These endpoints are only required to configure Exchange hybrid | domains.live.com on TCP ports 80 & 443, only required for Exchange 2010 SP3 Hybrid Configuration Wizard<BR> <BR> GCC High, DoD IP addresses: 40.118.209.192/32; 168.62.190.41/32 <BR> <BR> Worldwide Commercial & GCC: *.store.core.windows.net; asl.configure.office.com; tds.configure.office.com; mshybridservice.trafficmanager.net ; <BR> aka.ms/hybridwizard; <BR> shcwreleaseprod.blob.core.windows.net/shcw/\*;<BR> | Outbound server only traffic |
-| 10 | The AutoDetect service is used in [Exchange Hybrid](/exchange/exchange-deployment-assistant) scenarios with [Hybrid Modern Authentication with Outlook for iOS and Android](/Exchange/clients/outlook-for-ios-and-android/use-hybrid-modern-auth) <BR> <BR> ```*.acompli.net``` <BR> <BR> ```*.outlookmobile.com``` <BR> <BR> ```*.outlookmobile.us``` <BR> <BR> ```52.125.128.0/20``` <BR> ```52.127.96.0/23``` <BR> | Customer on-premises Exchange server on TCP 443 | Inbound server traffic |
-| 11 | Exchange hybrid Azure AD authentication | *.msappproxy.net | TCP outbound server only traffic |
-| 12 | Skype for Business in Office 2016 includes video based screen sharing which uses UDP ports. Prior Skype for Business clients in Office 2013 and earlier used RDP over TCP port 443. | TCP port 443 open to 52.112.0.0/14 | Skype for Business older client versions in Office 2013 and earlier |
-| 13 | Skype for Business hybrid on-premises server connectivity to Skype for Business Online | 13.107.64.0/18, 52.112.0.0/14 <BR> UDP ports 50,000-59,999 <BR> TCP ports 50,000-59,999; 5061 | Skype for Business on-premises server outbound connectivity |
-| 14 | Cloud PSTN with on-premises hybrid connectivity requires network connectivity open to the on-premises hosts. For more details about Skype for Business Online hybrid configurations | See [Plan hybrid connectivity between Skype for Business Server and Office 365](/skypeforbusiness/hybrid/plan-hybrid-connectivity) | Skype for Business on-premises hybrid inbound |
-| 15 | **Authentication and identity FQDNs** <br> The FQDN ```secure.aadcdn.microsoftonline-p.com``` needs to be in your client's Internet Explorer (IE) or Edge Trusted Sites Zone to function. | | Trusted Sites |
-| 16 | **Microsoft Teams FQDNs** <br> If you are using Internet Explorer or Microsoft Edge, you need to enable first and third-party cookies and add the FQDNs for Teams to your Trusted Sites. This is in addition to the suite-wide FQDNs, CDNs, and telemetry listed in row 14. See [Known issues for Microsoft Teams](/microsoftteams/known-issues) for more information. | | Trusted Sites |
-| 17 | **SharePoint Online and OneDrive for Business FQDNs** <br> All '.sharepoint.com' FQDNs with '\<tenant>' in the FQDN need to be in your client's IE or Edge Trusted Sites Zone to function. In addition to the suite-wide FQDNs, CDNs, and telemetry listed in row 14, you'll need to also add these endpoints. | | Trusted Sites |
-| 18 | **Yammer** <br> Yammer is only available in the browser and requires the authenticated user to be passed through a proxy. All Yammer FQDNs need to be in your client's IE or Edge Trusted Sites Zone to function. | | Trusted Sites |
-| 19 | Use [Azure AD Connect](/azure/active-directory/hybrid/) to sync on-premises user accounts to Azure AD. | See [Hybrid Identity Required Ports and Protocols](/azure/active-directory/hybrid/reference-connect-ports), [Troubleshoot Azure AD connectivity](/azure/active-directory/hybrid/tshoot-connect-connectivity), and [Azure AD Connect Health Agent Installation](/azure/active-directory/hybrid/how-to-connect-health-agent-install#outbound-connectivity-to-the-azure-service-endpoints). | Outbound server only traffic |
-| 20 | [Azure AD Connect](/azure/active-directory/hybrid/) with 21 ViaNet in China to sync on-premises user accounts to Azure AD. | \*.digicert.com:80 <BR> \*.entrust.net:80 <BR> \*.chinacloudapi.cn:443 <BR> secure.aadcdn.partner.microsoftonline-p.cn:443 <BR>*.partner.microsoftonline.cn:443 <BR> <BR>Also see [Troubleshoot ingress with Azure AD connectivity issues](https://docs.azure.cn/zh-cn/active-directory/hybrid/tshoot-connect-connectivity). | Outbound server only traffic |
-| 21 | Microsoft Stream (needs the Azure AD user token). <BR> Office 365 Worldwide (including GCC) | \*.cloudapp.net <BR> \*.api.microsoftstream.com <BR> \*.notification.api.microsoftstream.com <BR> amp.azure.net <BR> api.microsoftstream.com <BR> az416426.vo.msecnd.net <BR> s0.assets-yammer.com <BR> vortex.data.microsoft.com <BR> web.microsoftstream.com <BR> TCP port 443 | Inbound server traffic |
-| 22 | Use MFA server for multifactor authentication requests, both new installations of the server and setting it up with Active Directory Domain Services (AD DS). | See [Getting started with the Azure AD Multi-Factor Authentication Server](/azure/active-directory/authentication/howto-mfaserver-deploy#plan-your-deployment). | Outbound server only traffic |
