From f1e7456361cf2b51b21395b80667ee7876b9051f Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Mon, 9 Jun 2025 16:46:06 -0700 Subject: [PATCH 01/30] Create --- .../Cancel-SensitiveInformationScan.md | 109 +++ .../exchange/Get-SensitiveInformationScan.md | 138 ++++ .../Get-SensitiveInformationScanRule.md | 86 +++ .../exchange/New-SensitiveInformationScan.md | 508 +++++++++++++ .../New-SensitiveInformationScanRule.md | 298 ++++++++ .../Remove-SensitiveInformationScan.md | 108 +++ .../Remove-SensitiveInformationScanRule.md | 107 +++ .../exchange/Set-SensitiveInformationScan.md | 695 ++++++++++++++++++ .../Set-SensitiveInformationScanRule.md | 287 ++++++++ 9 files changed, 2336 insertions(+) create mode 100644 exchange/exchange-ps/exchange/Cancel-SensitiveInformationScan.md create mode 100644 exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md create mode 100644 exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md create mode 100644 exchange/exchange-ps/exchange/New-SensitiveInformationScan.md create mode 100644 exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md create mode 100644 exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md create mode 100644 exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md create mode 100644 exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md create mode 100644 exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md diff --git a/exchange/exchange-ps/exchange/Cancel-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Cancel-SensitiveInformationScan.md new file mode 100644 index 0000000000..db4687eed9 --- /dev/null +++ b/exchange/exchange-ps/exchange/Cancel-SensitiveInformationScan.md @@ -0,0 +1,109 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/cancel-sensitiveinformationscan +applicable: Security & Compliance +title: Cancel-SensitiveInformationScan +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Cancel-SensitiveInformationScan + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Cancel-SensitiveInformationScan cmdlet to cancel sensitive information scans. + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +### Identity (Default) +``` +Cancel-SensitiveInformationScan [-Identity] + [-Confirm] + [-WhatIf] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +Cancel-SensitiveInformationScan -Identity "HR Department" +``` + +This example cancels the specified sensitive information scan. + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan that you want to cancel. You can use any value that uniquely identifies the scan. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: PolicyIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md new file mode 100644 index 0000000000..78ddca81f9 --- /dev/null +++ b/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md @@ -0,0 +1,138 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/get-sensitiveinformationscan +applicable: Security & Compliance +title: Get-SensitiveInformationScan +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Get-SensitiveInformationScan + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Get-SensitiveInformationScan cmdlet to view sensitive information scans. + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +Get-SensitiveInformationScan [[-Identity] ] + [-IncludeImpactAssessment ] + [-IncludeProgressForAllActiveScans ] + [-IncludeScanProgress ] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +Get-SensitiveInformationScan | Format-Table Name,ParentPolicyName +``` + +This example returns a summary list of all sensitive information scans in the organization. + +### Example 2 +```powershell +Get-SensitiveInformationScan -Identity "HR Department Scan" +``` + +This example returns detailed information for the specified scan. + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan that you want to view. You can use any value that uniquely identifies the scan. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: PolicyIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -IncludeImpactAssessment +The IncludeImpactAssessment parameter specifies whether to ???. Valid values are: + +- $true: ??? +- $false: ??? + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IncludeProgressForAllActiveScans +The IncludeProgressForAllActiveScans parameter specifies whether to ???. Valid values are: + +- $true: ??? +- $false: ??? + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -IncludeScanProgress +The IncludeScanProgress parameter specifies whether to ???. Valid values are: + +- $true: ??? +- $false: ??? + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md new file mode 100644 index 0000000000..6b0f999225 --- /dev/null +++ b/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md @@ -0,0 +1,86 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/get-sensitiveinformationscanrule +applicable: Security & Compliance +title: Get-SensitiveInformationScanRule +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Get-SensitiveInformationScanRule + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Get-SensitiveInformationScanRule cmdlet to + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +Get-SensitiveInformationScanRule [[-Identity] ] [-Policy ] [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +{{ Add example code here }} +``` + +{{ Add example description here }} + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan rule that you want to view. You can use any value that uniquely identifies the rule. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: ComplianceRuleIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Policy +{{ Fill Policy Description }} + +```yaml +Type: PolicyIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md new file mode 100644 index 0000000000..0eaa365532 --- /dev/null +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -0,0 +1,508 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/new-sensitiveinformationscan +applicable: Security & Compliance +title: New-SensitiveInformationScan +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# New-SensitiveInformationScan + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the New-SensitiveInformationScan cmdlet to + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +New-SensitiveInformationScan [-Name] + [-Comment ] + [-Confirm] + [-EndpointDlpLocation ] + [-EndpointDlpLocationException ] + [-ExceptIfOneDriveSharedBy ] + [-ExceptIfOneDriveSharedByMemberOf ] + [-ExchangeLocation ] + [-ExchangeSender ] + [-ExchangeSenderException ] + [-ExchangeSenderMemberOf ] + [-ExchangeSenderMemberOfException ] + [-OneDriveLocation ] + [-OneDriveLocationException ] + [-OneDriveSharedBy ] + [-OneDriveSharedByMemberOf ] + [-PolicyRBACScopes ] + [-SharePointLocation ] + [-SharePointLocationException ] + [-TeamsLocation ] + [-TeamsLocationException ] + [-WhatIf] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +{{ Add example code here }} +``` + +{{ Add example description here }} + +## PARAMETERS + +### -Name +{{ Fill Name Description }} + +```yaml +Type: String +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Comment +The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". + +```yaml +Type: String +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EndpointDlpLocation +**Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. + +The EndpointDLPLocation parameter specifies the user accounts to include in scan for Endpoint DLP when they are logged on to an onboarded device. You identify the account by name or email address. You can use the value All to include all user accounts. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EndpointDlpLocationException +**Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. + +The EndpointDlpLocationException parameter specifies the user accounts to exclude from Endpoint DLP when you use the value All for the EndpointDlpLocation parameter. You identify the account by name or email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfOneDriveSharedBy +The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). + +To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the OneDriveSharedBy or OneDriveSharedByMemberOf parameters. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfOneDriveSharedByMemberOf +The ExceptIfOneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to exclude from the scan (the OneDrive sites of group members are excluded from the scan). You identify the groups by email address. + +To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the OneDriveSharedBy or OneDriveSharedByMemberOf parameters. + +You can't use this parameter to specify Microsoft 365 Groups. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeLocation +The ExchangeLocation parameter specifies whether to include email messages in the scan. The valid value for this parameter is All. If you don't want to include email messages in the scan, don't use this parameter (the default value is blank or $null). + +You can use this parameter in the following procedures: + +- If you use `-ExchangeLocation All` by itself, the scan applies to email for all users. + +- To include email of specific group members in the scan, use `-ExchangeLocation All` with the ExchangeSenderMemberOf parameter in the same command. Only email of members of the specified groups is included in the scan. + +- To exclude email of specific group members from the scan, use `-ExchangeLocation All` with the ExchangeSenderMemberOfException parameter in the same command. Only email of members of the specified groups is excluded from the scan. + +You can't specify inclusions and exclusions in the same scan. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSender +The ExchangeSender parameter specifies the users whose email is included in the scan. You identify the users by email address. You can specify internal or external email addresses. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. + +```yaml +Type: SmtpAddress[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderException +The ExchangeSenderException parameter specifies the internal users whose email is excluded from the scan. You identify the users by email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. + +```yaml +Type: SmtpAddress[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderMemberOf +The ExchangeSenderMemberOf parameter specifies the distribution groups or security groups to include in the scan (email of the group members is included in the scan). You identify the groups by email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSenderMemberOfException parameter. + +You can't use this parameter to specify Microsoft 365 Groups. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderMemberOfException +The ExchangeSenderMemberOfException parameter specifies the distribution groups or security groups to exclude from the scan (email of the group members is excluded from the scan). You identify the groups by email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. + +You can't use this parameter to specify Microsoft 365 Groups. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveLocation +The OneDriveLocation parameter specifies the OneDrive sites to include in the scan. You identify the site by its URL value, or you can use the value All to include all sites. + +You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveLocationException +This parameter specifies the OneDrive sites to exclude when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. + +You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveSharedBy +The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). + +To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the ExceptIfOneDriveSharedBy or ExceptIfOneDriveSharedByMemberOf parameters. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveSharedByMemberOf +The OneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to include in the scan (the OneDrive sites of group members are included in the scan). You identify the groups by email address. + +To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the ExceptIfOneDriveSharedBy or ExceptIfOneDriveSharedByMemberOf parameters. + +You can't use this parameter to specify Microsoft 365 Groups. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PolicyRBACScopes +{{ Fill PolicyRBACScopes Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SharePointLocation +{{ Fill SharePointLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -SharePointLocationException +{{ Fill SharePointLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TeamsLocation +{{ Fill TeamsLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TeamsLocationException +{{ Fill TeamsLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md new file mode 100644 index 0000000000..fdfba641e6 --- /dev/null +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md @@ -0,0 +1,298 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/new-sensitiveinformationscanrule +applicable: Security & Compliance +title: New-SensitiveInformationScanRule +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# New-SensitiveInformationScanRule + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the New-SensitiveInformationScan cmdlet to + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +New-SensitiveInformationScanRule [-Name] -Policy -Workload + [-Comment ] + [-Confirm] + [-ContentCreatedOrUpdatedDateFrom ] + [-ContentCreatedOrUpdatedDateTo ] + [-ContentExtensionMatchesWords ] + [-ContentPropertyContainsWords ] + [-ExceptIfContentExtensionMatchesWords ] + [-ExceptIfContentPropertyContainsWords ] + [-StartImpactAssessment ] + [-WhatIf] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +{{ Add example code here }} +``` + +{{ Add example description here }} + +## PARAMETERS + +### -Name +{{ Fill Name Description }} + +```yaml +Type: String +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Policy +{{ Fill Policy Description }} + +```yaml +Type: PolicyIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Workload +The Workload parameter specifies the workload. Valid values are: + +- Applications +- AuditAlerting +- AWS +- Azure +- AzureBatch +- Copilot +- DynamicScope +- EndpointDevices +- Exchange +- ExchangeOnPremises +- Intune +- ModernGroup +- OneDriveForBusiness +- OnPremisesScanner +- PowerBI +- PublicFolder +- SharePoint +- SharePointOnPremises +- Skype +- Substrate +- Teams +- ThirdPartyApps +- UnifiedAuditAzure + +This value appears in the LogicalWorkload property in the output of the Get-SensitiveInformationScanRule cmdlet. + +```yaml +Type: PolicyConfiguration.Workload +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Comment +The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". + +```yaml +Type: String +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentCreatedOrUpdatedDateFrom +{{ Fill ContentCreatedOrUpdatedDateFrom Description }} + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentCreatedOrUpdatedDateTo +{{ Fill ContentCreatedOrUpdatedDateTo Description }} + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentExtensionMatchesWords +{{ Fill ContentExtensionMatchesWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentPropertyContainsWords +{{ Fill ContentPropertyContainsWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfContentExtensionMatchesWords +{{ Fill ExceptIfContentExtensionMatchesWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfContentPropertyContainsWords +{{ Fill ExceptIfContentPropertyContainsWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StartImpactAssessment +{{ Fill StartImpactAssessment Description }} + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md new file mode 100644 index 0000000000..03d11b7992 --- /dev/null +++ b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md @@ -0,0 +1,108 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/remove-sensitiveinformationscan +applicable: Security & Compliance +title: Remove-SensitiveInformationScan +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Remove-SensitiveInformationScan + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Remove-SensitiveInformationScan cmdlet to remove sensitive information scans. + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +Remove-SensitiveInformationScan [-Identity] + [-Confirm] + [-WhatIf] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +Remove-SensitiveInformationScan -Identity "HR Department" +``` + +This example removes the specified sensitive information scan. + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan that you want to remove. You can use any value that uniquely identifies the scan. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: PolicyIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md new file mode 100644 index 0000000000..b0021e4f90 --- /dev/null +++ b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md @@ -0,0 +1,107 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/remove-sensitiveinformationscanrule +applicable: Security & Compliance +title: Remove-SensitiveInformationScanRule +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Remove-SensitiveInformationScanRule + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Remove-SensitiveInformationScanRule cmdlet to remove sensitive information scan rules. + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +Remove-SensitiveInformationScanRule [-Identity] + [-Confirm] + [-WhatIf] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +Remove-SensitiveInformationScanRule -Identity "HR Department Rule" +``` + +This example removes the specified sensitive information scan rule. + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan rule that you want to remove. You can use any value that uniquely identifies the rule. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: ComplianceRuleIdParameter +Parameter Sets: (All) +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md new file mode 100644 index 0000000000..f8d37f8b8c --- /dev/null +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md @@ -0,0 +1,695 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/set-sensitiveinformationscan +applicable: Security & Compliance +title: Set-SensitiveInformationScan +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Set-SensitiveInformationScan + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Set-SensitiveInformationScan cmdlet to + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +Set-SensitiveInformationScan [-Identity] + [-AddEndpointDlpLocation ] + [-AddEndpointDlpLocationException ] + [-AddExchangeLocation ] + [-AddOneDriveLocation ] + [-AddOneDriveLocationException ] + [-AddSharePointLocation ] + [-AddSharePointLocationException ] + [-AddTeamsLocation ] + [-AddTeamsLocationException ] + [-CancelScan ] + [-Comment ] + [-Confirm] + [-ExceptIfOneDriveSharedBy ] + [-ExceptIfOneDriveSharedByMemberOf ] + [-ExchangeSender ] + [-ExchangeSenderException ] + [-ExchangeSenderMemberOf ] + [-ExchangeSenderMemberOfException ] + [-Mode ] + [-OneDriveSharedBy ] + [-OneDriveSharedByMemberOf ] + [-PolicyRBACScopes ] + [-RemoveEndpointDlpLocation ] + [-RemoveEndpointDlpLocationException ] + [-RemoveExchangeLocation ] + [-RemoveOneDriveLocation ] + [-RemoveOneDriveLocationException ] + [-RemoveSharePointLocation ] + [-RemoveSharePointLocationException ] + [-RemoveTeamsLocation ] + [-RemoveTeamsLocationException ] + [-StartImpactAssessment ] + [-StopImpactAssessmentAndStartClassification ] + [-WhatIf] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +{{ Add example code here }} +``` + +{{ Add example description here }} + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan that you want to modify. You can use any value that uniquely identifies the scan. