Set-AIPScannerContentScanJob
Defines settings for an Azure Information Protection content scan job.
Syntax
Set-AIPScannerContentScanJob
[-Schedule <Schedule>]
[-DiscoverInformationTypes <DiscoverInformationTypes>]
[-RecommendedAsAutomatic <OnOffEnum>]
[-EnableDlp <OnOffEnum>]
[-Enforce <OnOffEnum>]
[-LabelFilesByContent <OnOffEnum>]
[-RelabelFiles <OnOffEnum>]
[-AllowLabelDowngrade <OnOffEnum>]
[-EnforceDefaultLabel <OnOffEnum>]
[-DefaultLabelType <DefaultLabelType>]
[-DefaultLabelId <Guid>]
[-DefaultOwner <String>]
[-RepositoryOwner <String>]
[-PreserveFileDetails <OnOffEnum>]
[-IncludeFileTypes <String>]
[-ExcludeFileTypes <String>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Defines the configuration for your content scan job, which scans the content in the defined repositories, according to the settings defined. For more information about content scan jobs, see the Azure Information Protection on-premises scanner documentation.
Examples
Example 1 Define default content scan job settings
PS C:\WINDOWS\system32> Set-AIPScannerContentScanJob -Enforce OffThis example defines the content scan job with default settings, and sets the Policy enforcement option to Off.
Example 2 Define a basic content scan job that runs continuously
PS C:\WINDOWS\system32> Set-AIPScannerContentScanJob -Enforce Off -RelabelFiles On -EnforceDefaultLabel On -Schedule AlwaysThis example defines the content scan job with without enforcing a policy, allowing files to be re-labeled, using a default label, and is scheduled to run always.
Example 3 Define a content scan job that allows for specific re-labeling actions only
PS C:\WINDOWS\system32> Set-AIPScannerContentScanJob -RelabelFiles On -AllowLabelDowngrade On -EnforceDefaultLabel OnThis example defines a content scan job that allows for content to be re-labeled only to downgrade a label or use a default label.
Example 4 Define a content scan job that excludes .msg and .tmp files
PS C:\WINDOWS\system32> Set-AIPScannerContentScanJob -IncludeFileTypes '' -ExcludeFileTypes '.msg,.tmp'This example defines a content scan job that includes all file types except for .msg and .tmp files.
Example 5 Define a content scan job with DLP enabled, and a specific repository owner
PS C:\WINDOWS\system32> Set-AIPScannerContentScanJob -EnableDLP On -RepositoryOwner 'domain\user'This example defines the content scan job to use the Microsoft 365 built-in data loss prevention (DLP) sensitivity information types when scanning your content, and also defines a specific owner for the content scan job's repositories.
Example 6 Define a content scan job with a default label to use when automatically labeling content
PS C:\WINDOWS\system32> Set-AIPScannerContentScanJob -DefaultLabelType Custom -DefaultLabelId 'ff1f1c9d-2f92-4a18-3d84-4608b742424'This example defines the content scan job with a specific label used as the default label, specified by the label ID.
Parameters
-AllowLabelDowngrade
Determines whether the content scan job allows for labeling downgrade actions.
Relevant only when the RelabelFiles parameter is set to on.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultLabelId
Defines the ID of the default label used when automatically labeling content with a default label.
Mandatory if the DefaultLabelType parameter is set to custom.
| Type: | Guid |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultLabelType
Determines the type of default label used when automatically labeling content with a default label.
When used, define the label ID you want to use as the default ID using the DefaultLabelId parameter.
| Type: | DefaultLabelType |
| Accepted values: | None, PolicyDefault, Custom |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultOwner
Defines the default owner value used for the files scanned, using the account email address. By default, this is the scanner account.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DiscoverInformationTypes
Determines the types of information types discovered during the content scan job.
| Type: | DiscoverInformationTypes |
| Accepted values: | PolicyOnly, All |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnableDlp
Determines whether the content scan job uses the Microsoft 365 built-in data loss prevention (DLP) sensitivity information types when scanning your content.
Tip
If you configure this parameter, you may also want to configure a specific repository owner using the RepositoryOwner parameter.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Enforce
Determines whether the content scan job enforces content scanning and labeling according to your policy.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnforceDefaultLabel
Determines whether using a default label is always used when relabeling content.
Relevant only when the RelabelFiles parameter is set to on.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExcludeFileTypes
Determines any file types that are ignored during your content scan job. Define multiple file types using a comma-separated list.
If you define this parameter, define the IncludeFileTypes parameter as null. For example, Example 4 above.
Relevant only when the OverrideContentScanJob parameter is set to on in the Add-AIPScannerRepository or Set-AIPScannerRepository cmdlets.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IncludeFileTypes
Explicitly determines the file types that are scanned by your content scan job. Define multiple file types using a comma-separated list.
If you define this parameter, define the ExcludeFileTypes parameter as null. For example, Example 4 above.
Relevant only when the OverrideContentScanJob parameter is set to on in the Add-AIPScannerRepository or Set-AIPScannerRepository cmdlets.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LabelFilesByContent
Determines whether the Label files based on content content scan job option is enabled or disabled.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PreserveFileDetails
Determines whether the file details, including the date modified, last modified, and modified by settings are preserved while scanning and auto-labeling.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RecommendedAsAutomatic
Determines whether recommended labels are used to automatically label your content.
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RelabelFiles
Determines whether the content scan job is allowed to relabel files.
Tip
When using this parameter, use the following additional parameters as needed:
- EnforceDefaultLabel
- AllowLabelDowngrade
| Type: | OnOffEnum |
| Accepted values: | On, Off |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RepositoryOwner
Specifies the SAMAccountname (domain\user), UPN (user@domain), or SID of a group that owns the repository.
The owners are granted full control permissions on the file if the permissions on the file are changed by a matched DLP rule.
Relevant only when the EnableDlp parameter is set to on.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Schedule
Determines whether the content scan job runs according to a specific schedule, or continuously.
| Type: | Schedule |
| Accepted values: | Manual, Always |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
Outputs
System.Object