-| 23 | Microsoft Graph Change Notifications | Developers can leverage [change notifications](/graph/webhooks?context=graph%2fapi%2f1.0&view=graph-rest-1.0) to subscribe to events in the Microsoft Graph. | *.cloudapp.net<BR> 104.43.130.21, 137.116.169.230, 13.79.38.63, 104.214.39.228, Public Cloud: 168.63.250.205, 52.161.9.202, 40.68.103.62, 13.89.60.223, 23.100.95.104, 40.113.95.219, 104.214.32.10, 168.63.237.145, 52.161.110.176, 52.174.177.183, 13.85.192.59, 13.85.192.123, 13.86.37.15, 13.89.108.233, 13.89.104.147, 20.44.210.83, 20.44.210.146, 40.76.162.99, 40.76.162.42, 40.74.203.28, 40.74.203.27, 51.104.159.213, 51.104.159.181, 51.124.75.43, 51.124.73.177, 51.138.90.7, 51.138.90.52, 52.139.153.222, 52.139.170.157, 52.139.170.47, 52.142.114.29, 52.142.115.31, 52.147.213.251, 52.147.213.181, 52.148.24.136, 52.148.27.39, 52.148.115.48, 52.148.114.238, 52.154.246.238, 52.159.23.209, 52.159.17.84, 52.184.94.140 <BR> Microsoft Cloud for US Government: 52.244.231.173, 52.238.76.151, 52.244.250.211, 52.238.78.108, 52.243.147.249, 52.243.148.19, 52.243.157.104, 52.243.157.105, 52.244.33.45, 52.244.35.174, 52.244.111.156, 52.244.111.170 <BR> Microsoft Cloud Germany: 51.4.231.136, 51.5.243.223, 51.4.226.154, 51.5.244.215, 51.4.150.206, 51.4.150.235, 51.5.147.130, 51.5.148.103 <BR> Microsoft Cloud China operated by 21Vianet: 139.219.15.33, 42.159.154.223, 42.159.88.79, 42.159.155.77, 40.72.155.199, 40.72.155.216, 40.125.138.23, 40.125.136.69, 42.159.72.35, 42.159.72.47, 42.159.180.55, 42.159.180.56<BR> TCP port 443 <BR> Note: Developers can specify different ports when creating the subscriptions. | Inbound server traffic |
-|||||
+<br>
+
+****
+
+|Row|Purpose|Destination|Type|
+|||||
+|1|[Import Service](https://support.office.com/article/use-network-upload-to-import-your-organization-pst-files-to-office-365-103f940c-0468-4e1a-b527-cc8ad13a5ea6) for PST and file ingestion|Refer to the [Import Service](https://support.office.com/article/use-network-upload-to-import-your-organization-pst-files-to-office-365-103f940c-0468-4e1a-b527-cc8ad13a5ea6) for additional requirements.|Uncommon outbound scenario|
+|2|[Microsoft Support and Recovery Assistant for Office 365](https://diagnostics.office.com/#/)|<https://autodiscover.outlook.com> <br> <https://officecdn.microsoft.com> <br> <https://api.diagnostics.office.com> <br> <https://apibasic.diagnostics.office.com> <br> <https://autodiscover-s.outlook.com> <br> <https://cloudcheckenabler.azurewebsites.net> <br> <https://login.live.com> <br> <https://login.microsoftonline.com> <br> <https://login.windows.net> <br> <https://o365diagtelemetry.trafficmanager.net> <br> <https://odc.officeapps.live.com> <br> <https://offcatedge.azureedge.net> <br> <https://officeapps.live.com> <br> <https://outlook.office365.com> <br> <https://outlookdiagnostics.azureedge.net>|Outbound server traffic|
+|3|Azure AD Connect (w/SSO option) ΓÇô WinRM & remote PowerShell|Customer STS environment (AD FS Server and AD FS Proxy) \| TCP ports 80 & 443|Inbound server traffic|
+|4|STS such as AD FS Proxy server(s) (for federated customers only)|Customer STS (such as AD FS Proxy) \| Ports TCP 443 or TCP 49443 w/ClientTLS|Inbound server traffic|
+|5|[Exchange Online Unified Messaging/SBC integration](/exchange/voice-mail-unified-messaging/telephone-system-integration-with-um/configuration-notes-for-session-border-controllers)|Bidirectional between on-premises Session Border Controller and \*.um.outlook.com|Outbound server only traffic|
+|6|Mailbox Migration. When mailbox migration is initiated from on-premises [Exchange Hybrid](/exchange/exchange-deployment-assistant) to Office 365, Office 365 will connect to your published Exchange Web Services (EWS)/Mailbox Replication Services (MRS) server. If you need the NAT IP addresses used by Exchange Online servers to restrict inbound connections from specific source IP ranges, they are listed in [Office 365 URL & IP ranges](urls-and-ip-address-ranges.md) under the "Exchange Online" service area. <p> Care should be taken to ensure that access to published EWS endpoints like OWA is not impacted by ensuring the MRS proxy resolves to a separate FQDN and public IP address before restricting TCP 443 connections from specific source IP ranges.|Customer on-premises EWS/MRS Proxy <br> TCP port 443|Inbound server traffic|
+|7|[Exchange Hybrid](/exchange/exchange-deployment-assistant) co-existence functions such as Free/Busy sharing.|Customer on-premises Exchange server|Inbound server traffic|
+|8|[Exchange Hybrid](/exchange/exchange-deployment-assistant) proxy authentication|Customer on-premises STS|Inbound server traffic|
+|9|Used to configure [Exchange Hybrid](/exchange/exchange-deployment-assistant), using the [Exchange Hybrid Configuration Wizard](/exchange/hybrid-configuration-wizard) <p> Note: These endpoints are only required to configure Exchange hybrid|domains.live.com on TCP ports 80 & 443, only required for Exchange 2010 SP3 Hybrid Configuration Wizard <p> GCC High, DoD IP addresses: 40.118.209.192/32; 168.62.190.41/32 <p> Worldwide Commercial & GCC: \*.store.core.windows.net; asl.configure.office.com; tds.configure.office.com; mshybridservice.trafficmanager.net ; <br> aka.ms/hybridwizard; <br> shcwreleaseprod.blob.core.windows.net/shcw/\*;|Outbound server only traffic|
+|10|The AutoDetect service is used in [Exchange Hybrid](/exchange/exchange-deployment-assistant) scenarios with [Hybrid Modern Authentication with Outlook for iOS and Android](/Exchange/clients/outlook-for-ios-and-android/use-hybrid-modern-auth) <p> `*.acompli.net` <br> `*.outlookmobile.com` <br> `*.outlookmobile.us` <br> `52.125.128.0/20` <br> `52.127.96.0/23`|Customer on-premises Exchange server on TCP 443|Inbound server traffic|
+|11|Exchange hybrid Azure AD authentication|*.msappproxy.net|TCP outbound server only traffic|
+|12|Skype for Business in Office 2016 includes video based screen sharing which uses UDP ports. Prior Skype for Business clients in Office 2013 and earlier used RDP over TCP port 443.|TCP port 443 open to 52.112.0.0/14|Skype for Business older client versions in Office 2013 and earlier|
+|13|Skype for Business hybrid on-premises server connectivity to Skype for Business Online|13.107.64.0/18, 52.112.0.0/14 <br> UDP ports 50,000-59,999 <br> TCP ports 50,000-59,999; 5061|Skype for Business on-premises server outbound connectivity|
