Remove a custom sensitive information type using PowerShell
In Security & Compliance PowerShell, there are two methods to remove custom sensitive information types:
Remove individual custom sensitive information types: Use the method documented in Modify a custom sensitive information type using PowerShell. Export the custom rule package containing the custom sensitive information type. Remove the sensitive information type from the XML file, and then import the updated XML file back into the existing custom rule package.
Remove a custom rule package and all custom sensitive information types that it contains: This method is documented in this section.
Note
Before your remove a custom sensitive information type, verify that no DLP policies or Exchange mail flow rules (also known as transport rules) still reference the sensitive information type.
To remove a custom rule package, use the Remove-DlpSensitiveInformationTypeRulePackage cmdlet:
Remove-DlpSensitiveInformationTypeRulePackage -Identity "RulePackageIdentity"You can use the Name value (for any language) or the
RulePack id(GUID) value to identify the rule package.This example removes the rule package named "Employee ID Custom Rule Pack".
Remove-DlpSensitiveInformationTypeRulePackage -Identity "Employee ID Custom Rule Pack"For detailed syntax and parameter information, see Remove-DlpSensitiveInformationTypeRulePackage.
To verify that you've successfully removed a custom sensitive information type, do any of the following steps:
Run the Get-DlpSensitiveInformationTypeRulePackage cmdlet and verify the rule package is no longer listed:
Get-DlpSensitiveInformationTypeRulePackageRun the Get-DlpSensitiveInformationType cmdlet to verify the sensitive information types in the removed rule package are no longer listed:
Get-DlpSensitiveInformationTypeFor custom sensitive information types, the Publisher property value will be something other than "Microsoft Corporation".
Replace <Name> with the Name value of the sensitive information type (for example, Employee ID) and run the Get-DlpSensitiveInformationType cmdlet to verify the sensitive information type is no longer listed:
Get-DlpSensitiveInformationType -Identity "<Name>"
Tip
If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.
More information
Feedback
Kommer snart: I hele 2024 udfaser vi GitHub-problemer som feedbackmekanisme for indhold og erstatter det med et nyt feedbacksystem. Du kan få flere oplysninger under: https://aka.ms/ContentUserFeedback.
Indsend og få vist feedback om