SCDLPComplianceRule: Attributes are missing when exporting
michaelbaltes opened this issue · 0 comments
Description of the issue
When I do an export of SCDLPComplianceRule I wondered becuase settings like this are missing:
ExceptIfSubjectContainsWords : {}
SubjectOrBodyMatchesPatterns : {}
ExceptIfSubjectOrBodyMatchesPatterns : {}
SubjectOrBodyContainsWords : {}
ExceptIfSubjectOrBodyContainsWords : {}
DocumentMatchesPatterns : {}
ExceptIfDocumentMatchesPatterns : {}
DocumentContainsWords : {}
ExceptIfDocumentContainsWords : {}
SenderADAttributeMatchesPatterns :
ExceptIfSenderADAttributeMatchesPatterns :
SenderADAttributeContainsWords :
ExceptIfSenderADAttributeContainsWords :
RecipientADAttributeMatchesPatterns :
ExceptIfRecipientADAttributeMatchesPatterns :
RecipientADAttributeContainsWords :
ExceptIfRecipientADAttributeContainsWords :
ContentCharacterSetContainsWords : {}
ExceptIfContentCharacterSetContainsWords : {}
DocumentNameMatchesPatterns : {}
ExceptIfDocumentNameMatchesPatterns : {}
When I use Get-DlpComplianceRule -Identity "INT_DLP_RULE_OneDrive_UnallowedUploadDetected" | fl *
I get all settings, but missing them inside m365config.ps1, so I can't startdscconfig. (see error below)
Microsoft 365 DSC Version
1.24.605.1
Which workloads are affected
Security & Compliance Center
The DSC configuration
SCDLPComplianceRule "SCDLPComplianceRule-INT_DLP_RULE_OneDrive_UnallowedUploadDetected"
{
BlockAccess = $False;
Comment = "Mit dieser Rule wird der Upload von Dokumenten mit der Klassifizierung `"2 - VERTRAULICH`" oder `"3 - GEHEIM`" auf OneDrive detektiert.";
ContentIsNotLabeled = $False;
Credential = $Credscredential;
Disabled = $False;
DocumentIsPasswordProtected = $False;
DocumentIsUnsupported = $False;
Ensure = "Present";
ExceptIfDocumentIsPasswordProtected = $False;
ExceptIfDocumentIsUnsupported = $False;
ExceptIfHasSenderOverride = $False;
ExceptIfProcessingLimitExceeded = $False;
GenerateAlert = @("mail@mail.com");
HasSenderOverride = $False;
Name = "INT_DLP_RULE_OneDrive_UnallowedUploadDetected";
NotifyUser = @("SiteAdmin");
Policy = "INT_DLP_POL_OneDrive_UnallowedUploadDetected";
ProcessingLimitExceeded = $False;
RemoveRMSTemplate = $False;
ReportSeverityLevel = "High";
StopPolicyProcessing = $False;
}`
Verbose logs showing the problem
Getting message from error object |Microsoft.Exchange.Management.UnifiedPolicy.NoMandatoryPredicatePresentException|Every rule must contain one or more of these conditions: 'ContentPropertyContainsWords, ContentContainsSensitiveInformation, SenderIPRanges, RecipientDomainIs, SentTo, FromAddressContainsWords, FromAddressMatchesPatterns, AnyOfRecipientAddressContainsWords, AnyOfRecipientAddressMatchesPatterns, SubjectMatchesPatterns, SubjectContainsWords, DocumentContainsWords, DocumentMatchesPatterns, SubjectOrBodyMatchesPatterns, SubjectOrBodyContainsWords, SenderADAttributeMatchesPatterns, SenderADAttributeContainsWords, RecipientADAttributeContainsWords, RecipientADAttributeMatchesPatterns, DocumentNameMatchesPatterns, DocumentNameMatchesWords, ContentExtensionMatchesWords,
ContentFileTypeMatches, DocumentIsPasswordProtected, ProcessingLimitExceeded, DocumentIsUnsupported, DocumentSizeOver,
MessageSizeOver, MessageTypeMatches, SenderDomainIs, SentToMemberOf, From, UnscannableDocumentExtensionIs, HeaderContainsWords,
HeaderContainsTokens, ContentCharacterSetContainsWords, HeaderMatchesPatterns, FromMemberOf, FromScope, HasSenderOverride,
NonBifurcatingAccessScope, ContentMissingSensitivityLabel, DocumentCreatedBy, DocumentCreatedByMemberOf, HasLabelDowngradedFrom,
RestrictBrowserAccess, ContentIsNotLabeled, AttachmentIsNotLabeled, MessageIsNotLabeled, AttachmentCountOver, SharedByIRMUserRisk,
DeviceManagementType, AccessedBy, AccessedByMemberOf, MessageLabelChangeDetected, ExceptIfMessageLabelChangeDetected'.
+ CategoryInfo : NotSpecified: (:) [], CimException
+ FullyQualifiedErrorId : [TimeStamp=Fri, 14 Jun 2024 04:58:01 GMT],Write-ErrorMessage
+ PSComputerName : localhost
Environment Information + PowerShell Version
Name Value
---- -----
PSVersion 5.1.22621.3672
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.22621.3672
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1