+|14|Cloud PSTN with on-premises hybrid connectivity requires network connectivity open to the on-premises hosts. For more details about Skype for Business Online hybrid configurations|See [Plan hybrid connectivity between Skype for Business Server and Office 365](/skypeforbusiness/hybrid/plan-hybrid-connectivity)|Skype for Business on-premises hybrid inbound|
+|15|**Authentication and identity FQDNs** <p> The FQDN `secure.aadcdn.microsoftonline-p.com` needs to be in your client's Internet Explorer (IE) or Edge Trusted Sites Zone to function.||Trusted Sites|
+|16|**Microsoft Teams FQDNs** <p> If you are using Internet Explorer or Microsoft Edge, you need to enable first and third-party cookies and add the FQDNs for Teams to your Trusted Sites. This is in addition to the suite-wide FQDNs, CDNs, and telemetry listed in row 14. See [Known issues for Microsoft Teams](/microsoftteams/known-issues) for more information.||Trusted Sites|
+|17|**SharePoint Online and OneDrive for Business FQDNs** <p> All '.sharepoint.com' FQDNs with '\<tenant\>' in the FQDN need to be in your client's IE or Edge Trusted Sites Zone to function. In addition to the suite-wide FQDNs, CDNs, and telemetry listed in row 14, you'll need to also add these endpoints.||Trusted Sites|
+|18|**Yammer** <br> Yammer is only available in the browser and requires the authenticated user to be passed through a proxy. All Yammer FQDNs need to be in your client's IE or Edge Trusted Sites Zone to function.||Trusted Sites|
+|19|Use [Azure AD Connect](/azure/active-directory/hybrid/) to sync on-premises user accounts to Azure AD.|See [Hybrid Identity Required Ports and Protocols](/azure/active-directory/hybrid/reference-connect-ports), [Troubleshoot Azure AD connectivity](/azure/active-directory/hybrid/tshoot-connect-connectivity), and [Azure AD Connect Health Agent Installation](/azure/active-directory/hybrid/how-to-connect-health-agent-install#outbound-connectivity-to-the-azure-service-endpoints).|Outbound server only traffic|
+|20|[Azure AD Connect](/azure/active-directory/hybrid/) with 21 ViaNet in China to sync on-premises user accounts to Azure AD.|\*.digicert.com:80 <BR> \*.entrust.net:80 <BR> \*.chinacloudapi.cn:443 <br> secure.aadcdn.partner.microsoftonline-p.cn:443 <br> \*.partner.microsoftonline.cn:443 <p> Also see [Troubleshoot ingress with Azure AD connectivity issues](https://docs.azure.cn/zh-cn/active-directory/hybrid/tshoot-connect-connectivity).|Outbound server only traffic|
+|21|Microsoft Stream (needs the Azure AD user token). <br> Office 365 Worldwide (including GCC)|\*.cloudapp.net <br> \*.api.microsoftstream.com <br> \*.notification.api.microsoftstream.com <br> amp.azure.net <br> api.microsoftstream.com <br> az416426.vo.msecnd.net <br> s0.assets-yammer.com <br> vortex.data.microsoft.com <br> web.microsoftstream.com <br> TCP port 443|Inbound server traffic|
+|22|Use MFA server for multifactor authentication requests, both new installations of the server and setting it up with Active Directory Domain Services (AD DS).|See [Getting started with the Azure AD Multi-Factor Authentication Server](/azure/active-directory/authentication/howto-mfaserver-deploy#plan-your-deployment).|Outbound server only traffic|
+|23|Microsoft Graph Change Notifications <p> Developers can leverage [change notifications](/graph/webhooks?context=graph%2fapi%2f1.0&view=graph-rest-1.0) to subscribe to events in the Microsoft Graph.|\*.cloudapp.net <br> 104.43.130.21, 137.116.169.230, 13.79.38.63, 104.214.39.228 <p> Public Cloud: 168.63.250.205, 52.161.9.202, 40.68.103.62, 13.89.60.223, 23.100.95.104, 40.113.95.219, 104.214.32.10, 168.63.237.145, 52.161.110.176, 52.174.177.183, 13.85.192.59, 13.85.192.123, 13.86.37.15, 13.89.108.233, 13.89.104.147, 20.44.210.83, 20.44.210.146, 40.76.162.99, 40.76.162.42, 40.74.203.28, 40.74.203.27, 51.104.159.213, 51.104.159.181, 51.124.75.43, 51.124.73.177, 51.138.90.7, 51.138.90.52, 52.139.153.222, 52.139.170.157, 52.139.170.47, 52.142.114.29, 52.142.115.31, 52.147.213.251, 52.147.213.181, 52.148.24.136, 52.148.27.39, 52.148.115.48, 52.148.114.238, 52.154.246.238, 52.159.23.209, 52.159.17.84, 52.184.94.140 <p> Microsoft Cloud for US Government: 52.244.231.173, 52.238.76.151, 52.244.250.211, 52.238.78.108, 52.243.147.249, 52.243.148.19, 52.243.157.104, 52.243.157.105, 52.244.33.45, 52.244.35.174, 52.244.111.156, 52.244.111.170 <p> Microsoft Cloud Germany: 51.4.231.136, 51.5.243.223, 51.4.226.154, 51.5.244.215, 51.4.150.206, 51.4.150.235, 51.5.147.130, 51.5.148.103 <p> Microsoft Cloud China operated by 21Vianet: 139.219.15.33, 42.159.154.223, 42.159.88.79, 42.159.155.77, 40.72.155.199, 40.72.155.216, 40.125.138.23, 40.125.136.69, 42.159.72.35, 42.159.72.47, 42.159.180.55, 42.159.180.56 <br> TCP port 443 <p> Note: Developers can specify different ports when creating the subscriptions.|Inbound server traffic|
+|
## Related Topics
Apart from DNS, these are all optional for most customers unless you need the sp
[Azure IP Ranges and Service Tags ΓÇô China Cloud](https://www.microsoft.com/download/details.aspx?id=57062)
-[Microsoft Public IP Space](https://www.microsoft.com/download/details.aspx?id=53602)
+[Microsoft Public IP Space](https://www.microsoft.com/download/details.aspx?id=53602)
enterprise Assign Per User Skype For Business Online Policies With Microsoft 365 Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/assign-per-user-skype-for-business-online-policies-with-microsoft-365-powershell.md
Grant-CsExternalAccessPolicy -Identity "Alex Darrow" -PolicyName $Null
``` This command sets the name of the external access policy assigned to Alex to a null value ($Null). Null means "nothing". In other words, no external access policy is assigned to Alex. When no external access policy is assigned to a user, that user then gets managed by the global policy.