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: PolicyIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -AddEndpointDlpLocation +{{ Fill AddEndpointDlpLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddEndpointDlpLocationException +{{ Fill AddEndpointDlpLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddExchangeLocation +{{ Fill AddExchangeLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddOneDriveLocation +{{ Fill AddOneDriveLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddOneDriveLocationException +{{ Fill AddOneDriveLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddSharePointLocation +{{ Fill AddSharePointLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddSharePointLocationException +{{ Fill AddSharePointLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddTeamsLocation +{{ Fill AddTeamsLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AddTeamsLocationException +{{ Fill AddTeamsLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CancelScan +{{ Fill CancelScan Description }} + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Comment +The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". + +```yaml +Type: String +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfOneDriveSharedBy +The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). + +To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the OneDriveSharedBy or OneDriveSharedByMemberOf parameters. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfOneDriveSharedByMemberOf +{{ Fill ExceptIfOneDriveSharedByMemberOf Description }} + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSender +The ExchangeSender parameter specifies the users whose email is included in the scan. You identify the users by email address. You can specify internal or external email addresses. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. + +```yaml +Type: SmtpAddress[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderException +The ExchangeSenderException parameter specifies the internal users whose email is excluded from the scan. You identify the users by email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. + +```yaml +Type: SmtpAddress[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderMemberOf +The ExchangeSenderMemberOf parameter specifies the distribution groups or security groups to include in the scan (email of the group members is included in the scan). You identify the groups by email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSenderMemberOfException parameter. + +You can't use this parameter to specify Microsoft 365 Groups. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderMemberOfException +The ExchangeSenderMemberOfException parameter specifies the distribution groups or security groups to exclude from the scan (email of the group members is excluded from the scan). You identify the groups by email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You must use this parameter with the ExchangeLocation parameter. + +You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. + +You can't use this parameter to specify Microsoft 365 Groups. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Mode +{{ Fill Mode Description }} + +```yaml +Type: PolicyMode +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveSharedBy +The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). + +To use this parameter, one of the following statements must be true: + +- The scan already includes OneDrive sites (in the output of Get-DlpCOmpliancePolicy, the OneDriveLocation property value is All, which is the default value). +- Use `-AddOneDriveLocation All` in the same command with this parameter. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the ExceptIfOneDriveSharedBy or ExceptIfOneDriveSharedByMemberOf parameters. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveSharedByMemberOf +{{ Fill OneDriveSharedByMemberOf Description }} + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -PolicyRBACScopes +{{ Fill PolicyRBACScopes Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveEndpointDlpLocation +{{ Fill RemoveEndpointDlpLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveEndpointDlpLocationException +{{ Fill RemoveEndpointDlpLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveExchangeLocation +{{ Fill RemoveExchangeLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveOneDriveLocation +{{ Fill RemoveOneDriveLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveOneDriveLocationException +{{ Fill RemoveOneDriveLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveSharePointLocation +{{ Fill RemoveSharePointLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveSharePointLocationException +{{ Fill RemoveSharePointLocationException Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveTeamsLocation +{{ Fill RemoveTeamsLocation Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RemoveTeamsLocationException +{{ Fill RemoveTeamsLocationException Description }} + +```yaml +Type:MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StartImpactAssessment +{{ Fill StartImpactAssessment Description }} + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StopImpactAssessmentAndStartClassification +{{ Fill StopImpactAssessmentAndStartClassification Description }} + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md new file mode 100644 index 0000000000..b19aade77b --- /dev/null +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md @@ -0,0 +1,287 @@ +--- +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +online version: https://learn.microsoft.com/powershell/module/exchange/set-sensitiveinformationscanrule +applicable: Security & Compliance +title: Set-SensitiveInformationScanRule +schema: 2.0.0 +author: chrisda +ms.author: chrisda +ms.reviewer: +--- + +# Set-SensitiveInformationScanRule + +## SYNOPSIS +This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). + +Use the Set-SensitiveInformationScan cmdlet to + +For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). + +## SYNTAX + +``` +Set-SensitiveInformationScanRule [-Identity] + [-Comment ] + [-Confirm] + [-ContentCreatedOrUpdatedDateFrom ] + [-ContentCreatedOrUpdatedDateTo ] + [-ContentExtensionMatchesWords ] + [-ContentPropertyContainsWords ] + [-ExceptIfContentExtensionMatchesWords ] + [-ExceptIfContentPropertyContainsWords ] + [-StartImpactAssessment ] + [-WhatIf] + [-Workload ] + [] +``` + +## DESCRIPTION +To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see [Permissions in the Microsoft Purview compliance portal](https://learn.microsoft.com/purview/microsoft-365-compliance-center-permissions). + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> {{ Add example code here }} +``` + +{{ Add example description here }} + +## PARAMETERS + +### -Identity +The Identity parameter specifies the sensitive information scan rule that you want to modify. You can use any value that uniquely identifies the rule. For example: + +- Name +- Distinguished name (DN) +- GUID + +```yaml +Type: ComplianceRuleIdParameter +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: True +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +### -Comment +The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". + +```yaml +Type: String +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. + +- Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. +- Most other cmdlets (for example, New-\* and Set-\* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentCreatedOrUpdatedDateFrom +{{ Fill ContentCreatedOrUpdatedDateFrom Description }} + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentCreatedOrUpdatedDateTo +{{ Fill ContentCreatedOrUpdatedDateTo Description }} + +```yaml +Type: System.DateTime +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentExtensionMatchesWords +{{ Fill ContentExtensionMatchesWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ContentPropertyContainsWords +{{ Fill ContentPropertyContainsWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfContentExtensionMatchesWords +{{ Fill ExceptIfContentExtensionMatchesWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExceptIfContentPropertyContainsWords +{{ Fill ExceptIfContentPropertyContainsWords Description }} + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -StartImpactAssessment +{{ Fill StartImpactAssessment Description }} + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Workload +The Workload parameter specifies the workload. Valid values are: + +- Applications +- AuditAlerting +- AWS +- Azure +- AzureBatch +- Copilot +- DynamicScope +- EndpointDevices +- Exchange +- ExchangeOnPremises +- Intune +- ModernGroup +- OneDriveForBusiness +- OnPremisesScanner +- PowerBI +- PublicFolder +- SharePoint +- SharePointOnPremises +- Skype +- Substrate +- Teams +- ThirdPartyApps +- UnifiedAuditAzure + +This value appears in the LogicalWorkload property in the output of the Get-SensitiveInformationScanRule cmdlet. + +```yaml +Type: PolicyConfiguration.Workload +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS From 750ed098b0a061141881ba2230036f28d6f31ace Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Mon, 9 Jun 2025 17:17:50 -0700 Subject: [PATCH 02/30] Copied param descriptions --- .../exchange/Get-SensitiveInformationScan.md | 2 +- .../Get-SensitiveInformationScanRule.md | 2 +- .../exchange/New-SensitiveInformationScan.md | 32 +++- .../New-SensitiveInformationScanRule.md | 14 +- .../exchange/Set-SensitiveInformationScan.md | 169 ++++++++++++++---- .../Set-SensitiveInformationScanRule.md | 16 +- 6 files changed, 179 insertions(+), 56 deletions(-) diff --git a/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md index 78ddca81f9..7547c958c0 100644 --- a/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Get-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Get-SensitiveInformationScan cmdlet to view sensitive information scans. +Use the Get-SensitiveInformationScan cmdlet to view the properties of sensitive information scans. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). diff --git a/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md index 6b0f999225..6cf020dc48 100644 --- a/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Get-SensitiveInformationScanRule.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Get-SensitiveInformationScanRule cmdlet to +Use the Get-SensitiveInformationScanRule cmdlet to view sensitive information scan rules. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md index 0eaa365532..ba774165ba 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the New-SensitiveInformationScan cmdlet to +Use the New-SensitiveInformationScan cmdlet to create sensitive information scans. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -61,7 +61,7 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ## PARAMETERS ### -Name -{{ Fill Name Description }} +The Name parameter specifies the unique name of the scan. If the value contains spaces, enclose the value in quotation marks. ```yaml Type: String @@ -156,7 +156,7 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedBy -The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). +The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). @@ -355,7 +355,7 @@ Accept wildcard characters: False ``` ### -OneDriveSharedBy -The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). +The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). @@ -401,7 +401,9 @@ Accept wildcard characters: False ``` ### -PolicyRBACScopes -{{ Fill PolicyRBACScopes Description }} +The PolicyRBACScopes parameter specifies the administrative units to assign to the scan. A valid value is the Microsoft Entra ObjectID (GUID value) of the administrative unit. You can specify multiple values separated by commas. + +Administrative units are available only in Microsoft Entra ID P1 or P2. You create and manage administrative units in Microsoft Graph PowerShell. ```yaml Type: MultiValuedProperty @@ -417,7 +419,11 @@ Accept wildcard characters: False ``` ### -SharePointLocation -{{ Fill SharePointLocation Description }} +The SharePointLocation parameter specifies the SharePoint sites to include in the scan. You identify the site by its URL value, or you can use the value All to include all sites. + +You can't add SharePoint sites to the policy until they have been indexed. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -433,7 +439,11 @@ Accept wildcard characters: False ``` ### -SharePointLocationException -{{ Fill SharePointLocationException Description }} +The SharePointLocationException parameter specifies the SharePoint sites to exclude when you use the value All for the SharePointLocation parameter. You identify the site by its URL value. + +You can't add SharePoint sites to the scan until they have been indexed. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -449,7 +459,9 @@ Accept wildcard characters: False ``` ### -TeamsLocation -{{ Fill TeamsLocation Description }} +The TeamsLocation parameter specifies the Teams chat and channel messages to include in the scan. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. You can use the value All to include all accounts, distribution groups, and mail-enabled security groups. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -465,7 +477,9 @@ Accept wildcard characters: False ``` ### -TeamsLocationException -{{ Fill TeamsLocationException Description }} +The TeamsLocation parameter specifies the Teams chat and channel messages to exclude from the DLP policy when you use the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md index fdfba641e6..96d0e19fc1 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the New-SensitiveInformationScan cmdlet to +Use the New-SensitiveInformationScan cmdlet to create sensitive information scan rules. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -191,7 +191,7 @@ Accept wildcard characters: False ``` ### -ContentExtensionMatchesWords -{{ Fill ContentExtensionMatchesWords Description }} +The ContentExtensionMatchesWords parameter specifies a condition for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of the original file type, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty @@ -207,7 +207,9 @@ Accept wildcard characters: False ``` ### -ContentPropertyContainsWords -{{ Fill ContentPropertyContainsWords Description }} +The ContentPropertyContainsWords parameter specifies a condition for the rule that's based on a property match in content. The rule is applied to content that contains the specified property. + +This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. ```yaml Type: MultiValuedProperty @@ -223,7 +225,7 @@ Accept wildcard characters: False ``` ### -ExceptIfContentExtensionMatchesWords -{{ Fill ExceptIfContentExtensionMatchesWords Description }} +The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of what the original file type is, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty @@ -239,7 +241,9 @@ Accept wildcard characters: False ``` ### -ExceptIfContentPropertyContainsWords -{{ Fill ExceptIfContentPropertyContainsWords Description }} +The ExceptIfContentPropertyContainsWords parameter specifies an exception for the rule that's based on a property match in content. The rule is not applied to content that contains the specified property. + +This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. ```yaml Type: MultiValuedProperty diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md index f8d37f8b8c..637565cde2 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Set-SensitiveInformationScan cmdlet to +Use the Set-SensitiveInformationScan cmdlet to modify sensitive information scans. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -94,7 +94,13 @@ Accept wildcard characters: False ``` ### -AddEndpointDlpLocation -{{ Fill AddEndpointDlpLocation Description }} +**Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. + +The AddEndpointDLPLocation parameter specifies the user accounts to add to the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). ```yaml Type: MultiValuedProperty @@ -110,7 +116,13 @@ Accept wildcard characters: False ``` ### -AddEndpointDlpLocationException -{{ Fill AddEndpointDlpLocationException Description }} +**Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. + +The AddEndpointDlpLocationException parameter specifies the user accounts to add to the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). ```yaml Type: MultiValuedProperty @@ -126,7 +138,15 @@ Accept wildcard characters: False ``` ### -AddExchangeLocation -{{ Fill AddExchangeLocation Description }} +The AddExchangeLocation parameter adds email messages to the scan if they're not already included. The valid value for this parameter is All. + +If the scan doesn't already include email messages (in the output of the Get-DlpCompliancePolicy cmdlet, the ExchangeLocation property value is blank), you can use this parameter in the following procedures: + +- If you use `-AddExchangeLocation All` by itself, the scan applies to email for all users. + +- To include email of specific group members in the scan, use `-AddExchangeLocation All` with the ExchangeSenderMemberOf parameter in the same command. Only email of members of the specified groups is included in the scan. + +- To exclude email of specific group members from the scan, use `-AddExchangeLocation All` with the ExchangeSenderMemberOfException parameter in the same command. Only email of members of the specified groups is excluded from the scan. ```yaml Type: MultiValuedProperty @@ -142,7 +162,9 @@ Accept wildcard characters: False ``` ### -AddOneDriveLocation -{{ Fill AddOneDriveLocation Description }} +The AddOneDriveLocation parameter specifies the OneDrive sites to add to the list of included sites when you aren't using the value All for the OneDriveLocation parameter. You identify the site by its URL value. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -158,7 +180,9 @@ Accept wildcard characters: False ``` ### -AddOneDriveLocationException -{{ Fill AddOneDriveLocationException Description }} +The AddOneDriveLocationException parameter specifies the OneDrive sites to add to the list of excluded sites when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -174,7 +198,11 @@ Accept wildcard characters: False ``` ### -AddSharePointLocation -{{ Fill AddSharePointLocation Description }} +The AddSharePointLocation parameter specifies the SharePoint sites to add to the list of included sites if you used the value All for the SharePointLocation parameter. You identify the site by its URL value. + +You can't add SharePoint sites to the scan until they have been indexed. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -190,7 +218,11 @@ Accept wildcard characters: False ``` ### -AddSharePointLocationException -{{ Fill AddSharePointLocationException Description }} +The AddSharePointLocationException parameter specifies the SharePoint sites to add to the list of excluded sites if you used the value All for the SharePointLocation parameter. You identify the site by its URL value. + +You can't add SharePoint sites to the scan until they have been indexed. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -206,7 +238,9 @@ Accept wildcard characters: False ``` ### -AddTeamsLocation -{{ Fill AddTeamsLocation Description }} +The AddTeamsLocation parameter specifies the accounts, distribution groups, or mail-enabled security groups to add to the list of included Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -222,7 +256,9 @@ Accept wildcard characters: False ``` ### -AddTeamsLocationException -{{ Fill AddTeamsLocationException Description }} +The AddTeamsLocationException parameter specifies the accounts, distribution groups, or mail-enabled security groups to add to the list of excluded Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -289,9 +325,12 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedBy -The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). +The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). -To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). +To use this parameter, one of the following statements must be true: + +- The scan already includes OneDrive sites (in the output of Get-DlpCOmpliancePolicy, the OneDriveLocation property value is All, which is the default value). +- Use `-AddOneDriveLocation All` in the same command with this parameter. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. @@ -311,7 +350,18 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedByMemberOf -{{ Fill ExceptIfOneDriveSharedByMemberOf Description }} +The ExceptIfOneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to exclude from the scan (the OneDrive sites of group members are excluded from the scan). You identify the groups by email address. + +To use this parameter, one of the following statements must be true: + +- The scan already includes OneDrive sites (in the output of Get-DlpCOmpliancePolicy, the OneDriveLocation property value is All, which is the default value). +- Use `-AddOneDriveLocation All` in the same command with this parameter. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the OneDriveSharedBy or OneDriveSharedByMemberOf parameters. + +You can't use this parameter to specify Microsoft 365 Groups. ```yaml Type: RecipientIdParameter[] @@ -327,11 +377,14 @@ Accept wildcard characters: False ``` ### -ExchangeSender -The ExchangeSender parameter specifies the users whose email is included in the scan. You identify the users by email address. You can specify internal or external email addresses. +The ExchangeSender parameter specifies the users whose email is included in the scan. You specify the users by email address. You can specify internal or external email addresses. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. -You must use this parameter with the ExchangeLocation parameter. +To use this parameter, one of the following statements must be true: + +- The scan already includes email messages (in the output of the Get-SensitiveInformationScan cmdlet, the ExchangeLocation property value is All). +- Use `-AddExchangeLocation All` in the same command with this parameter. You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. @@ -353,7 +406,10 @@ The ExchangeSenderException parameter specifies the internal users whose email i To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. -You must use this parameter with the ExchangeLocation parameter. +To use this parameter, one of the following statements must be true: + +- The scan already includes email messages (in the output of Get-SensitiveInformationScan, the ExchangeLocation property value is All). +- Use `-AddExchangeLocation All` in the same command with this parameter. You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. @@ -371,13 +427,16 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOf -The ExchangeSenderMemberOf parameter specifies the distribution groups or security groups to include in the scan (email of the group members is included in the scan). You identify the groups by email address. +The ExchangeSenderMemberOf parameter specifies the distribution groups or mail-enabled security groups to include in the scan (email of the group members is included in the scan). You identify the groups by email address. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. -You must use this parameter with the ExchangeLocation parameter. +To use this parameter, one of the following statements must be true: + +- The scan already includes email messages (in the output of Get-SensitiveInformationScan, the ExchangeLocation property value is All). +- Use `-AddExchangeLocation All` in the same command with this parameter. -You can't use this parameter with the ExchangeSenderMemberOfException parameter. +You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. You can't use this parameter to specify Microsoft 365 Groups. @@ -395,11 +454,14 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOfException -The ExchangeSenderMemberOfException parameter specifies the distribution groups or security groups to exclude from the scan (email of the group members is excluded from the scan). You identify the groups by email address. +The ExchangeSenderMemberOfException parameter specifies the distribution groups or mail-enabled security groups to exclude from the scan (email of the group members is excluded from the scan). You identify the groups by email address. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. -You must use this parameter with the ExchangeLocation parameter. +To use this parameter, one of the following statements must be true: + +- The scan already includes email messages (in the output of Get-SensitiveInformationScan, the ExchangeLocation property value is All). +- Use `-AddExchangeLocation All` in the same command with this parameter. You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. @@ -435,11 +497,11 @@ Accept wildcard characters: False ``` ### -OneDriveSharedBy -The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (laura@contoso.onmicrosoft.com). +The OneDriveSharedBy parameter specifies the users to include in the DLP scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, one of the following statements must be true: -- The scan already includes OneDrive sites (in the output of Get-DlpCOmpliancePolicy, the OneDriveLocation property value is All, which is the default value). +- The scan already includes OneDrive sites (in the output of Get-SensitiveInformationScan, the OneDriveLocation property value is All, which is the default value). - Use `-AddOneDriveLocation All` in the same command with this parameter. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. @@ -460,7 +522,18 @@ Accept wildcard characters: False ``` ### -OneDriveSharedByMemberOf -{{ Fill OneDriveSharedByMemberOf Description }} +The OneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to include in the DLP scan (the OneDrive sites of group members are included in the scan). You identify the groups by email address. + +To use this parameter, one of the following statements must be true: + +- The scan already includes OneDrive sites (in the output of Get-SensitiveInformationScan, the OneDriveLocation property value is All, which is the default value). +- Use `-AddOneDriveLocation All` in the same command with this parameter. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +You can't use this parameter with the ExceptIfOneDriveSharedBy or ExceptIfOneDriveSharedByMemberOf parameters. + +You can't use this parameter to specify Microsoft 365 Groups. ```yaml Type: RecipientIdParameter[] @@ -476,7 +549,9 @@ Accept wildcard characters: False ``` ### -PolicyRBACScopes -{{ Fill PolicyRBACScopes Description }} +The PolicyRBACScopes parameter specifies the administrative units to assign to the scan. A valid value is the Microsoft Entra ObjectID (GUID value) of the administrative unit. You can specify multiple values separated by commas. + +Administrative units are available only in Microsoft Entra ID P1 or P2. You create and manage administrative units in Microsoft Graph PowerShell. ```yaml Type: MultiValuedProperty @@ -492,7 +567,13 @@ Accept wildcard characters: False ``` ### -RemoveEndpointDlpLocation -{{ Fill RemoveEndpointDlpLocation Description }} +**Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. + +The RemoveEndpointDlpLocation parameter specifies the user accounts to remove from the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You specify the account by name or email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). ```yaml Type: MultiValuedProperty @@ -508,7 +589,13 @@ Accept wildcard characters: False ``` ### -RemoveEndpointDlpLocationException -{{ Fill RemoveEndpointDlpLocationException Description }} +**Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. + +The RemoveEndpointDlpLocation parameter specifies the user accounts to remove from the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You specify the account by name or email address. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. + +For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). ```yaml Type: MultiValuedProperty @@ -524,7 +611,9 @@ Accept wildcard characters: False ``` ### -RemoveExchangeLocation -{{ Fill RemoveExchangeLocation Description }} +The RemoveExchangeLocation parameter removes email messages from the scan if they're already included. The valid value for this parameter is All. + +If the scan already includes email messages (in the output of the Get-DlpCompliancePolicy cmdlet, the ExchangeLocation property value is All), you can use `-RemoveExchangeLocation All` to prevent the scan from applying to email messages. ```yaml Type: MultiValuedProperty @@ -540,7 +629,9 @@ Accept wildcard characters: False ``` ### -RemoveOneDriveLocation -{{ Fill RemoveOneDriveLocation Description }} +The RemoveOneDriveLocation parameter specifies the OneDrive sites to remove from the list of included sites when you aren't using the value All for the OneDriveLocation parameter. You identify the site by its URL value. + +You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. ```yaml Type: MultiValuedProperty @@ -556,7 +647,9 @@ Accept wildcard characters: False ``` ### -RemoveOneDriveLocationException -{{ Fill RemoveOneDriveLocationException Description }} +This parameter specifies the OneDrive sites to remove from the list of excluded sites when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. + +You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. ```yaml Type: MultiValuedProperty @@ -572,7 +665,9 @@ Accept wildcard characters: False ``` ### -RemoveSharePointLocation -{{ Fill RemoveSharePointLocation Description }} +The RemoveSharePointLocation parameter specifies the SharePoint sites to remove from the list of included sites if you used the value All for the SharePointLocation parameter. You specify the site by its URL value. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -588,7 +683,9 @@ Accept wildcard characters: False ``` ### -RemoveSharePointLocationException -{{ Fill RemoveSharePointLocationException Description }} +The RemoveSharePointLocationException parameter specifies the SharePoint sites to remove from the list of excluded sites if you used the value All for the SharePointLocation parameter. You specify the site by its URL value. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -604,7 +701,9 @@ Accept wildcard characters: False ``` ### -RemoveTeamsLocation -{{ Fill RemoveTeamsLocation Description }} +The RemoveTeamsLocation parameter specifies the accounts, distribution groups, or mail-enabled security groups to remove from the list of included Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You specify the entries by the email address or name of the account, distribution group, or mail-enabled security group. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type: MultiValuedProperty @@ -620,7 +719,9 @@ Accept wildcard characters: False ``` ### -RemoveTeamsLocationException -{{ Fill RemoveTeamsLocationException Description }} +The RemoveTeamsLocationException parameter specifies the accounts, distribution groups, or mail-enabled security groups to remove from the list of excluded Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. + +To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. ```yaml Type:MultiValuedProperty diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md index b19aade77b..e941622f3d 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Set-SensitiveInformationScan cmdlet to +Use the Set-SensitiveInformationScan cmdlet to modify sensitive information scan rules. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -43,7 +43,7 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -PS C:\> {{ Add example code here }} +{{ Add example code here }} ``` {{ Add example description here }} @@ -138,7 +138,7 @@ Accept wildcard characters: False ``` ### -ContentExtensionMatchesWords -{{ Fill ContentExtensionMatchesWords Description }} +The ContentExtensionMatchesWords parameter specifies a condition for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of the original file type, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty @@ -154,7 +154,9 @@ Accept wildcard characters: False ``` ### -ContentPropertyContainsWords -{{ Fill ContentPropertyContainsWords Description }} +The ContentPropertyContainsWords parameter specifies a condition for the rule that's based on a property match in content. The rule is applied to content that contains the specified property. + +This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. ```yaml Type: MultiValuedProperty @@ -170,7 +172,7 @@ Accept wildcard characters: False ``` ### -ExceptIfContentExtensionMatchesWords -{{ Fill ExceptIfContentExtensionMatchesWords Description }} +The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of what the original file type is, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty @@ -186,7 +188,9 @@ Accept wildcard characters: False ``` ### -ExceptIfContentPropertyContainsWords -{{ Fill ExceptIfContentPropertyContainsWords Description }} +The ExceptIfContentPropertyContainsWords parameter specifies an exception for the DLP rule that's based on a property match in content. The rule is not applied to content that contains the specified property. + +This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. ```yaml Type: MultiValuedProperty From 17a1f2af53d1a20724d3faf7aaaedf7809a87bec Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Tue, 10 Jun 2025 14:51:03 +0530 Subject: [PATCH 03/30] Update New-SensitiveInformationScan.md Only endpoint, onedrive, sharepoint are in scope of current release --- .../exchange/New-SensitiveInformationScan.md | 242 +----------------- 1 file changed, 5 insertions(+), 237 deletions(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md index ba774165ba..6b212374f8 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the New-SensitiveInformationScan cmdlet to create sensitive information scans. +Use the New-SensitiveInformationScan cmdlet to create a new on-demand classification scan. Learn more about On-demand classification [https://learn.microsoft.com/purview/on-demand-classification]. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -28,20 +28,10 @@ New-SensitiveInformationScan [-Name] [-EndpointDlpLocationException ] [-ExceptIfOneDriveSharedBy ] [-ExceptIfOneDriveSharedByMemberOf ] - [-ExchangeLocation ] - [-ExchangeSender ] - [-ExchangeSenderException ] - [-ExchangeSenderMemberOf ] - [-ExchangeSenderMemberOfException ] - [-OneDriveLocation ] - [-OneDriveLocationException ] [-OneDriveSharedBy ] [-OneDriveSharedByMemberOf ] - [-PolicyRBACScopes ] [-SharePointLocation ] [-SharePointLocationException ] - [-TeamsLocation ] - [-TeamsLocationException ] [-WhatIf] [] ``` @@ -114,11 +104,11 @@ Accept wildcard characters: False ### -EndpointDlpLocation **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. -The EndpointDLPLocation parameter specifies the user accounts to include in scan for Endpoint DLP when they are logged on to an onboarded device. You identify the account by name or email address. You can use the value All to include all user accounts. +The EndpointDLPLocation parameter specifies the user accounts to include in scan for devices. You identify the account by name or email address. You can use the value All to include all user accounts. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. -For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). +For more information about onboarding devices to Purview, see [Learn about device onboarding](https://learn.microsoft.com/purview/endpoint-dlp-getting-started)). ```yaml Type: MultiValuedProperty @@ -136,11 +126,11 @@ Accept wildcard characters: False ### -EndpointDlpLocationException **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. -The EndpointDlpLocationException parameter specifies the user accounts to exclude from Endpoint DLP when you use the value All for the EndpointDlpLocation parameter. You identify the account by name or email address. +The EndpointDlpLocationException parameter specifies the user accounts to exclude in an on-demand classification scan for devices. You identify the account by name or email address. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. -For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). +For more information about onboarding devices to Purview, see [Learn about device onboarding](https://learn.microsoft.com/purview/endpoint-dlp-getting-started)). ```yaml Type: MultiValuedProperty @@ -201,159 +191,6 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -ExchangeLocation -The ExchangeLocation parameter specifies whether to include email messages in the scan. The valid value for this parameter is All. If you don't want to include email messages in the scan, don't use this parameter (the default value is blank or $null). - -You can use this parameter in the following procedures: - -- If you use `-ExchangeLocation All` by itself, the scan applies to email for all users. - -- To include email of specific group members in the scan, use `-ExchangeLocation All` with the ExchangeSenderMemberOf parameter in the same command. Only email of members of the specified groups is included in the scan. - -- To exclude email of specific group members from the scan, use `-ExchangeLocation All` with the ExchangeSenderMemberOfException parameter in the same command. Only email of members of the specified groups is excluded from the scan. - -You can't specify inclusions and exclusions in the same scan. - -```yaml -Type: MultiValuedProperty -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ExchangeSender -The ExchangeSender parameter specifies the users whose email is included in the scan. You identify the users by email address. You can specify internal or external email addresses. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -You must use this parameter with the ExchangeLocation parameter. - -You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. - -```yaml -Type: SmtpAddress[] -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ExchangeSenderException -The ExchangeSenderException parameter specifies the internal users whose email is excluded from the scan. You identify the users by email address. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -You must use this parameter with the ExchangeLocation parameter. - -You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. - -```yaml -Type: SmtpAddress[] -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ExchangeSenderMemberOf -The ExchangeSenderMemberOf parameter specifies the distribution groups or security groups to include in the scan (email of the group members is included in the scan). You identify the groups by email address. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -You must use this parameter with the ExchangeLocation parameter. - -You can't use this parameter with the ExchangeSenderMemberOfException parameter. - -You can't use this parameter to specify Microsoft 365 Groups. - -```yaml -Type: RecipientIdParameter[] -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -ExchangeSenderMemberOfException -The ExchangeSenderMemberOfException parameter specifies the distribution groups or security groups to exclude from the scan (email of the group members is excluded from the scan). You identify the groups by email address. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -You must use this parameter with the ExchangeLocation parameter. - -You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. - -You can't use this parameter to specify Microsoft 365 Groups. - -```yaml -Type: RecipientIdParameter[] -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -OneDriveLocation -The OneDriveLocation parameter specifies the OneDrive sites to include in the scan. You identify the site by its URL value, or you can use the value All to include all sites. - -You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. - -```yaml -Type: MultiValuedProperty -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -OneDriveLocationException -This parameter specifies the OneDrive sites to exclude when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. - -You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. - -```yaml -Type: MultiValuedProperty -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -OneDriveSharedBy The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). @@ -400,24 +237,6 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -PolicyRBACScopes -The PolicyRBACScopes parameter specifies the administrative units to assign to the scan. A valid value is the Microsoft Entra ObjectID (GUID value) of the administrative unit. You can specify multiple values separated by commas. - -Administrative units are available only in Microsoft Entra ID P1 or P2. You create and manage administrative units in Microsoft Graph PowerShell. - -```yaml -Type: MultiValuedProperty -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### -SharePointLocation The SharePointLocation parameter specifies the SharePoint sites to include in the scan. You identify the site by its URL value, or you can use the value All to include all sites. @@ -458,57 +277,6 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -TeamsLocation -The TeamsLocation parameter specifies the Teams chat and channel messages to include in the scan. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. You can use the value All to include all accounts, distribution groups, and mail-enabled security groups. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -```yaml -Type: MultiValuedProperty -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -TeamsLocationException -The TeamsLocation parameter specifies the Teams chat and channel messages to exclude from the DLP policy when you use the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -```yaml -Type: MultiValuedProperty -Parameter Sets: (All) -Aliases: -Applicable: Security & Compliance - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - -### -WhatIf -The WhatIf switch doesn't work in Security & Compliance PowerShell. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: wi -Applicable: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). From 2f8c34787c47dde256974027584fb4130a86a1f9 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 10 Jun 2025 19:32:10 -0700 Subject: [PATCH 04/30] Update New-SensitiveInformationScan.md --- .../exchange/New-SensitiveInformationScan.md | 177 +++++++++++++++++- 1 file changed, 176 insertions(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md index 6b212374f8..f67fc7f0ac 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the New-SensitiveInformationScan cmdlet to create a new on-demand classification scan. Learn more about On-demand classification [https://learn.microsoft.com/purview/on-demand-classification]. +Use the New-SensitiveInformationScan cmdlet to create new on-demand classification scans. Learn more about on-demand classifications at [On-demand classification](https://learn.microsoft.com/purview/on-demand-classification). For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -28,10 +28,20 @@ New-SensitiveInformationScan [-Name] [-EndpointDlpLocationException ] [-ExceptIfOneDriveSharedBy ] [-ExceptIfOneDriveSharedByMemberOf ] + [-ExchangeLocation ] + [-ExchangeSender ] + [-ExchangeSenderException ] + [-ExchangeSenderMemberOf ] + [-ExchangeSenderMemberOfException ] + [-OneDriveLocation ] + [-OneDriveLocationException ] [-OneDriveSharedBy ] [-OneDriveSharedByMemberOf ] + [-PolicyRBACScopes ] [-SharePointLocation ] [-SharePointLocationException ] + [-TeamsLocation ] + [-TeamsLocationException ] [-WhatIf] [] ``` @@ -191,6 +201,112 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -ExchangeLocation +This parameter is reserved for internal Microsoft use. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSender +This parameter is reserved for internal Microsoft use. + +```yaml +Type: SmtpAddress[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderException +This parameter is reserved for internal Microsoft use. + +```yaml +Type: SmtpAddress[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderMemberOf +This parameter is reserved for internal Microsoft use. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -ExchangeSenderMemberOfException +This parameter is reserved for internal Microsoft use. + +```yaml +Type: RecipientIdParameter[] +Parameter Sets: (All) +Aliases: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveLocation +This parameter is reserved for internal Microsoft use. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -OneDriveLocationException +This parameter specifies the OneDrive sites to exclude when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. + +You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -OneDriveSharedBy The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). @@ -237,6 +353,21 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -PolicyRBACScopes +This parameter is reserved for internal Microsoft use. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -SharePointLocation The SharePointLocation parameter specifies the SharePoint sites to include in the scan. You identify the site by its URL value, or you can use the value All to include all sites. @@ -277,6 +408,50 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -TeamsLocation +This parameter is reserved for internal Microsoft use. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -TeamsLocationException +This parameter is reserved for internal Microsoft use. + +```yaml +Type: MultiValuedProperty +Parameter Sets: (All) +Aliases: +Applicable: Security & Compliance +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +The WhatIf switch doesn't work in Security & Compliance PowerShell. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi +Applicable: +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216). From 29eeb82b9cea024da837f0a4c9b3385ca5c027b6 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 10 Jun 2025 19:34:04 -0700 Subject: [PATCH 05/30] Update New-SensitiveInformationScan.md --- .../exchange/New-SensitiveInformationScan.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md index f67fc7f0ac..f019f75294 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -209,6 +209,7 @@ Type: MultiValuedProperty Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -224,6 +225,7 @@ Type: SmtpAddress[] Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -239,6 +241,7 @@ Type: SmtpAddress[] Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -254,6 +257,7 @@ Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -268,6 +272,8 @@ This parameter is reserved for internal Microsoft use. Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: +Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -283,6 +289,7 @@ Type: MultiValuedProperty Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -300,6 +307,7 @@ Type: MultiValuedProperty Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -361,6 +369,7 @@ Type: MultiValuedProperty Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -416,6 +425,7 @@ Type: MultiValuedProperty Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -431,6 +441,7 @@ Type: MultiValuedProperty Parameter Sets: (All) Aliases: Applicable: Security & Compliance + Required: False Position: Named Default value: None @@ -445,7 +456,8 @@ The WhatIf switch doesn't work in Security & Compliance PowerShell. Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: +Applicable: Security & Compliance + Required: False Position: Named Default value: None From 3129358586223742f920913ddc462e78a8f52b85 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 10 Jun 2025 19:45:02 -0700 Subject: [PATCH 06/30] Update New-ApplicationAccessPolicy.md Typo fix --- exchange/exchange-ps/exchange/New-ApplicationAccessPolicy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/New-ApplicationAccessPolicy.md b/exchange/exchange-ps/exchange/New-ApplicationAccessPolicy.md index bc6d569955..3a8139e536 100644 --- a/exchange/exchange-ps/exchange/New-ApplicationAccessPolicy.md +++ b/exchange/exchange-ps/exchange/New-ApplicationAccessPolicy.md @@ -15,7 +15,7 @@ ms.reviewer: This cmdlet is available only in the cloud-based service. > [!IMPORTANT] -> App Access Policies will soon be replaced by Role Based Access Control for Applications. To learn more, see [Roles Based Access Control for Exchange Applications](https://learn.microsoft.com/exchange/permissions-exo/application-rbac). +> App Access Policies will soon be replaced by Role Based Access Control for Applications. To learn more, see [Role Based Access Control for Exchange Applications](https://learn.microsoft.com/exchange/permissions-exo/application-rbac). Use the New-ApplicationAccessPolicy cmdlet to restrict or deny access to a specific set of mailboxes by an application that uses APIs (Outlook REST, Microsoft Graph, or Exchange Web Services (EWS)). These policies are complementary to the permission scopes that are declared by the application. From d6480f96789486e812f8644a45521af7565499e4 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Wed, 11 Jun 2025 08:36:36 -0700 Subject: [PATCH 07/30] Update Set-SensitiveInformationScan.md Updates to match New- --- .../exchange/Set-SensitiveInformationScan.md | 90 +++---------------- 1 file changed, 13 insertions(+), 77 deletions(-) diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md index 637565cde2..eb9a12589a 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md @@ -138,15 +138,7 @@ Accept wildcard characters: False ``` ### -AddExchangeLocation -The AddExchangeLocation parameter adds email messages to the scan if they're not already included. The valid value for this parameter is All. - -If the scan doesn't already include email messages (in the output of the Get-DlpCompliancePolicy cmdlet, the ExchangeLocation property value is blank), you can use this parameter in the following procedures: - -- If you use `-AddExchangeLocation All` by itself, the scan applies to email for all users. - -- To include email of specific group members in the scan, use `-AddExchangeLocation All` with the ExchangeSenderMemberOf parameter in the same command. Only email of members of the specified groups is included in the scan. - -- To exclude email of specific group members from the scan, use `-AddExchangeLocation All` with the ExchangeSenderMemberOfException parameter in the same command. Only email of members of the specified groups is excluded from the scan. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -162,9 +154,7 @@ Accept wildcard characters: False ``` ### -AddOneDriveLocation -The AddOneDriveLocation parameter specifies the OneDrive sites to add to the list of included sites when you aren't using the value All for the OneDriveLocation parameter. You identify the site by its URL value. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -180,9 +170,7 @@ Accept wildcard characters: False ``` ### -AddOneDriveLocationException -The AddOneDriveLocationException parameter specifies the OneDrive sites to add to the list of excluded sites when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -238,9 +226,7 @@ Accept wildcard characters: False ``` ### -AddTeamsLocation -The AddTeamsLocation parameter specifies the accounts, distribution groups, or mail-enabled security groups to add to the list of included Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -256,9 +242,7 @@ Accept wildcard characters: False ``` ### -AddTeamsLocationException -The AddTeamsLocationException parameter specifies the accounts, distribution groups, or mail-enabled security groups to add to the list of excluded Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -377,16 +361,7 @@ Accept wildcard characters: False ``` ### -ExchangeSender -The ExchangeSender parameter specifies the users whose email is included in the scan. You specify the users by email address. You can specify internal or external email addresses. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -To use this parameter, one of the following statements must be true: - -- The scan already includes email messages (in the output of the Get-SensitiveInformationScan cmdlet, the ExchangeLocation property value is All). -- Use `-AddExchangeLocation All` in the same command with this parameter. - -You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. +This parameter is reserved for internal Microsoft use. ```yaml Type: SmtpAddress[] @@ -402,16 +377,7 @@ Accept wildcard characters: False ``` ### -ExchangeSenderException -The ExchangeSenderException parameter specifies the internal users whose email is excluded from the scan. You identify the users by email address. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -To use this parameter, one of the following statements must be true: - -- The scan already includes email messages (in the output of Get-SensitiveInformationScan, the ExchangeLocation property value is All). -- Use `-AddExchangeLocation All` in the same command with this parameter. - -You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. +This parameter is reserved for internal Microsoft use. ```yaml Type: SmtpAddress[] @@ -427,18 +393,7 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOf -The ExchangeSenderMemberOf parameter specifies the distribution groups or mail-enabled security groups to include in the scan (email of the group members is included in the scan). You identify the groups by email address. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -To use this parameter, one of the following statements must be true: - -- The scan already includes email messages (in the output of Get-SensitiveInformationScan, the ExchangeLocation property value is All). -- Use `-AddExchangeLocation All` in the same command with this parameter. - -You can't use this parameter with the ExchangeSenderException or ExchangeSenderMemberOfException parameters. - -You can't use this parameter to specify Microsoft 365 Groups. +This parameter is reserved for internal Microsoft use. ```yaml Type: RecipientIdParameter[] @@ -454,18 +409,7 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOfException -The ExchangeSenderMemberOfException parameter specifies the distribution groups or mail-enabled security groups to exclude from the scan (email of the group members is excluded from the scan). You identify the groups by email address. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. - -To use this parameter, one of the following statements must be true: - -- The scan already includes email messages (in the output of Get-SensitiveInformationScan, the ExchangeLocation property value is All). -- Use `-AddExchangeLocation All` in the same command with this parameter. - -You can't use this parameter with the ExchangeSender or ExchangeSenderMemberOf parameters. - -You can't use this parameter to specify Microsoft 365 Groups. +This parameter is reserved for internal Microsoft use. ```yaml Type: RecipientIdParameter[] @@ -629,9 +573,7 @@ Accept wildcard characters: False ``` ### -RemoveOneDriveLocation -The RemoveOneDriveLocation parameter specifies the OneDrive sites to remove from the list of included sites when you aren't using the value All for the OneDriveLocation parameter. You identify the site by its URL value. - -You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -647,9 +589,7 @@ Accept wildcard characters: False ``` ### -RemoveOneDriveLocationException -This parameter specifies the OneDrive sites to remove from the list of excluded sites when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. - -You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -701,9 +641,7 @@ Accept wildcard characters: False ``` ### -RemoveTeamsLocation -The RemoveTeamsLocation parameter specifies the accounts, distribution groups, or mail-enabled security groups to remove from the list of included Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You specify the entries by the email address or name of the account, distribution group, or mail-enabled security group. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty @@ -719,9 +657,7 @@ Accept wildcard characters: False ``` ### -RemoveTeamsLocationException -The RemoveTeamsLocationException parameter specifies the accounts, distribution groups, or mail-enabled security groups to remove from the list of excluded Teams chat and channel messages if you used the value All for the TeamsLocation parameter. You identify the entries by the email address or name of the account, distribution group, or mail-enabled security group. - -To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +This parameter is reserved for internal Microsoft use. ```yaml Type:MultiValuedProperty From b19cda7fad1c7a93951d9c771cab42f2e4194632 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Wed, 11 Jun 2025 08:37:04 -0700 Subject: [PATCH 08/30] Update Set-SensitiveInformationScan.md --- exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md index eb9a12589a..6ebb403c00 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md @@ -493,9 +493,7 @@ Accept wildcard characters: False ``` ### -PolicyRBACScopes -The PolicyRBACScopes parameter specifies the administrative units to assign to the scan. A valid value is the Microsoft Entra ObjectID (GUID value) of the administrative unit. You can specify multiple values separated by commas. - -Administrative units are available only in Microsoft Entra ID P1 or P2. You create and manage administrative units in Microsoft Graph PowerShell. +This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty From 55786be5ce28f66fe341e8013d1c6dc97e1c887b Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Thu, 17 Jul 2025 13:13:56 +0530 Subject: [PATCH 09/30] Update New-SensitiveInformationScan.md --- .../exchange-ps/exchange/New-SensitiveInformationScan.