-
## Managing large numbers of users
-To manage large numbers of users (1000 or more), you need to batch the commands via a script block using the [Invoke-Command](/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-7) cmdlet. In previous examples, each time a cmdlet is executed, it must set up the call and then wait for the result before sending it back. When using a script block, this allows the cmdlets to be executed remotely, and once completed, send the data back.
+To manage large numbers of users (1000 or more), you need to batch the commands via a script block using the [Invoke-Command](/powershell/module/microsoft.powershell.core/invoke-command) cmdlet. In previous examples, each time a cmdlet is executed, it must set up the call and then wait for the result before sending it back. When using a script block, this allows the cmdlets to be executed remotely, and once completed, send the data back.
```powershell $users = Get-CsOnlineUser -Filter { ClientPolicy -eq $null } -ResultSize 500
enterprise Block User Accounts With Microsoft 365 Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/block-user-accounts-with-microsoft-365-powershell.md
audience: Admin
localization_priority: Normal
+search.appverid:
- MET150 f1.keywords: - CSH-+ - Ent_Office_Other - PowerShell - seo-marvel-apr2020
When you block access to a Microsoft 365 account, you prevent anyone from using
## Use the Azure Active Directory PowerShell for Graph module First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-azure-active-directory-powershell-for-graph-module).
-
+ ### Block access to individual user accounts Use the following syntax to block an individual user account:
-
+ ```powershell
-Set-ΓÇïAzureADUser -ObjectID <sign-in name of the user account> -AccountEnabled $false
+Set-AzureADUser -ObjectID <sign-in name of the user account> -AccountEnabled $false
``` > [!NOTE] > The *-ObjectID* parameter in the **Set-AzureAD** cmdlet accepts either the account sign-in name, also known as the User Principal Name, or the account's object ID.
-
+ This example blocks access to the user account *fabricec@litwareinc.com*.
-
+ ```powershell
-Set-ΓÇïAzureADUser -ObjectID fabricec@litwareinc.com -AccountEnabled $false
+Set-AzureADUser -ObjectID fabricec@litwareinc.com -AccountEnabled $false
``` To unblock this user account, run the following command:
-
+ ```powershell
-Set-ΓÇïAzureADUser -ObjectID fabricec@litwareinc.com -AccountEnabled $true
+Set-AzureADUser -ObjectID fabricec@litwareinc.com -AccountEnabled $true
``` To display the user account UPN based on the user's display name, use the following commands:
-
+ ```powershell $userName="<display name>" Write-Host (Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName
Write-Host (Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipa
``` This example displays the user account UPN for the user *Caleb Sills*.
-
+ ```powershell $userName="Caleb Sills" Write-Host (Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName ``` To block an account based on the user's display name, use the following commands:
-
+ ```powershell $userName="<display name>" Set-AzureADUser -ObjectID (Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName -AccountEnabled $false
Set-AzureADUser -ObjectID (Get-AzureADUser | where {$_.DisplayName -eq $userName
``` To check the blocked status of a user account use the following command:
-
+ ```powershell Get-AzureADUser -UserPrincipalName <UPN of user account> | Select DisplayName,AccountEnabled ```
Get-AzureADUser -UserPrincipalName <UPN of user account> | Select DisplayName,Ac
### Block multiple user accounts To block access for multiple user accounts, create a text file that contains one account sign-in name on each line like this:
-
+ ```powershell akol@contoso.com tjohnston@contoso.com
kakers@contoso.com
``` In the following commands, the example text file is *C:\My Documents\Accounts.txt*. Replace this file name with the path and file name of your text file.
-
+ To block access to the accounts listed in the text file, run the following command:
-
+ ```powershell
-Get-Content "C:\My Documents\Accounts.txt" | ForEach { Set-ΓÇïAzureADUSer -ObjectID $_ -AccountEnabled $false }
+Get-Content "C:\My Documents\Accounts.txt" | ForEach {Set-AzureADUser -ObjectID $_ -AccountEnabled $false}
``` To unblock the accounts that are listed in the text file, run the following command:
-
+ ```powershell
-Get-Content "C:\My Documents\Accounts.txt" | ForEach { Set-ΓÇïAzureADUSer -ObjectID $_ -AccountEnabled $true }
+Get-Content "C:\My Documents\Accounts.txt" | ForEach {Set-AzureADUser -ObjectID $_ -AccountEnabled $true}
``` ## Use the Microsoft Azure Active Directory Module for Windows PowerShell First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell).
-
+ ### Block individual user accounts Use the following syntax to block access for an individual user account:
-
+ ```powershell Set-MsolUser -UserPrincipalName <sign-in name of user account> -BlockCredential $true ```
Set-MsolUser -UserPrincipalName <sign-in name of user account> -BlockCredential
>PowerShell Core doesn't support the Microsoft Azure Active Directory Module for Windows PowerShell module and cmdlets that have *Msol* in their name. You have to run these cmdlets from Windows PowerShell. This example blocks access to the user account *fabricec\@litwareinc.com*.
-
+ ```powershell Set-MsolUser -UserPrincipalName fabricec@litwareinc.com -BlockCredential $true ``` To unblock the user account, run the following command:
-
+ ```powershell Set-MsolUser -UserPrincipalName <sign-in name of user account> -BlockCredential $false ``` To check the blocked status of a user account run the following command:
-
+ ```powershell Get-MsolUser -UserPrincipalName <sign-in name of user account> | Select DisplayName,BlockCredential ```
Get-MsolUser -UserPrincipalName <sign-in name of user account> | Select DisplayN
### Block access for multiple user accounts First, create a text file that contains one account on each line like this:
-
+ ```powershell akol@contoso.com tjohnston@contoso.com
kakers@contoso.com
``` In the following commands, the example text file is *C:\My Documents\Accounts.txt*. Replace this file name with the path and file name of your text file.
-
+ To block access for the accounts that are listed in the text file, run the following command:
-
+ ```powershell Get-Content "C:\My Documents\Accounts.txt" | ForEach { Set-MsolUser -UserPrincipalName $_ -BlockCredential $true } ``` To unblock the accounts listed in the text file, run the following command:
-
+ ```powershell Get-Content "C:\My Documents\Accounts.txt" | ForEach { Set-MsolUser -UserPrincipalName $_ -BlockCredential $false } ```
To unblock the accounts listed in the text file, run the following command:
## See also [Manage Microsoft 365 user accounts, licenses, and groups with PowerShell](manage-user-accounts-and-licenses-with-microsoft-365-powershell.md)
-
+ [Manage Microsoft 365 with PowerShell](manage-microsoft-365-with-microsoft-365-powershell.md)
-
+ [Get started with PowerShell for Microsoft 365](getting-started-with-microsoft-365-powershell.md)
enterprise Cmdlet References For Microsoft 365 Services https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/cmdlet-references-for-microsoft-365-services.md
localization_priority: Normal
f1.keywords: - CSH-+ - Ent_Office_Other - seo-marvel-apr2020 ms.assetid: 3a1ea1a6-edbd-4922-9ad3-0b075f7f9009 description: Find Microsoft 365 PowerShell cmdlet references for Azure AD, Exchange Online, SharePoint Online, Skype for Business Online, and Security & Compliance.
-# Cmdlet references for Microsoft 365 services
+# Cmdlet references for Microsoft 365 services
*This article applies to both Microsoft 365 Enterprise and Office 365 Enterprise.* This article provides cmdlet references for the various Microsoft 365 services and connection instructions for each Microsoft 365 service that PowerShell supports.
-
+ > [!NOTE] > To connect to all services at once, see [Connect to all Microsoft 365 services in a single Windows PowerShell window](connect-to-all-microsoft-365-services-in-a-single-windows-powershell-window.md).
-
+ ## Azure Active Directory PowerShell cmdlets
-The Azure Active Directory PowerShell for Graph cmdlet reference topics are in the Reference section of the [Azure Active Directory PowerShell for Graph documentation](/powershell/azure/active-directory/install-adv2?view=azureadps-2.0).
+The Azure Active Directory PowerShell for Graph cmdlet reference topics are in the Reference section of the [Azure Active Directory PowerShell for Graph documentation](/powershell/azure/active-directory/install-adv2).
-The Azure Active Directory Module for Windows PowerShell cmdlet reference topics is in the Reference section of the [Azure Active Directory (MSOnline) documentation](/powershell/azure/active-directory/overview?view=azureadps-1.0).
+The Azure Active Directory Module for Windows PowerShell cmdlet reference topics is in the Reference section of the [Azure Active Directory (MSOnline) documentation](/powershell/azure/active-directory/overview).
For Microsoft 365 PowerShell connection instructions, see [Connect to Microsoft 365 with PowerShell](connect-to-microsoft-365-powershell.md).
-
+ ## Exchange Online PowerShell cmdlets Exchange Online cmdlet reference topics are in the Reference section of the [Exchange Online PowerShell documentation](/powershell/exchange/exchange-online-powershell).
-
+ For connection instructions for Exchange Online PowerShell, see [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell).
-
+ > [!NOTE]
-> Reporting cmdlets for other services, such as SharePoint Online, Skype for Business Online, and Microsoft 365 user activity, are available in Exchange Online PowerShell. For more information, see [Reporting cmdlets in Exchange Online](/powershell/exchange/exchange-online-powershell).
-
+> Reporting cmdlets for other services, such as SharePoint Online, Skype for Business Online, and Microsoft 365 user activity, are available in Exchange Online PowerShell. For more information, see [Reporting cmdlets in Exchange Online](/powershell/exchange/exchange-online-powershell).
+ ## SharePoint Online PowerShell cmdlets For SharePoint Online cmdlets, see [Index of Windows PowerShell for SharePoint Online cmdlets](/powershell/module/sharepoint-online/).
-
+ For connection instructions for SharePoint Online PowerShell, see [Set up the SharePoint Online Management Shell Windows PowerShell environment](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).
-
+ ## Skype for Business Online PowerShell cmdlets For Skype for Business Online cmdlet reference topics, see [Skype for Business Online cmdlets](/previous-versions//mt228132(v=technet.10)).
-
+ For connection instructions for Skype for Business Online PowerShell, see [Manage Skype for Business Online with PowerShell](manage-skype-for-business-online-with-microsoft-365-powershell.md). ## Security & Compliance Center PowerShell cmdlets The Security & Compliance Center cmdlet references are in the Reference section of the [Security & Compliance PowerShell documentation](/powershell/exchange/scc-powershell).
-
+ For connection instructions for Security & Compliance Center PowerShell, see [Connect to the Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell). ## See also [Manage Microsoft 365 with PowerShell](manage-microsoft-365-with-microsoft-365-powershell.md)
-
+ [Get started with PowerShell for Microsoft 365](getting-started-with-microsoft-365-powershell.md)
enterprise Configure Skype For Business For Hybrid Modern Authentication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/configure-skype-for-business-for-hybrid-modern-authentication.md
*This article applies to both Microsoft 365 Enterprise and Office 365 Enterprise.* Modern Authentication, is a method of identity management that offers more secure user authentication and authorization, is available for Skype for Business server on-premises and Exchange server on-premises, and split-domain Skype for Business hybrids.
-
+ **Important** Would you like to know more about Modern Authentication (MA) and why you might prefer to use it in your company or organization? Check [this document](hybrid-modern-auth-overview.md) for an overview. If you need to know what Skype for Business topologies are supported with MA, that's documented here!