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md index f019f75294..28291ca7a2 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -53,10 +53,11 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -{{ Add example code here }} +New-SensitiveInformationScan "SharePoint scan" -SharePointLocation All +New-SensitiveInformationScanRule "SharePoint scan rule" -ContentExtensionMatchesWords "pdf", "docx" -Policy "SharePoint scan" -Workload SharePoint ``` -{{ Add example description here }} +Above example creates a scan for all sharepoint sites scoped to pdf and docx files only. ## PARAMETERS From d108d420876f1a66827033fd2f88488109b01344 Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Thu, 17 Jul 2025 13:18:52 +0530 Subject: [PATCH 10/30] Update New-SensitiveInformationScanRule.md --- .../exchange/New-SensitiveInformationScanRule.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md index 96d0e19fc1..2d9c863446 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md @@ -42,15 +42,16 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -{{ Add example code here }} +New-SensitiveInformationScan "SharePoint scan" -SharePointLocation All +New-SensitiveInformationScanRule "SharePoint scan rule" -ContentExtensionMatchesWords "pdf", "docx" -Policy "SharePoint scan" -Workload SharePoint ``` -{{ Add example description here }} +Above example creates a scan for all sharepoint sites scoped to pdf and docx files only. This cmdlet should be used in combination with New-SensitiveInformationScan. ## PARAMETERS ### -Name -{{ Fill Name Description }} +Specify rule name for the scan ```yaml Type: String @@ -66,7 +67,7 @@ Accept wildcard characters: False ``` ### -Policy -{{ Fill Policy Description }} +Scan policy name that is parent of this rule ```yaml Type: PolicyIdParameter @@ -159,7 +160,7 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateFrom -{{ Fill ContentCreatedOrUpdatedDateFrom Description }} +If specified, files last modified after this date are considered in scope of scan. ```yaml Type: System.DateTime @@ -175,7 +176,7 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateTo -{{ Fill ContentCreatedOrUpdatedDateTo Description }} +Files last modified before this date are considered in scope of scan. ```yaml Type: System.DateTime @@ -259,7 +260,8 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment -{{ Fill StartImpactAssessment Description }} +Set to true to start an scan estimation by default. This needs to be passed as false to prevent starting scan estimation by default. + ```yaml Type: Boolean From 719fb2dadda82087e836e7ca8e0c17d5a593fa99 Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Thu, 17 Jul 2025 13:20:40 +0530 Subject: [PATCH 11/30] Update Remove-SensitiveInformationScan.md --- .../exchange-ps/exchange/Remove-SensitiveInformationScan.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md index 03d11b7992..3f8185ab73 100644 --- a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Remove-SensitiveInformationScan cmdlet to remove sensitive information scans. +Use the Remove-SensitiveInformationScan cmdlet to delete on-demand classification scans. Deleting a scan is not supported if estimation or classification is in progress. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). From 4e13af31c1dec5b41e6ef19e33c13c4361e10c59 Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Thu, 17 Jul 2025 13:22:13 +0530 Subject: [PATCH 12/30] Update Remove-SensitiveInformationScanRule.md --- .../exchange-ps/exchange/Remove-SensitiveInformationScanRule.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md index b0021e4f90..9f121fb349 100644 --- a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Remove-SensitiveInformationScanRule cmdlet to remove sensitive information scan rules. +Use the Remove-SensitiveInformationScanRule cmdlet to delete on-demand classification scan rules. Rules cannot be deleted when parent scan is in state ClassificationInProgress and ClassificationComplete. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). From 69e8d1c77867fe1270ee275fb5ba59efbd84019f Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Thu, 17 Jul 2025 13:30:22 +0530 Subject: [PATCH 13/30] Update Set-SensitiveInformationScanRule.md --- .../exchange/Set-SensitiveInformationScanRule.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md index e941622f3d..54e52fe030 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md @@ -43,10 +43,10 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -{{ Add example code here }} +Set-SensitiveInformationScanRule "SharePoint scan rule1" -ContentExtensionMatchesWords "pdf", "docx,csv" -StartImpactAssessment $true ``` -{{ Add example description here }} +Above example updates the on-demand classification scan to classify pdf, docx and csv file types. ## PARAMETERS @@ -287,5 +287,8 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable ## OUTPUTS ## NOTES +- Modifying rule in ClassificationInProgress and ClassificationComplete states is not allowed +- StartImpactAssessment $true must be passed to restart estimation. Otherwise, scan remains in ImpactAssessmentRequired state + ## RELATED LINKS From f2d9431fc2b52548624ad619eb71e3088f3f9311 Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Thu, 17 Jul 2025 13:36:38 +0530 Subject: [PATCH 14/30] Update Set-SensitiveInformationScan.md --- .../exchange/Set-SensitiveInformationScan.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md index 6ebb403c00..3f2a7639c7 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Set-SensitiveInformationScan cmdlet to modify sensitive information scans. +Use the Set-SensitiveInformationScan cmdlet to modify on-demand classification scans. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -66,10 +66,10 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -{{ Add example code here }} +Set-SensitiveInformationScan "SharePoint scan" -AddOneDriveLocation All -Workload OneDriveForBusiness ``` -{{ Add example description here }} +Above example updates the on-demand classification scan to also include All OneDrive for business accounts. ## PARAMETERS @@ -96,7 +96,7 @@ Accept wildcard characters: False ### -AddEndpointDlpLocation **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. -The AddEndpointDLPLocation parameter specifies the user accounts to add to the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. +The AddEndpointDLPLocation parameter specifies the user accounts to add to the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. A scan cannot have Endpoint devices and SharePoint/OneDrive for business locations together. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. @@ -118,7 +118,7 @@ Accept wildcard characters: False ### -AddEndpointDlpLocationException **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. -The AddEndpointDlpLocationException parameter specifies the user accounts to add to the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. +The AddEndpointDlpLocationException parameter specifies the user accounts to add to the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. A scan cannot have Endpoint devices and SharePoint/OneDrive for business locations together. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. @@ -425,7 +425,7 @@ Accept wildcard characters: False ``` ### -Mode -{{ Fill Mode Description }} +Defines scan mode. Setting to Enable start the scan. ```yaml Type: PolicyMode @@ -671,7 +671,7 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment -{{ Fill StartImpactAssessment Description }} +Start cost estimation for on-demand classification scan ```yaml Type: Boolean @@ -687,7 +687,7 @@ Accept wildcard characters: False ``` ### -StopImpactAssessmentAndStartClassification -{{ Fill StopImpactAssessmentAndStartClassification Description }} +Stop cost estimation and start classification for devices where estimation had completed successfully. ```yaml Type: Boolean From fa589e6a92165ec2e4e62e8fa2fb3ab7d2db0658 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Thu, 17 Jul 2025 08:09:39 -0700 Subject: [PATCH 15/30] Update New-SensitiveInformationScan.md --- exchange/exchange-ps/exchange/New-SensitiveInformationScan.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md index 28291ca7a2..d2fbd755e1 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScan.md @@ -54,10 +54,11 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell New-SensitiveInformationScan "SharePoint scan" -SharePointLocation All + New-SensitiveInformationScanRule "SharePoint scan rule" -ContentExtensionMatchesWords "pdf", "docx" -Policy "SharePoint scan" -Workload SharePoint ``` -Above example creates a scan for all sharepoint sites scoped to pdf and docx files only. +This example creates a scan for all SharePoint sites scoped to pdf and docx files only. ## PARAMETERS From 95e16c0f18dc6bb31db4b0f7404b57a5c98ab584 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Thu, 17 Jul 2025 09:19:20 -0700 Subject: [PATCH 16/30] Update Remove-SensitiveInformationScan.md --- .../exchange-ps/exchange/Remove-SensitiveInformationScan.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md index 3f8185ab73..95ad49ddb8 100644 --- a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScan.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Remove-SensitiveInformationScan cmdlet to delete on-demand classification scans. Deleting a scan is not supported if estimation or classification is in progress. +Use the Remove-SensitiveInformationScan cmdlet to delete on-demand classification scans. You can't delete a scan if estimation or classification is in progress. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). From c9e9bd60a7f669552096f15a8d817dab84cf8515 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Thu, 17 Jul 2025 09:20:50 -0700 Subject: [PATCH 17/30] Update Remove-SensitiveInformationScanRule.md --- .../exchange-ps/exchange/Remove-SensitiveInformationScanRule.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md index 9f121fb349..609e23c1c5 100644 --- a/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Remove-SensitiveInformationScanRule.md @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Remove-SensitiveInformationScanRule cmdlet to delete on-demand classification scan rules. Rules cannot be deleted when parent scan is in state ClassificationInProgress and ClassificationComplete. +Use the Remove-SensitiveInformationScanRule cmdlet to delete on-demand classification scan rules. You can't delete a rule when a parent scan is in the ClassificationInProgress or ClassificationComplete state. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). From a8e47741c2114e518175b147e72a1c285f97f1b5 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Thu, 17 Jul 2025 09:25:19 -0700 Subject: [PATCH 18/30] Update Set-SensitiveInformationScanRule.md --- .../exchange/Set-SensitiveInformationScanRule.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md index 54e52fe030..73a265c830 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md @@ -43,10 +43,10 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -Set-SensitiveInformationScanRule "SharePoint scan rule1" -ContentExtensionMatchesWords "pdf", "docx,csv" -StartImpactAssessment $true +Set-SensitiveInformationScanRule "SharePoint scan rule1" -ContentExtensionMatchesWords "pdf","docx,csv" -StartImpactAssessment $true ``` -Above example updates the on-demand classification scan to classify pdf, docx and csv file types. +This example updates the on-demand classification scan to classify pdf, docx and csv file types. ## PARAMETERS @@ -287,8 +287,7 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable ## OUTPUTS ## NOTES -- Modifying rule in ClassificationInProgress and ClassificationComplete states is not allowed -- StartImpactAssessment $true must be passed to restart estimation. Otherwise, scan remains in ImpactAssessmentRequired state - +- You can't modify rules in the ClassificationInProgress and ClassificationComplete states. +- You need to use the StartImpactAssessment parameter with the value $true to restart estimation. Otherwise, the scan remains in the ImpactAssessmentRequired state. ## RELATED LINKS From b01c4310f5ff721f295082a6c52e0ef2155f0047 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Thu, 17 Jul 2025 09:51:20 -0700 Subject: [PATCH 19/30] Update Set-SensitiveInformationScan.md --- .../exchange/Set-SensitiveInformationScan.md | 28 +++++++++++++++---- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md index 3f2a7639c7..105954e2e9 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScan.md @@ -69,7 +69,7 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned Set-SensitiveInformationScan "SharePoint scan" -AddOneDriveLocation All -Workload OneDriveForBusiness ``` -Above example updates the on-demand classification scan to also include All OneDrive for business accounts. +This example updates the on-demand classification scan to also include all OneDrive accounts. ## PARAMETERS @@ -96,10 +96,12 @@ Accept wildcard characters: False ### -AddEndpointDlpLocation **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. -The AddEndpointDLPLocation parameter specifies the user accounts to add to the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. A scan cannot have Endpoint devices and SharePoint/OneDrive for business locations together. +The AddEndpointDLPLocation parameter specifies the user accounts to add to the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +A scan can't have Endpoint devices and SharePoint/OneDrive locations together in the same command. + For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). ```yaml @@ -118,10 +120,12 @@ Accept wildcard characters: False ### -AddEndpointDlpLocationException **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. -The AddEndpointDlpLocationException parameter specifies the user accounts to add to the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. A scan cannot have Endpoint devices and SharePoint/OneDrive for business locations together. +The AddEndpointDlpLocationException parameter specifies the user accounts to add to the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. +A scan can't have Endpoint devices and SharePoint/OneDrive locations together in the same command. + For more information about Endpoint DLP, see [Learn about Endpoint data loss prevention](https://learn.microsoft.com/purview/endpoint-dlp-learn-about). ```yaml @@ -425,7 +429,13 @@ Accept wildcard characters: False ``` ### -Mode -Defines scan mode. Setting to Enable start the scan. +The Mode parameter specifies the scan mode. Valid values are: + +- Enable: Use this value to start the scan. +- Disable +- TestWithNotifications +- TestWithoutNotifications +- PendingDeletion ```yaml Type: PolicyMode @@ -671,7 +681,10 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment -Start cost estimation for on-demand classification scan +The StartImpactAssessment parameter specifies whether to start cost estimation for on-demand classification scans. Valid values are: + +- $true: Start cost estimation for on-demand classification scans. +- $false: Don't start cost estimation for on-demand classification scans. ```yaml Type: Boolean @@ -687,7 +700,10 @@ Accept wildcard characters: False ``` ### -StopImpactAssessmentAndStartClassification -Stop cost estimation and start classification for devices where estimation had completed successfully. +The StopImpactAssessmentAndStartClassification specifies whether to stop cost estimation and start classification for devices where estimation completed successfully. Valid values are: + +- $true: Start classification for devices where estimation completed successfully. +- $false: Don't start classification for devices where estimation completed successfully. ```yaml Type: Boolean From c8c279b5c25a44ce66e3161eb40d5827aff8ba85 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Thu, 17 Jul 2025 10:42:39 -0700 Subject: [PATCH 20/30] Update New-SensitiveInformationScanRule.md --- .../exchange/New-SensitiveInformationScanRule.md | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md index 2d9c863446..948a0ad3a7 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md @@ -43,15 +43,16 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell New-SensitiveInformationScan "SharePoint scan" -SharePointLocation All + New-SensitiveInformationScanRule "SharePoint scan rule" -ContentExtensionMatchesWords "pdf", "docx" -Policy "SharePoint scan" -Workload SharePoint ``` -Above example creates a scan for all sharepoint sites scoped to pdf and docx files only. This cmdlet should be used in combination with New-SensitiveInformationScan. +This example creates a scan for all SharePoint sites scoped to pdf and docx files only. Use the New-SensitiveInformationScanRule only in combination with New-SensitiveInformationScan. ## PARAMETERS ### -Name -Specify rule name for the scan +The Name parameter specifes the unique rule name for the scan. If the value contains spaces, enclose the value in quotation marks. ```yaml Type: String @@ -67,7 +68,7 @@ Accept wildcard characters: False ``` ### -Policy -Scan policy name that is parent of this rule +The Policy parameter specifies the name of the parent scan policy for this rule. If the value contains spaces, enclose the value in quotation marks. ```yaml Type: PolicyIdParameter @@ -160,7 +161,7 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateFrom -If specified, files last modified after this date are considered in scope of scan. +The ContentCreatedOrUpdatedDateFrom prameter specifies the earliest modification date-time of files that are considered in scope of this scan. ```yaml Type: System.DateTime @@ -176,7 +177,7 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateTo -Files last modified before this date are considered in scope of scan. +The ContentCreatedOrUpdatedDateTo prameter specifies the latest modification date-time of files that are considered in scope of this scan. ```yaml Type: System.DateTime @@ -260,8 +261,10 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment -Set to true to start an scan estimation by default. This needs to be passed as false to prevent starting scan estimation by default. +The StartImpactAssessment parameter specifies whether to start a scan estimation. Valid values are: +- $true: Start an scan estimation by default. +- $false: Prevent starting scan estimation by default. ```yaml Type: Boolean From 43b3bf61b63aff616ae27669dfe8382d740af05f Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Fri, 18 Jul 2025 08:53:29 -0700 Subject: [PATCH 21/30] Date-time updates --- .../New-SensitiveInformationScanRule.md | 14 ++++++++++++-- .../Set-SensitiveInformationScanRule.md | 19 ++++++++++++++++--- 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md index 948a0ad3a7..941aebf160 100644 --- a/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/New-SensitiveInformationScanRule.md @@ -161,7 +161,12 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateFrom -The ContentCreatedOrUpdatedDateFrom prameter specifies the earliest modification date-time of files that are considered in scope of this scan. +The ContentCreatedOrUpdatedDateFrom parameter specifies the earliest modification date-time of files that are considered in scope of this scan. + +To specify a date/time value for this parameter, use either of the following options: + +- Specify the date/time value in UTC: For example, "2021-05-06 14:30:00z". +- Specify the date/time value as a formula that converts the date/time in your local time zone to UTC: For example, `(Get-Date "5/6/2021 9:30 AM").ToUniversalTime()`. For more information, see [Get-Date](https://learn.microsoft.com/powershell/module/Microsoft.PowerShell.Utility/Get-Date). ```yaml Type: System.DateTime @@ -177,7 +182,12 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateTo -The ContentCreatedOrUpdatedDateTo prameter specifies the latest modification date-time of files that are considered in scope of this scan. +The ContentCreatedOrUpdatedDateTo parameter specifies the latest modification date-time of files that are considered in scope of this scan. + +To specify a date/time value for this parameter, use either of the following options: + +- Specify the date/time value in UTC: For example, "2021-05-06 14:30:00z". +- Specify the date/time value as a formula that converts the date/time in your local time zone to UTC: For example, `(Get-Date "5/6/2021 9:30 AM").ToUniversalTime()`. For more information, see [Get-Date](https://learn.microsoft.com/powershell/module/Microsoft.PowerShell.Utility/Get-Date). ```yaml Type: System.DateTime diff --git a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md index 73a265c830..aad5a5c700 100644 --- a/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/exchange/Set-SensitiveInformationScanRule.md @@ -106,7 +106,12 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateFrom -{{ Fill ContentCreatedOrUpdatedDateFrom Description }} +The ContentCreatedOrUpdatedDateFrom parameter specifies the earliest modification date-time of files that are considered in scope of this scan. + +To specify a date/time value for this parameter, use either of the following options: + +- Specify the date/time value in UTC: For example, "2021-05-06 14:30:00z". +- Specify the date/time value as a formula that converts the date/time in your local time zone to UTC: For example, `(Get-Date "5/6/2021 9:30 AM").ToUniversalTime()`. For more information, see [Get-Date](https://learn.microsoft.com/powershell/module/Microsoft.PowerShell.Utility/Get-Date). ```yaml Type: System.DateTime @@ -122,7 +127,12 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateTo -{{ Fill ContentCreatedOrUpdatedDateTo Description }} +The ContentCreatedOrUpdatedDateTo parameter specifies the latest modification date-time of files that are considered in scope of this scan. + +To specify a date/time value for this parameter, use either of the following options: + +- Specify the date/time value in UTC: For example, "2021-05-06 14:30:00z". +- Specify the date/time value as a formula that converts the date/time in your local time zone to UTC: For example, `(Get-Date "5/6/2021 9:30 AM").ToUniversalTime()`. For more information, see [Get-Date](https://learn.microsoft.com/powershell/module/Microsoft.PowerShell.Utility/Get-Date). ```yaml Type: System.DateTime @@ -206,7 +216,10 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment -{{ Fill StartImpactAssessment Description }} +The StartImpactAssessment parameter specifies whether to start a scan estimation. Valid values are: + +- $true: Start an scan estimation by default. +- $false: Prevent starting scan estimation by default. ```yaml Type: Boolean From 2e1276fa72b3a0b9a42fb5c936aece414fb537e5 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Fri, 12 Sep 2025 08:56:49 -0700 Subject: [PATCH 22/30] New formatting --- .../Cancel-SensitiveInformationScan.md | 14 +- .../Get-SensitiveInformationScan.md | 18 ++- .../Get-SensitiveInformationScanRule.md | 10 +- .../New-SensitiveInformationScan.md | 90 ++++++++--- .../New-SensitiveInformationScanRule.md | 54 +++++-- .../Remove-SensitiveInformationScan.md | 14 +- .../Remove-SensitiveInformationScanRule.md | 16 +- .../Set-SensitiveInformationScan.md | 142 +++++++++++++----- .../Set-SensitiveInformationScanRule.md | 50 ++++-- 9 files changed, 301 insertions(+), 107 deletions(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md index db4687eed9..31897f0a5d 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/cancel-sensitiveinformationscan +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/cancel-sensitiveinformationscan applicable: Security & Compliance title: Cancel-SensitiveInformationScan schema: 2.0.0 @@ -43,6 +43,9 @@ This example cancels the specified sensitive information scan. ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan that you want to cancel. You can use any value that uniquely identifies the scan. For example: - Name @@ -53,7 +56,6 @@ The Identity parameter specifies the sensitive information scan that you want to Type: PolicyIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: 0 @@ -63,6 +65,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -72,7 +77,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -82,13 +86,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md index 7547c958c0..c8084a906e 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/get-sensitiveinformationscan +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/get-sensitiveinformationscan applicable: Security & Compliance title: Get-SensitiveInformationScan schema: 2.0.0 @@ -50,6 +50,9 @@ This example returns detailed information for the specified scan. ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan that you want to view. You can use any value that uniquely identifies the scan. For example: - Name @@ -60,7 +63,6 @@ The Identity parameter specifies the sensitive information scan that you want to Type: PolicyIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: 0 @@ -70,6 +72,9 @@ Accept wildcard characters: False ``` ### -IncludeImpactAssessment + +> Applicable: Security & Compliance + The IncludeImpactAssessment parameter specifies whether to ???. Valid values are: - $true: ??? @@ -79,7 +84,6 @@ The IncludeImpactAssessment parameter specifies whether to ???. Valid values are Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -89,6 +93,9 @@ Accept wildcard characters: False ``` ### -IncludeProgressForAllActiveScans + +> Applicable: Security & Compliance + The IncludeProgressForAllActiveScans parameter specifies whether to ???. Valid values are: - $true: ??? @@ -98,7 +105,6 @@ The IncludeProgressForAllActiveScans parameter specifies whether to ???. Valid v Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -108,6 +114,9 @@ Accept wildcard characters: False ``` ### -IncludeScanProgress + +> Applicable: Security & Compliance + The IncludeScanProgress parameter specifies whether to ???. Valid values are: - $true: ??? @@ -117,7 +126,6 @@ The IncludeScanProgress parameter specifies whether to ???. Valid values are: Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md index 6cf020dc48..ec6dce924e 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/get-sensitiveinformationscanrule +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/get-sensitiveinformationscanrule applicable: Security & Compliance title: Get-SensitiveInformationScanRule schema: 2.0.0 @@ -39,6 +39,9 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan rule that you want to view. You can use any value that uniquely identifies the rule. For example: - Name @@ -49,7 +52,6 @@ The Identity parameter specifies the sensitive information scan rule that you wa Type: ComplianceRuleIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: 0 @@ -59,13 +61,15 @@ Accept wildcard characters: False ``` ### -Policy + +> Applicable: Security & Compliance + {{ Fill Policy Description }} ```yaml Type: PolicyIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md index d2fbd755e1..5661cda7b6 100644 --- a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/new-sensitiveinformationscan +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/new-sensitiveinformationscan applicable: Security & Compliance title: New-SensitiveInformationScan schema: 2.0.0 @@ -63,13 +63,15 @@ This example creates a scan for all SharePoint sites scoped to pdf and docx file ## PARAMETERS ### -Name + +> Applicable: Security & Compliance + The Name parameter specifies the unique name of the scan. If the value contains spaces, enclose the value in quotation marks. ```yaml Type: String Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: 0 @@ -79,13 +81,15 @@ Accept wildcard characters: False ``` ### -Comment + +> Applicable: Security & Compliance + The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". ```yaml Type: String Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -95,6 +99,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -104,7 +111,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -114,6 +120,9 @@ Accept wildcard characters: False ``` ### -EndpointDlpLocation + +> Applicable: Security & Compliance + **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. The EndpointDLPLocation parameter specifies the user accounts to include in scan for devices. You identify the account by name or email address. You can use the value All to include all user accounts. @@ -126,7 +135,6 @@ For more information about onboarding devices to Purview, see [Learn about devic Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -136,6 +144,9 @@ Accept wildcard characters: False ``` ### -EndpointDlpLocationException + +> Applicable: Security & Compliance + **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. The EndpointDlpLocationException parameter specifies the user accounts to exclude in an on-demand classification scan for devices. You identify the account by name or email address. @@ -148,7 +159,6 @@ For more information about onboarding devices to Purview, see [Learn about devic Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -158,6 +168,9 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedBy + +> Applicable: Security & Compliance + The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). @@ -170,7 +183,6 @@ You can't use this parameter with the OneDriveSharedBy or OneDriveSharedByMember Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -180,6 +192,9 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedByMemberOf + +> Applicable: Security & Compliance + The ExceptIfOneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to exclude from the scan (the OneDrive sites of group members are excluded from the scan). You identify the groups by email address. To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). @@ -194,7 +209,6 @@ You can't use this parameter to specify Microsoft 365 Groups. Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -204,13 +218,15 @@ Accept wildcard characters: False ``` ### -ExchangeLocation + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -220,13 +236,15 @@ Accept wildcard characters: False ``` ### -ExchangeSender + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: SmtpAddress[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -236,13 +254,15 @@ Accept wildcard characters: False ``` ### -ExchangeSenderException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: SmtpAddress[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -252,13 +272,15 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOf + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -268,13 +290,15 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOfException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -284,13 +308,15 @@ Accept wildcard characters: False ``` ### -OneDriveLocation + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -300,6 +326,9 @@ Accept wildcard characters: False ``` ### -OneDriveLocationException + +> Applicable: Security & Compliance + This parameter specifies the OneDrive sites to exclude when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value. You can enter multiple values separated by commas. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"Value1","Value2",..."ValueN"`. @@ -308,7 +337,6 @@ You can enter multiple values separated by commas. If the values contain spaces Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -318,6 +346,9 @@ Accept wildcard characters: False ``` ### -OneDriveSharedBy + +> Applicable: Security & Compliance + The OneDriveSharedBy parameter specifies the users to include in the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). @@ -330,7 +361,6 @@ You can't use this parameter with the ExceptIfOneDriveSharedBy or ExceptIfOneDri Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -340,6 +370,9 @@ Accept wildcard characters: False ``` ### -OneDriveSharedByMemberOf + +> Applicable: Security & Compliance + The OneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to include in the scan (the OneDrive sites of group members are included in the scan). You identify the groups by email address. To use this parameter, OneDrive sites need to be included in the scan (the OneDriveLocation parameter value is All, which is the default value). @@ -354,7 +387,6 @@ You can't use this parameter to specify Microsoft 365 Groups. Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -364,13 +396,15 @@ Accept wildcard characters: False ``` ### -PolicyRBACScopes + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -380,6 +414,9 @@ Accept wildcard characters: False ``` ### -SharePointLocation + +> Applicable: Security & Compliance + The SharePointLocation parameter specifies the SharePoint sites to include in the scan. You identify the site by its URL value, or you can use the value All to include all sites. You can't add SharePoint sites to the policy until they have been indexed. @@ -390,7 +427,6 @@ To enter multiple values, use the following syntax: `,,... Applicable: Security & Compliance + The SharePointLocationException parameter specifies the SharePoint sites to exclude when you use the value All for the SharePointLocation parameter. You identify the site by its URL value. You can't add SharePoint sites to the scan until they have been indexed. @@ -410,7 +449,6 @@ To enter multiple values, use the following syntax: `,,... Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -436,13 +476,15 @@ Accept wildcard characters: False ``` ### -TeamsLocationException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -452,13 +494,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md index 941aebf160..f644a67393 100644 --- a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/new-sensitiveinformationscanrule +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/new-sensitiveinformationscanrule applicable: Security & Compliance title: New-SensitiveInformationScanRule schema: 2.0.0 @@ -52,13 +52,15 @@ This example creates a scan for all SharePoint sites scoped to pdf and docx file ## PARAMETERS ### -Name + +> Applicable: Security & Compliance + The Name parameter specifes the unique rule name for the scan. If the value contains spaces, enclose the value in quotation marks. ```yaml Type: String Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: 0 @@ -68,13 +70,15 @@ Accept wildcard characters: False ``` ### -Policy + +> Applicable: Security & Compliance + The Policy parameter specifies the name of the parent scan policy for this rule. If the value contains spaces, enclose the value in quotation marks. ```yaml Type: PolicyIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: Named @@ -84,6 +88,9 @@ Accept wildcard characters: False ``` ### -Workload + +> Applicable: Security & Compliance + The Workload parameter specifies the workload. Valid values are: - Applications @@ -116,7 +123,6 @@ This value appears in the LogicalWorkload property in the output of the Get-Sens Type: PolicyConfiguration.Workload Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: Named @@ -126,13 +132,15 @@ Accept wildcard characters: False ``` ### -Comment + +> Applicable: Security & Compliance + The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". ```yaml Type: String Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -142,6 +150,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -151,7 +162,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -161,6 +171,9 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateFrom + +> Applicable: Security & Compliance + The ContentCreatedOrUpdatedDateFrom parameter specifies the earliest modification date-time of files that are considered in scope of this scan. To specify a date/time value for this parameter, use either of the following options: @@ -172,7 +185,6 @@ To specify a date/time value for this parameter, use either of the following opt Type: System.DateTime Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -182,6 +194,9 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateTo + +> Applicable: Security & Compliance + The ContentCreatedOrUpdatedDateTo parameter specifies the latest modification date-time of files that are considered in scope of this scan. To specify a date/time value for this parameter, use either of the following options: @@ -193,7 +208,6 @@ To specify a date/time value for this parameter, use either of the following opt Type: System.DateTime Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -203,13 +217,15 @@ Accept wildcard characters: False ``` ### -ContentExtensionMatchesWords + +> Applicable: Security & Compliance + The ContentExtensionMatchesWords parameter specifies a condition for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of the original file type, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -219,6 +235,9 @@ Accept wildcard characters: False ``` ### -ContentPropertyContainsWords + +> Applicable: Security & Compliance + The ContentPropertyContainsWords parameter specifies a condition for the rule that's based on a property match in content. The rule is applied to content that contains the specified property. This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. @@ -227,7 +246,6 @@ This parameter accepts values in the format: `"Property1:Value1,Value2","Propert Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -237,13 +255,15 @@ Accept wildcard characters: False ``` ### -ExceptIfContentExtensionMatchesWords + +> Applicable: Security & Compliance + The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of what the original file type is, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -253,6 +273,9 @@ Accept wildcard characters: False ``` ### -ExceptIfContentPropertyContainsWords + +> Applicable: Security & Compliance + The ExceptIfContentPropertyContainsWords parameter specifies an exception for the rule that's based on a property match in content. The rule is not applied to content that contains the specified property. This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. @@ -261,7 +284,6 @@ This parameter accepts values in the format: `"Property1:Value1,Value2","Propert Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -271,6 +293,9 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment + +> Applicable: Security & Compliance + The StartImpactAssessment parameter specifies whether to start a scan estimation. Valid values are: - $true: Start an scan estimation by default. @@ -280,7 +305,6 @@ The StartImpactAssessment parameter specifies whether to start a scan estimation Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -290,13 +314,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md index 95ad49ddb8..bc940ae21e 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/remove-sensitiveinformationscan +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/remove-sensitiveinformationscan applicable: Security & Compliance title: Remove-SensitiveInformationScan schema: 2.0.0 @@ -42,6 +42,9 @@ This example removes the specified sensitive information scan. ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan that you want to remove. You can use any value that uniquely identifies the scan. For example: - Name @@ -52,7 +55,6 @@ The Identity parameter specifies the sensitive information scan that you want to Type: PolicyIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: 0 @@ -62,6 +64,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -71,7 +76,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -81,13 +85,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md index 609e23c1c5..b6ab794e54 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/remove-sensitiveinformationscanrule +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/remove-sensitiveinformationscanrule applicable: Security & Compliance title: Remove-SensitiveInformationScanRule schema: 2.0.0 @@ -14,7 +14,7 @@ ms.reviewer: ## SYNOPSIS This cmdlet is available only in Security & Compliance PowerShell. For more information, see [Security & Compliance PowerShell](https://learn.microsoft.com/powershell/exchange/scc-powershell). -Use the Remove-SensitiveInformationScanRule cmdlet to delete on-demand classification scan rules. You can't delete a rule when a parent scan is in the ClassificationInProgress or ClassificationComplete state. +Use the Remove-SensitiveInformationScanRule cmdlet to delete on-demand classification scan rules. You can't delete a rule when a parent scan is in the ClassificationInProgress or ClassificationComplete state. For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax). @@ -42,6 +42,9 @@ This example removes the specified sensitive information scan rule. ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan rule that you want to remove. You can use any value that uniquely identifies the rule. For example: - Name @@ -51,7 +54,6 @@ The Identity parameter specifies the sensitive information scan rule that you wa ```yaml Type: ComplianceRuleIdParameter Parameter Sets: (All) -Applicable: Security & Compliance Required: True Position: 0 @@ -61,6 +63,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -70,7 +75,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -80,13 +84,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md index 105954e2e9..f6414ad8e5 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/set-sensitiveinformationscan +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/set-sensitiveinformationscan applicable: Security & Compliance title: Set-SensitiveInformationScan schema: 2.0.0 @@ -74,6 +74,9 @@ This example updates the on-demand classification scan to also include all OneDr ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan that you want to modify. You can use any value that uniquely identifies the scan. For example: - Name @@ -84,7 +87,6 @@ The Identity parameter specifies the sensitive information scan that you want to Type: PolicyIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: 0 @@ -94,6 +96,9 @@ Accept wildcard characters: False ``` ### -AddEndpointDlpLocation + +> Applicable: Security & Compliance + **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. The AddEndpointDLPLocation parameter specifies the user accounts to add to the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. @@ -108,7 +113,6 @@ For more information about Endpoint DLP, see [Learn about Endpoint data loss pre Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -118,6 +122,9 @@ Accept wildcard characters: False ``` ### -AddEndpointDlpLocationException + +> Applicable: Security & Compliance + **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. The AddEndpointDlpLocationException parameter specifies the user accounts to add to the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You identify the account by name or email address. @@ -132,7 +139,6 @@ For more information about Endpoint DLP, see [Learn about Endpoint data loss pre Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -142,13 +148,15 @@ Accept wildcard characters: False ``` ### -AddExchangeLocation + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -158,13 +166,15 @@ Accept wildcard characters: False ``` ### -AddOneDriveLocation + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -174,13 +184,15 @@ Accept wildcard characters: False ``` ### -AddOneDriveLocationException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -190,6 +202,9 @@ Accept wildcard characters: False ``` ### -AddSharePointLocation + +> Applicable: Security & Compliance + The AddSharePointLocation parameter specifies the SharePoint sites to add to the list of included sites if you used the value All for the SharePointLocation parameter. You identify the site by its URL value. You can't add SharePoint sites to the scan until they have been indexed. @@ -200,7 +215,6 @@ To enter multiple values, use the following syntax: `,,... Applicable: Security & Compliance + The AddSharePointLocationException parameter specifies the SharePoint sites to add to the list of excluded sites if you used the value All for the SharePointLocation parameter. You identify the site by its URL value. You can't add SharePoint sites to the scan until they have been indexed. @@ -220,7 +237,6 @@ To enter multiple values, use the following syntax: `,,... Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -246,13 +264,15 @@ Accept wildcard characters: False ``` ### -AddTeamsLocationException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -262,13 +282,15 @@ Accept wildcard characters: False ``` ### -CancelScan + +> Applicable: Security & Compliance + {{ Fill CancelScan Description }} ```yaml Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -278,13 +300,15 @@ Accept wildcard characters: False ``` ### -Comment + +> Applicable: Security & Compliance + The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". ```yaml Type: String Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -294,6 +318,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -303,7 +330,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -313,6 +339,9 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedBy + +> Applicable: Security & Compliance + The ExceptIfOneDriveSharedBy parameter specifies the users to exclude from the scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, one of the following statements must be true: @@ -328,7 +357,6 @@ You can't use this parameter with the OneDriveSharedBy or OneDriveSharedByMember Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -338,6 +366,9 @@ Accept wildcard characters: False ``` ### -ExceptIfOneDriveSharedByMemberOf + +> Applicable: Security & Compliance + The ExceptIfOneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to exclude from the scan (the OneDrive sites of group members are excluded from the scan). You identify the groups by email address. To use this parameter, one of the following statements must be true: @@ -355,7 +386,6 @@ You can't use this parameter to specify Microsoft 365 Groups. Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -365,13 +395,15 @@ Accept wildcard characters: False ``` ### -ExchangeSender + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: SmtpAddress[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -381,13 +413,15 @@ Accept wildcard characters: False ``` ### -ExchangeSenderException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: SmtpAddress[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -397,13 +431,15 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOf + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -413,13 +449,15 @@ Accept wildcard characters: False ``` ### -ExchangeSenderMemberOfException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -429,6 +467,9 @@ Accept wildcard characters: False ``` ### -Mode + +> Applicable: Security & Compliance + The Mode parameter specifies the scan mode. Valid values are: - Enable: Use this value to start the scan. @@ -441,7 +482,6 @@ The Mode parameter specifies the scan mode. Valid values are: Type: PolicyMode Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -451,6 +491,9 @@ Accept wildcard characters: False ``` ### -OneDriveSharedBy + +> Applicable: Security & Compliance + The OneDriveSharedBy parameter specifies the users to include in the DLP scan (the sites of the OneDrive user accounts are included in the scan). You identify the users by UPN (`laura@contoso.onmicrosoft.com`). To use this parameter, one of the following statements must be true: @@ -466,7 +509,6 @@ You can't use this parameter with the ExceptIfOneDriveSharedBy or ExceptIfOneDri Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -476,6 +518,9 @@ Accept wildcard characters: False ``` ### -OneDriveSharedByMemberOf + +> Applicable: Security & Compliance + The OneDriveSharedByMemberOf parameter specifies the distribution groups or mail-enabled security groups to include in the DLP scan (the OneDrive sites of group members are included in the scan). You identify the groups by email address. To use this parameter, one of the following statements must be true: @@ -493,7 +538,6 @@ You can't use this parameter to specify Microsoft 365 Groups. Type: RecipientIdParameter[] Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -503,13 +547,15 @@ Accept wildcard characters: False ``` ### -PolicyRBACScopes + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -519,6 +565,9 @@ Accept wildcard characters: False ``` ### -RemoveEndpointDlpLocation + +> Applicable: Security & Compliance + **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. The RemoveEndpointDlpLocation parameter specifies the user accounts to remove from the list of included accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You specify the account by name or email address. @@ -531,7 +580,6 @@ For more information about Endpoint DLP, see [Learn about Endpoint data loss pre Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -541,6 +589,9 @@ Accept wildcard characters: False ``` ### -RemoveEndpointDlpLocationException + +> Applicable: Security & Compliance + **Note**: This parameter requires membership in the Compliance Administrator or Compliance Data Administrator roles in Microsoft Entra ID. The RemoveEndpointDlpLocation parameter specifies the user accounts to remove from the list of excluded accounts for Endpoint DLP if you used the value All for the EndpointDLPLocation parameter. You specify the account by name or email address. @@ -553,7 +604,6 @@ For more information about Endpoint DLP, see [Learn about Endpoint data loss pre Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -563,6 +613,9 @@ Accept wildcard characters: False ``` ### -RemoveExchangeLocation + +> Applicable: Security & Compliance + The RemoveExchangeLocation parameter removes email messages from the scan if they're already included. The valid value for this parameter is All. If the scan already includes email messages (in the output of the Get-DlpCompliancePolicy cmdlet, the ExchangeLocation property value is All), you can use `-RemoveExchangeLocation All` to prevent the scan from applying to email messages. @@ -571,7 +624,6 @@ If the scan already includes email messages (in the output of the Get-DlpComplia Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -581,13 +633,15 @@ Accept wildcard characters: False ``` ### -RemoveOneDriveLocation + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -597,13 +651,15 @@ Accept wildcard characters: False ``` ### -RemoveOneDriveLocationException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -613,6 +669,9 @@ Accept wildcard characters: False ``` ### -RemoveSharePointLocation + +> Applicable: Security & Compliance + The RemoveSharePointLocation parameter specifies the SharePoint sites to remove from the list of included sites if you used the value All for the SharePointLocation parameter. You specify the site by its URL value. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. @@ -621,7 +680,6 @@ To enter multiple values, use the following syntax: `,,... Applicable: Security & Compliance + The RemoveSharePointLocationException parameter specifies the SharePoint sites to remove from the list of excluded sites if you used the value All for the SharePointLocation parameter. You specify the site by its URL value. To enter multiple values, use the following syntax: `,,...`. If the values contain spaces or otherwise require quotation marks, use the following syntax: `"","",...""`. @@ -639,7 +700,6 @@ To enter multiple values, use the following syntax: `,,... Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -665,13 +727,15 @@ Accept wildcard characters: False ``` ### -RemoveTeamsLocationException + +> Applicable: Security & Compliance + This parameter is reserved for internal Microsoft use. ```yaml Type:MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -681,6 +745,9 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment + +> Applicable: Security & Compliance + The StartImpactAssessment parameter specifies whether to start cost estimation for on-demand classification scans. Valid values are: - $true: Start cost estimation for on-demand classification scans. @@ -690,7 +757,6 @@ The StartImpactAssessment parameter specifies whether to start cost estimation f Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -700,6 +766,9 @@ Accept wildcard characters: False ``` ### -StopImpactAssessmentAndStartClassification + +> Applicable: Security & Compliance + The StopImpactAssessmentAndStartClassification specifies whether to stop cost estimation and start classification for devices where estimation completed successfully. Valid values are: - $true: Start classification for devices where estimation completed successfully. @@ -709,7 +778,6 @@ The StopImpactAssessmentAndStartClassification specifies whether to stop cost es Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -719,13 +787,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md index aad5a5c700..a0cdb3b74f 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md @@ -1,6 +1,6 @@ --- external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchange/set-sensitiveinformationscanrule +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/set-sensitiveinformationscanrule applicable: Security & Compliance title: Set-SensitiveInformationScanRule schema: 2.0.0 @@ -51,6 +51,9 @@ This example updates the on-demand classification scan to classify pdf, docx and ## PARAMETERS ### -Identity + +> Applicable: Security & Compliance + The Identity parameter specifies the sensitive information scan rule that you want to modify. You can use any value that uniquely identifies the rule. For example: - Name @@ -61,7 +64,6 @@ The Identity parameter specifies the sensitive information scan rule that you wa Type: ComplianceRuleIdParameter Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: True Position: 0 @@ -71,13 +73,15 @@ Accept wildcard characters: False ``` ### -Comment + +> Applicable: Security & Compliance + The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note". ```yaml Type: String Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -87,6 +91,9 @@ Accept wildcard characters: False ``` ### -Confirm + +> Applicable: Security & Compliance + The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding. - Destructive cmdlets (for example, Remove-\* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: `-Confirm:$false`. @@ -96,7 +103,6 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho Type: SwitchParameter Parameter Sets: (All) Aliases: cf -Applicable: Security & Compliance Required: False Position: Named @@ -106,6 +112,9 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateFrom + +> Applicable: Security & Compliance + The ContentCreatedOrUpdatedDateFrom parameter specifies the earliest modification date-time of files that are considered in scope of this scan. To specify a date/time value for this parameter, use either of the following options: @@ -117,7 +126,6 @@ To specify a date/time value for this parameter, use either of the following opt Type: System.DateTime Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -127,6 +135,9 @@ Accept wildcard characters: False ``` ### -ContentCreatedOrUpdatedDateTo + +> Applicable: Security & Compliance + The ContentCreatedOrUpdatedDateTo parameter specifies the latest modification date-time of files that are considered in scope of this scan. To specify a date/time value for this parameter, use either of the following options: @@ -138,7 +149,6 @@ To specify a date/time value for this parameter, use either of the following opt Type: System.DateTime Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -148,13 +158,15 @@ Accept wildcard characters: False ``` ### -ContentExtensionMatchesWords + +> Applicable: Security & Compliance + The ContentExtensionMatchesWords parameter specifies a condition for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of the original file type, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -164,6 +176,9 @@ Accept wildcard characters: False ``` ### -ContentPropertyContainsWords + +> Applicable: Security & Compliance + The ContentPropertyContainsWords parameter specifies a condition for the rule that's based on a property match in content. The rule is applied to content that contains the specified property. This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. @@ -172,7 +187,6 @@ This parameter accepts values in the format: `"Property1:Value1,Value2","Propert Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -182,13 +196,15 @@ Accept wildcard characters: False ``` ### -ExceptIfContentExtensionMatchesWords + +> Applicable: Security & Compliance + The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the rule that looks for words in file extensions. You can specify multiple words separated by commas. Irrespective of what the original file type is, this predicate matches based on the extension that is present in the name of the file. ```yaml Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -198,6 +214,9 @@ Accept wildcard characters: False ``` ### -ExceptIfContentPropertyContainsWords + +> Applicable: Security & Compliance + The ExceptIfContentPropertyContainsWords parameter specifies an exception for the DLP rule that's based on a property match in content. The rule is not applied to content that contains the specified property. This parameter accepts values in the format: `"Property1:Value1,Value2","Property2:Value3,Value4",..."PropertyN:ValueN,ValueN"`. @@ -206,7 +225,6 @@ This parameter accepts values in the format: `"Property1:Value1,Value2","Propert Type: MultiValuedProperty Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -216,6 +234,9 @@ Accept wildcard characters: False ``` ### -StartImpactAssessment + +> Applicable: Security & Compliance + The StartImpactAssessment parameter specifies whether to start a scan estimation. Valid values are: - $true: Start an scan estimation by default. @@ -225,7 +246,6 @@ The StartImpactAssessment parameter specifies whether to start a scan estimation Type: Boolean Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named @@ -235,13 +255,15 @@ Accept wildcard characters: False ``` ### -WhatIf + +> Applicable: Security & Compliance + The WhatIf switch doesn't work in Security & Compliance PowerShell. ```yaml Type: SwitchParameter Parameter Sets: (All) Aliases: wi -Applicable: Security & Compliance Required: False Position: Named @@ -251,6 +273,9 @@ Accept wildcard characters: False ``` ### -Workload + +> Applicable: Security & Compliance + The Workload parameter specifies the workload. Valid values are: - Applications @@ -283,7 +308,6 @@ This value appears in the LogicalWorkload property in the output of the Get-Sens Type: PolicyConfiguration.Workload Parameter Sets: (All) Aliases: -Applicable: Security & Compliance Required: False Position: Named From d506f0fa4822d11b4afac5be3f4aadfe6b059d1d Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Wed, 17 Sep 2025 10:42:28 -0700 Subject: [PATCH 23/30] New format updates --- .../Cancel-SensitiveInformationScan.md | 11 ++++++----- .../Get-SensitiveInformationScan.md | 11 ++++++----- .../Get-SensitiveInformationScanRule.md | 11 ++++++----- .../New-SensitiveInformationScan.md | 11 ++++++----- .../New-SensitiveInformationScanRule.md | 11 ++++++----- .../Remove-SensitiveInformationScan.md | 11 ++++++----- .../Remove-SensitiveInformationScanRule.md | 11 ++++++----- .../Set-SensitiveInformationScan.md | 11 ++++++----- .../Set-SensitiveInformationScanRule.md | 11 ++++++----- 9 files changed, 54 insertions(+), 45 deletions(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md index 31897f0a5d..b3395d8eb9 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Cancel-SensitiveInformationScan.