-
+ **Before we begin**, I use these terms:
-
+ - Modern Authentication (MA) - Hybrid Modern Authentication (HMA)
Modern Authentication, is a method of identity management that offers more secur
- Skype for Business Online (SFBO) Also, if a graphic in this article has an object that's grayed-out or dimmed that means the element shown in gray **isn't** included in MA-specific configuration.
-
+ ## Read the summary This summary breaks down the process into steps that might otherwise get lost during the execution, and is good for an overall checklist to keep track of where you are in the process.
-
+ 1. First, make sure you meet all the prerequisites. 1. Since many **prerequisites** are common for both Skype for Business and Exchange, [see the overview article for your pre-req checklist](hybrid-modern-auth-overview.md). Do this *before* you begin any of the steps in this article.
This summary breaks down the process into steps that might otherwise get lost du
1. Turn ON Hybrid Modern Authentication for Skype for Business on-premises. These steps turn on MA for SFB, SFBO, EXCH, and EXO - that is, all the products that can participate in an HMA configuration of SFB and SFBO (including dependencies on EXCH/EXO). In other words, if your users are homed in/have mailboxes created in any part of the Hybrid (EXO + SFBO, EXO + SFB, EXCH + SFBO, or EXCH + SFB), your finished product will look like this:
-
+ ![A Mixed 6 Skype for business HMA topology has MA on in all four possible locations.](../media/ab89cdf2-160b-49ac-9b71-0160800acfc8.png)
-
+ As you can see there are four different places to turn on MA! For the best user experience, we recommend you turn on MA in all four of these locations. If you can't turn MA on in all these locations, adjust the steps so that you turn on MA only in the locations that are necessary for your environment.
-
+ See the [Supportability topic for Skype for Business with MA](/skypeforbusiness/plan-your-deployment/modern-authentication/topologies-supported) for supported topologies.
-
+ **Important** Double-check that you've met all the prerequisites before you begin. You'll find that information in [Hybrid modern authentication overview and prerequisites](hybrid-modern-auth-overview.md).
-
+ ## Collect all HMA-specific info you'll need After you've double-checked that you meet the [prerequisites](hybrid-modern-auth-overview.md) to use Modern Authentication (see the note above), you should create a file to hold the info you'll need for configuring HMA in the steps ahead. Examples used in this article:
-
+ - **SIP/SMTP domain** - Ex. contoso.com (is federated with Office 365)
After you've double-checked that you meet the [prerequisites](hybrid-modern-auth
- **SFB 2015 CU5 Web Service URLs** you'll need internal and external web service URLs for all SfB 2015 pools deployed. To obtain these, run the following from Skype for Business Management Shell:
-
+ ```powershell Get-CsService -WebServer | Select-Object PoolFqdn, InternalFqdn, ExternalFqdn | FL ```
Get-CsService -WebServer | Select-Object PoolFqdn, InternalFqdn, ExternalFqdn |
- Ex. External: https://lyncwebext01.contoso.com If you're using a Standard Edition server, the internal URL will be blank. In this case, use the pool fqdn for the internal URL.
-
+ ## Turn on Modern Authentication for EXO
-Follow the instructions here: [Exchange Online: How to enable your tenant for modern authentication.](https://social.technet.microsoft.com/wiki/contents/articles/32711.exchange-online-how-to-enable-your-tenant-for-modern-authentication.aspx)
-
+Follow the instructions here: [Exchange Online: How to enable your tenant for modern authentication.](https://social.technet.microsoft.com/wiki/contents/articles/32711.exchange-online-how-to-enable-your-tenant-for-modern-authentication.aspx)
+ ## Turn on Modern Authentication for SFBO
-Follow the instructions here: [Skype for Business Online: Enable your tenant for modern authentication](https://social.technet.microsoft.com/wiki/contents/articles/34339.skype-for-business-online-enable-your-tenant-for-modern-authentication.aspx).
-
+Follow the instructions here: [Skype for Business Online: Enable your tenant for modern authentication](https://social.technet.microsoft.com/wiki/contents/articles/34339.skype-for-business-online-enable-your-tenant-for-modern-authentication.aspx).
+ ## Turn on Hybrid Modern Authentication for Exchange on-premises Follow the instructions here: [How to configure Exchange Server on-premises to use Hybrid Modern Authentication](configure-exchange-server-for-hybrid-modern-authentication.md).
-
+ ## Turn on Hybrid Modern Authentication for Skype for Business on-premises ### Add on-premises web service URLs as SPNs in Azure Active Directory Now you'll need to run commands to add the URLs (collected earlier) as Service Principals in SFBO.
-
+ **Note** Service principal names (SPNs) identify web services and associate them with a security principal (such as an account name or group) so that the service can act on the behalf of an authorized user. Clients authenticating to a server make use of information that's contained in SPNs.
-
-1. First, connect to Azure Active Directory (Azure AD) with [these instructions](/powershell/azure/active-directory/overview?view=azureadps-1.0).
+
+1. First, connect to Azure Active Directory (Azure AD) with [these instructions](/powershell/azure/active-directory/overview).
2. Run this command, on-premises, to get a list of SFB web service URLs.
Get-MsolServicePrincipal -AppPrincipalId 00000004-0000-0ff1-ce00-000000000000 |
3. If the internal **or** external SFB URLs from on-premises are missing (for example, https://lyncwebint01.contoso.com and https://lyncwebext01.contoso.com) we will need to add those specific records to this list. Be sure to replace *the example URLs* below with your actual URLs in the Add commands!
-
+ ```powershell $x= Get-MsolServicePrincipal -AppPrincipalId 00000004-0000-0ff1-ce00-000000000000 $x.ServicePrincipalnames.Add("https://lyncwebint01.contoso.com/") $x.ServicePrincipalnames.Add("https://lyncwebext01.contoso.com/") Set-MSOLServicePrincipal -AppPrincipalId 00000004-0000-0ff1-ce00-000000000000 -ServicePrincipalNames $x.ServicePrincipalNames ```
-
+ 4. Verify your new records were added by running the **Get-MsolServicePrincipal** command from step 2 again, and looking through the output. Compare the list or screenshot from before to the new list of SPNs. You might also screenshot the new list for your records. If you were successful, you'll see the two new URLs in the list. Going by our example, the list of SPNs will now include the specific URLs https://lyncwebint01.contoso.com and https://lyncwebext01.contoso.com/. ### Create the EvoSTS Auth Server Object Run the following command in the Skype for Business Management Shell.
-
+ ```powershell New-CsOAuthServer -Identity evoSTS -MetadataURL https://login.windows.net/common/FederationMetadata/2007-06/FederationMetadata.xml -AcceptSecurityIdentifierInformation $true -Type AzureAD ```
Set-CsOAuthConfiguration -ClientAuthorizationOAuthServerIdentity evoSTS
## Verify Once you enable HMA, a client's next login will use the new auth flow. Note that just turning on HMA won't trigger a reauthentication for any client. The clients reauthenticate based on the lifetime of the auth tokens and/or certs they have.
-
+ To test that HMA is working after you've enabled it, sign out of a test SFB Windows client and be sure to click 'delete my credentials'. Sign in again. The client should now use the Modern Auth flow and your login will now include an **Office 365** prompt for a 'Work or school' account, seen right before the client contacts the server and logs you in.
-
+ You should also check the 'Configuration Information' for Skype for Business Clients for an 'OAuth Authority'. To do this on your client computer, hold down the CTRL key at the same time you right-click the Skype for Business Icon in the Windows Notification tray. Click **Configuration Information** in the menu that appears. In the 'Skype for Business Configuration Information' window that will appear on the desktop, look for the following:
-
+ ![The Configuration information of a Skype for Business Client using Modern Authentication shows a Lync and EWS OAUTH Authority URL of https://login.windows.net/common/oauth2/authorize.](../media/4e54edf5-c8f8-4e7f-b032-5d413b0232de.png)
-
+ You should also hold down the CTRL key at the same time you right-click the icon for the Outlook client (also in the Windows Notifications tray) and click 'Connection Status'. Look for the client's SMTP address against an AuthN type of 'Bearer\*', which represents the bearer token used in OAuth.
-
+ ## Related articles [Link back to the Modern Authentication overview](hybrid-modern-auth-overview.md).
-
+ Do you need to know how to use Modern Authentication (ADAL) for your Skype for Business clients? We've got steps [here](./hybrid-modern-auth-overview.md).
enterprise Configure User Account Properties With Microsoft 365 Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/configure-user-account-properties-with-microsoft-365-powershell.md
You can use the Microsoft 365 admin center to configure properties for the user
## Use the Azure Active Directory PowerShell for Graph module
-To configure properties for user accounts in the Azure Active Directory PowerShell for Graph module, use the [**Set-AzureADUser**](/powershell/module/azuread/set-azureaduser?view=azureadps-2.0) cmdlet and specify the properties to set or change.
+To configure properties for user accounts in the Azure Active Directory PowerShell for Graph module, use the [**Set-AzureADUser**](/powershell/module/azuread/set-azureaduser) cmdlet and specify the properties to set or change.
First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-azure-active-directory-powershell-for-graph-module).
-
+ ### Change properties for a specific user account You identify the account with the *-ObjectID* parameter and set or change specific properties by using additional parameters. Here's a list of the most common parameters: - -Department "\<department name>"
-
+ - -DisplayName "\<full user name>"
-
+ - -FacsimilieTelephoneNumber "\<fax number>"
-
+ - -GivenName "\<user first name>"
-
+ - -Surname "\<user last name>"
-
+ - -Mobile "\<mobile phone number>"
-
+ - -JobTitle "\<job title>"
-
+ - -PreferredLanguage "\<language>"
-
+ - -StreetAddress "\<street address>"
-
+ - -City "\<city name>"
-
+ - -State "\<state name>"
-
+ - -PostalCode "\<postal code>"
-
+ - -Country "\<country name>"
-
+ - -TelephoneNumber "\<office phone number>"
-
+ - -UsageLocation "\<2-character country or region code>"
-
+ This is the ISO 3166-1 alpha-2 (A2) two-letter country or region code.
-
-For additional parameters, see [Set-AzureADUser](/powershell/module/azuread/set-azureaduser?view=azureadps-2.0) .
->[!Note]
->Before you can assign licenses to a user account, you must assign a usage location.
->
+For additional parameters, see [Set-AzureADUser](/powershell/module/azuread/set-azureaduser).
+
+> [!NOTE]
+> Before you can assign licenses to a user account, you must assign a usage location.
To display the User Principal Name for your user accounts, run the following command.
Get-AzureADUser | Sort UserPrincipalName | Select UserPrincipalName | More
This command instructs PowerShell to: 1. Get all the information on the user accounts (**Get-AzureADUser**) and send it to the next command (**|**).
-
+ 1. Sort the list of User Principal Names alphabetically (**Sort UserPrincipalName**) and send it to the next command (**|**).
-
+ 1. Display just the User Principal Name property for each account (**Select UserPrincipalName**). 1. Display them one screen at a time (**More**).
-
+ To display the User Principal Name for an account based on its display name (first and last name), run the following commands. Fill in the *$userName* variable, and remove the \< and > characters: ```powershell
Get-AzureADUser | Set-AzureADUser -UsageLocation "FR"
This command instructs PowerShell to: 1. Get all of the information on the user accounts (**Get-AzureADUser**) and send it to the next command (**|**).
-
+ 1. Set the user location to France (**Set-AzureADUser -UsageLocation "FR"**).
-
+ ### Change properties for a specific set of user accounts To change properties for a specific set of user accounts, you can use a combination of the **Get-AzureADUser**, **Where**, and **Set-AzureADUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*:
Get-AzureADUser | Where {$_.Department -eq "Accounting"} | Set-AzureADUser -Usag
This command instructs PowerShell to: 1. Get all the information on the user accounts (**Get-AzureADUser**), and send it to the next command (**|**).
-
+ 1. Find all the user accounts that have their *Department* property set to "Accounting" (**Where {$_.Department -eq "Accounting"}**), and send the resulting information to the next command (**|**).
-
+ 1. Set the user location to France (**Set-AzureADUser -UsageLocation "FR"**).