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/cancel-sensitiveinformationscan applicable: Security & Compliance -title: Cancel-SensitiveInformationScan -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/cancel-sensitiveinformationscan +schema: 2.0.0 +title: Cancel-SensitiveInformationScan --- # Cancel-SensitiveInformationScan diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md index c8084a906e..1ba5f65ae0 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/get-sensitiveinformationscan applicable: Security & Compliance -title: Get-SensitiveInformationScan -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/get-sensitiveinformationscan +schema: 2.0.0 +title: Get-SensitiveInformationScan --- # Get-SensitiveInformationScan diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md index ec6dce924e..06439b0c27 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/get-sensitiveinformationscanrule applicable: Security & Compliance -title: Get-SensitiveInformationScanRule -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/get-sensitiveinformationscanrule +schema: 2.0.0 +title: Get-SensitiveInformationScanRule --- # Get-SensitiveInformationScanRule diff --git a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md index 5661cda7b6..b11a9f615c 100644 --- a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScan.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/new-sensitiveinformationscan applicable: Security & Compliance -title: New-SensitiveInformationScan -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/new-sensitiveinformationscan +schema: 2.0.0 +title: New-SensitiveInformationScan --- # New-SensitiveInformationScan diff --git a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md index f644a67393..7f71765ea0 100644 --- a/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/New-SensitiveInformationScanRule.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/new-sensitiveinformationscanrule applicable: Security & Compliance -title: New-SensitiveInformationScanRule -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/new-sensitiveinformationscanrule +schema: 2.0.0 +title: New-SensitiveInformationScanRule --- # New-SensitiveInformationScanRule diff --git a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md index bc940ae21e..401f2af171 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScan.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/remove-sensitiveinformationscan applicable: Security & Compliance -title: Remove-SensitiveInformationScan -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/remove-sensitiveinformationscan +schema: 2.0.0 +title: Remove-SensitiveInformationScan --- # Remove-SensitiveInformationScan diff --git a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md index b6ab794e54..1e45d38466 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Remove-SensitiveInformationScanRule.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/remove-sensitiveinformationscanrule applicable: Security & Compliance -title: Remove-SensitiveInformationScanRule -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/remove-sensitiveinformationscanrule +schema: 2.0.0 +title: Remove-SensitiveInformationScanRule --- # Remove-SensitiveInformationScanRule diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md index f6414ad8e5..d6d4a90fc5 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/set-sensitiveinformationscan applicable: Security & Compliance -title: Set-SensitiveInformationScan -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/set-sensitiveinformationscan +schema: 2.0.0 +title: Set-SensitiveInformationScan --- # Set-SensitiveInformationScan diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md index a0cdb3b74f..5a977b32f9 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScanRule.md @@ -1,12 +1,13 @@ --- -external help file: Microsoft.Exchange.TransportMailflow-Help.xml -online version: https://learn.microsoft.com/powershell/module/exchangepowershell/set-sensitiveinformationscanrule applicable: Security & Compliance -title: Set-SensitiveInformationScanRule -schema: 2.0.0 author: chrisda +external help file: Microsoft.Exchange.TransportMailflow-Help.xml +Locale: en-US +Module Name: ExchangePowerShell ms.author: chrisda -ms.reviewer: +online version: https://learn.microsoft.com/powershell/module/exchangepowershell/set-sensitiveinformationscanrule +schema: 2.0.0 +title: Set-SensitiveInformationScanRule --- # Set-SensitiveInformationScanRule From d8420bead9a79a18a1ac62328adaa814fc5274a9 Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Tue, 23 Sep 2025 15:00:26 +0530 Subject: [PATCH 24/30] Update documentation for IncludeImpactAssessment and IncludeScanProgress parameters --- .../Get-SensitiveInformationScan.md | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md index 1ba5f65ae0..00b307c4a0 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md @@ -76,10 +76,10 @@ Accept wildcard characters: False > Applicable: Security & Compliance -The IncludeImpactAssessment parameter specifies whether to ???. Valid values are: +The IncludeImpactAssessment parameter specifies whether to refresh latest scan status during estimation stage. Valid values are: -- $true: ??? -- $false: ??? +- $true: Get latest estimation status +- $false: Returns last updated scan status ```yaml Type: Boolean @@ -97,10 +97,7 @@ Accept wildcard characters: False > Applicable: Security & Compliance -The IncludeProgressForAllActiveScans parameter specifies whether to ???. Valid values are: - -- $true: ??? -- $false: ??? +This parameter is reserved for internal Microsoft use. ```yaml Type: Boolean @@ -118,10 +115,10 @@ Accept wildcard characters: False > Applicable: Security & Compliance -The IncludeScanProgress parameter specifies whether to ???. Valid values are: +The IncludeScanProgress parameter specifies whether to refresh latest scan status during classification phase. Valid values are: -- $true: ??? -- $false: ??? +- $true: Get latest classification status +- $false: Returns last updated scan status ```yaml Type: Boolean From 4374b5bae8a4aeaa85f045b521c988f46fd1cf8f Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Tue, 23 Sep 2025 15:03:01 +0530 Subject: [PATCH 25/30] Update CancelScan description in documentation --- .../ExchangePowerShell/Set-SensitiveInformationScan.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md index d6d4a90fc5..a1827d12c7 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md @@ -286,7 +286,7 @@ Accept wildcard characters: False > Applicable: Security & Compliance -{{ Fill CancelScan Description }} +This parameter is used to cancel an active scan in classification stage. ```yaml Type: Boolean From e08003b3d3d34373a8d810ccc14989f034a80a1a Mon Sep 17 00:00:00 2001 From: Aakash Malhotra <53205984+aamalhot@users.noreply.github.com> Date: Tue, 23 Sep 2025 15:07:24 +0530 Subject: [PATCH 26/30] Enhance documentation for Get-SensitiveInformationScanRule Updated example code and descriptions for Get-SensitiveInformationScanRule. --- .../ExchangePowerShell/Get-SensitiveInformationScanRule.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md index 06439b0c27..42e046cee9 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md @@ -32,10 +32,10 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned ### Example 1 ```powershell -{{ Add example code here }} +Get-SensitiveInformationScanRule -Identity "HR Department Scan Rule" ``` -{{ Add example description here }} +This example returns details of scan rule such as classifiers selected, file extensions in scope etc. ## PARAMETERS @@ -65,7 +65,7 @@ Accept wildcard characters: False > Applicable: Security & Compliance -{{ Fill Policy Description }} +This parameter specifies the On-demand classification scan for which this rule is created. ```yaml Type: PolicyIdParameter From 58efbe27376c1d7e49f6364f114181371e4e1fec Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 23 Sep 2025 08:42:04 -0700 Subject: [PATCH 27/30] Update Set-SensitiveInformationScan.md --- .../ExchangePowerShell/Set-SensitiveInformationScan.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md index a1827d12c7..06efa15a0d 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Set-SensitiveInformationScan.md @@ -286,7 +286,10 @@ Accept wildcard characters: False > Applicable: Security & Compliance -This parameter is used to cancel an active scan in classification stage. +The CancelScan parameter specifies whether to cancel an active scan in the classification stage. Valid values are: + +- $true: Cancel the active scan. +- $false: Don't cancel the active scan. This value is the default. ```yaml Type: Boolean From 42715e1adaaf0c57c1ff41d6cee613f88e4f8585 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 23 Sep 2025 08:44:39 -0700 Subject: [PATCH 28/30] Fix grammar and punctuation in documentation --- .../Get-SensitiveInformationScan.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md index 00b307c4a0..cc7a11a21e 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScan.md @@ -76,10 +76,10 @@ Accept wildcard characters: False > Applicable: Security & Compliance -The IncludeImpactAssessment parameter specifies whether to refresh latest scan status during estimation stage. Valid values are: +The IncludeImpactAssessment parameter specifies whether to refresh the latest scan status during the estimation stage. Valid values are: -- $true: Get latest estimation status -- $false: Returns last updated scan status +- $true: Get the latest estimation status. +- $false: Return the last updated scan status. ```yaml Type: Boolean @@ -115,10 +115,10 @@ Accept wildcard characters: False > Applicable: Security & Compliance -The IncludeScanProgress parameter specifies whether to refresh latest scan status during classification phase. Valid values are: +The IncludeScanProgress parameter specifies whether to refresh the latest scan status during the classification phase. Valid values are: -- $true: Get latest classification status -- $false: Returns last updated scan status +- $true: Get the latest classification status. +- $false: Return the last updated scan status. ```yaml Type: Boolean From 33318aa4547daae7cd6730f134a3b4727ec486c6 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 23 Sep 2025 08:48:34 -0700 Subject: [PATCH 29/30] Update documentation for Get-SensitiveInformationScanRule Clarified example description and parameter explanations. --- .../Get-SensitiveInformationScanRule.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md index 42e046cee9..896b505574 100644 --- a/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md +++ b/exchange/exchange-ps/ExchangePowerShell/Get-SensitiveInformationScanRule.md @@ -35,7 +35,7 @@ To use this cmdlet in Security & Compliance PowerShell, you need to be assigned Get-SensitiveInformationScanRule -Identity "HR Department Scan Rule" ``` -This example returns details of scan rule such as classifiers selected, file extensions in scope etc. +This example returns details of the specified scan rule. For example, classifiers selected and file extensions in scope. ## PARAMETERS @@ -65,7 +65,13 @@ Accept wildcard characters: False > Applicable: Security & Compliance -This parameter specifies the On-demand classification scan for which this rule is created. +The Policy parameter specifies the On-demand classification scan for which this rule is created. + +You can use any value that uniquely identifies the On-demand classification scan. For example: + +- Name +- Distinguished name (DN) +- GUID ```yaml Type: PolicyIdParameter From 276fc6a7b9fd1cc436931c0ba0d121bec951f015 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 23 Sep 2025 10:23:04 -0700 Subject: [PATCH 30/30] SensitiveInformation cmdlets --- .../ExchangePowerShell/ExchangePowerShell.md | 18 ++++++++++++++++++ exchange/mapping/serviceMapping.json | 9 +++++++++ 2 files changed, 27 insertions(+) diff --git a/exchange/exchange-ps/ExchangePowerShell/ExchangePowerShell.md b/exchange/exchange-ps/ExchangePowerShell/ExchangePowerShell.md index 144bee1b49..7f1340e98f 100644 --- a/exchange/exchange-ps/ExchangePowerShell/ExchangePowerShell.md +++ b/exchange/exchange-ps/ExchangePowerShell/ExchangePowerShell.md @@ -1738,6 +1738,8 @@ Exchange PowerShell is built on PowerShell technology to a powerful command-line ### [Update-ExchangeHelp](Update-ExchangeHelp.md) ## policy-and-compliance Cmdlets +### [Cancel-SensitiveInformationScan](Cancel-SensitiveInformationScan.md) + ### [Check-PurviewConfig](Check-PurviewConfig.md) ### [Disable-JournalArchiving](Disable-JournalArchiving.md) @@ -1796,6 +1798,10 @@ Exchange PowerShell is built on PowerShell technology to a powerful command-line ### [Get-ReviewItems](Get-ReviewItems.md) +### [Get-SensitiveInformationScan](Get-SensitiveInformationScan.md) + +### [Get-SensitiveInformationScanRule](Get-SensitiveInformationScanRule.md) + ### [Get-SupervisoryReviewPolicyV2](Get-SupervisoryReviewPolicyV2.md) ### [Get-SupervisoryReviewRule](Get-SupervisoryReviewRule.md) @@ -1834,6 +1840,10 @@ Exchange PowerShell is built on PowerShell technology to a powerful command-line ### [New-ProtectionAlert](New-ProtectionAlert.md) +### [New-SensitiveInformationScan](New-SensitiveInformationScan.md) + +### [New-SensitiveInformationScanRule](New-SensitiveInformationScanRule.md) + ### [New-SupervisoryReviewPolicyV2](New-SupervisoryReviewPolicyV2.md) ### [New-SupervisoryReviewRule](New-SupervisoryReviewRule.md) @@ -1860,6 +1870,10 @@ Exchange PowerShell is built on PowerShell technology to a powerful command-line ### [Remove-ProtectionAlert](Remove-ProtectionAlert.md) +### [Remove-SensitiveInformationScan](Remove-SensitiveInformationScan.md) + +### [Remove-SensitiveInformationScanRule](Remove-SensitiveInformationScanRule.md) + ### [Remove-SupervisoryReviewPolicyV2](Remove-SupervisoryReviewPolicyV2.md) ### [Remove-TransportRule](Remove-TransportRule.md) @@ -1884,6 +1898,10 @@ Exchange PowerShell is built on PowerShell technology to a powerful command-line ### [Set-ProtectionAlert](Set-ProtectionAlert.md) +### [Set-SensitiveInformationScan](Set-SensitiveInformationScan.md) + +### [Set-SensitiveInformationScanRule](Set-SensitiveInformationScanRule.md) + ### [Set-SupervisoryReviewPolicyV2](Set-SupervisoryReviewPolicyV2.md) ### [Set-SupervisoryReviewRule](Set-SupervisoryReviewRule.md) diff --git a/exchange/mapping/serviceMapping.json b/exchange/mapping/serviceMapping.json index 663de1cf39..57c81b744c 100644 --- a/exchange/mapping/serviceMapping.json +++ b/exchange/mapping/serviceMapping.json @@ -847,6 +847,7 @@ "Test-ServicePrincipalAuthorization": "organization", "Test-SystemHealth": "organization", "Update-ExchangeHelp": "organization", + "Cancel-SensitiveInformationScan": "policy-and-compliance", "Check-PurviewConfig": "policy-and-compliance", "Disable-JournalArchiving": "policy-and-compliance", "Disable-JournalRule": "policy-and-compliance", @@ -876,6 +877,8 @@ "Get-OutlookProtectionRule": "policy-and-compliance", "Get-ProtectionAlert": "policy-and-compliance", "Get-ReviewItems": "policy-and-compliance", + "Get-SensitiveInformationScan": "policy-and-compliance", + "Get-SensitiveInformationScanRule": "policy-and-compliance", "Get-SupervisoryReviewPolicyV2": "policy-and-compliance", "Get-SupervisoryReviewRule": "policy-and-compliance", "Get-TransportRule": "policy-and-compliance", @@ -895,6 +898,8 @@ "New-OrganizationSegment": "policy-and-compliance", "New-OutlookProtectionRule": "policy-and-compliance", "New-ProtectionAlert": "policy-and-compliance", + "New-SensitiveInformationScan": "policy-and-compliance", + "New-SensitiveInformationScanRule": "policy-and-compliance", "New-SupervisoryReviewPolicyV2": "policy-and-compliance", "New-SupervisoryReviewRule": "policy-and-compliance", "New-TransportRule": "policy-and-compliance", @@ -908,6 +913,8 @@ "Remove-OrganizationSegment": "policy-and-compliance", "Remove-OutlookProtectionRule": "policy-and-compliance", "Remove-ProtectionAlert": "policy-and-compliance", + "Remove-SensitiveInformationScan": "policy-and-compliance", + "Remove-SensitiveInformationScanRule": "policy-and-compliance", "Remove-SupervisoryReviewPolicyV2": "policy-and-compliance", "Remove-TransportRule": "policy-and-compliance", "Set-AutoSensitivityLabelPolicy": "policy-and-compliance", @@ -920,6 +927,8 @@ "Set-OrganizationSegment": "policy-and-compliance", "Set-OutlookProtectionRule": "policy-and-compliance", "Set-ProtectionAlert": "policy-and-compliance", + "Set-SensitiveInformationScan": "policy-and-compliance", + "Set-SensitiveInformationScanRule": "policy-and-compliance", "Set-SupervisoryReviewPolicyV2": "policy-and-compliance", "Set-SupervisoryReviewRule": "policy-and-compliance", "Set-TransportRule": "policy-and-compliance",