-
+ ## Use the Microsoft Azure Active Directory Module for Windows PowerShell To configure properties for user accounts with the Microsoft Azure Active Directory Module for Windows PowerShell, use the **Set-MsolUser** cmdlet and specify the properties to set or change. First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell).
->[!Note]
->PowerShell Core doesn't support the Microsoft Azure Active Directory Module for Windows PowerShell module and cmdlets with *Msol* in their name. Run these cmdlets from Windows PowerShell.
->
+> [!NOTE]
+> PowerShell Core doesn't support the Microsoft Azure Active Directory Module for Windows PowerShell module and cmdlets with *Msol* in their name. Run these cmdlets from Windows PowerShell.
### Change properties for a specific user account
To configure properties for a specific user account, use the [**Set-MsolUser**](
You identify the account with the *-UserPrincipalName* parameter and set or change specific properties by using additional parameters. Here's a list of the most common parameters. - -City "\<city name>"
-
+ - -Country "\<country name>"
-
+ - -Department "\<department name>"
-
+ - -DisplayName "\<full user name>"
-
+ - -Fax "\<fax number>"
-
+ - -FirstName "\<user first name>"
-
+ - -LastName "\<user last name>"
-
+ - -MobilePhone "\<mobile phone number>"
-
+ - -Office "\<office location>"
-
+ - -PhoneNumber "\<office phone number>"
-
+ - -PostalCode "\<postal code>"
-
+ - -PreferredLanguage "\<language>"
-
+ - -State "\<state name>"
-
+ - -StreetAddress "\<street address>"
-
+ - -Title "\<title name>"
-
+ - -UsageLocation "\<2-character country or region code>"
-
+ This is the ISO 3166-1 alpha-2 (A2) two-letter country or region code.
-
+ For additional parameters, see [Set-MsolUser](/previous-versions/azure/dn194136(v=azure.100)). To see the User Principal Names of all your users, run the following command:
Get-MSolUser | Sort UserPrincipalName | Select UserPrincipalName | More
This command instructs PowerShell to: 1. Get all of information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**).
-
+ 1. Sort the list of User Principal Names alphabetically (**Sort UserPrincipalName**) and send it to the next command (**|**).
-
+ 1. Display just the User Principal Name property for each account (**Select UserPrincipalName**).
-
+ 1. Display them one screen at a time (**More**).
-
+ To display the User Principal Name for an account based on its display name (first and last name), run the following commands. Fill in the *$userName* variable, and remove the \< and > characters. ```powershell
Get-MsolUser | Set-MsolUser -UsageLocation "FR"
This command instructs PowerShell to: 1. Get all the information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**).
-
+ 1. Set the user location to France (**Set-MsolUser -UsageLocation "FR"**).
-
+ ### Change properties for a specific set of user accounts To change properties for a specific set of user accounts, you can use a combination of the **Get-MsolUser**, **Where**, and **Set-MsolUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*:
Get-MsolUser | Where {$_.Department -eq "Accounting"} | Set-MsolUser -UsageLocat
This command instructs PowerShell to: 1. Get all the information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**).
-
+ 1. Find all user accounts that have their *Department* property set to "Accounting" (**Where {$_.Department -eq "Accounting"}**) and send the resulting information to the next command (**|**).
-
+ 1. Set the user location to France (**Set-MsolUser -UsageLocation "FR"**). ## See also
This command instructs PowerShell to:
[Manage Microsoft 365 with PowerShell](manage-microsoft-365-with-microsoft-365-powershell.md)
-[Get started with PowerShell for Microsoft 365](getting-started-with-microsoft-365-powershell.md)
+[Get started with PowerShell for Microsoft 365](getting-started-with-microsoft-365-powershell.md)
enterprise Contoso Info Protect https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/contoso-info-protect.md
Contoso followed these steps to prepare Microsoft 365 for enterprise for their i
Contoso created sensitivity labels for their data levels, with their highly regulated label that includes encryption, permissions, and watermarks.
-4. Move data from on-premises SharePoint sites and file shares to their new SharePoint sites
+4. Move data from on-premises SharePoint sites and file shares to their new SharePoint sites
The files migrated to the new SharePoint sites inherited the default retention labels assigned to the site.
-5. Train employees how to use sensitivity labels for new documents, how to interact with Contoso IT when creating new SharePoint sites, and to always store digital assets on SharePoint sites
+5. Train employees how to use sensitivity labels for new documents, how to interact with Contoso IT when creating new SharePoint sites, and to always store digital assets on SharePoint sites
Changing bad worker information-storage habits is often considered the hardest part of the information protection transition for the cloud. Contoso IT and management needed to get employees to always label and store their digital assets in the cloud, refrain from using on-premises file shares, and not use third-party cloud storage services or USB drives.
enterprise Create Sharepoint Sites And Add Users With Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/create-sharepoint-sites-and-add-users-with-powershell.md
search.appverid:
f1.keywords: - CSH-+ - PowerShell - Ent_Office_Other - SPO_Content
description: "Summary: Use PowerShell to create new SharePoint Online sites and
*This article applies to both Microsoft 365 Enterprise and Office 365 Enterprise.*
-When you use PowerShell for Microsoft 365 to create SharePoint Online sites and add users, you can quickly and repeatedly perform tasks much faster than you can in the Microsoft 365 admin center. You can also perform tasks that are not possible to perform in the Microsoft 365 admin center.
+When you use PowerShell for Microsoft 365 to create SharePoint Online sites and add users, you can quickly and repeatedly perform tasks much faster than you can in the Microsoft 365 admin center. You can also perform tasks that are not possible to perform in the Microsoft 365 admin center.
## Connect to SharePoint Online
-The procedures in this topic require you to connect to SharePoint Online. For instructions, see [Connect to SharePoint Online PowerShell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online?view=sharepoint-ps)
+The procedures in this topic require you to connect to SharePoint Online. For instructions, see [Connect to SharePoint Online PowerShell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online)
## Step 1: Create new site collections using PowerShell
The PowerShell cmdlet imports the .csv file and pipes it to a loop inside the cu
### Create a .csv file > [!NOTE]
-> The resource quota parameter works only on classic sites. If you use this parameter on a modern site, you may receive a warning message that it has been deprecated.
+> The resource quota parameter works only on classic sites. If you use this parameter on a modern site, you may receive a warning message tha