Microsoft 365 Alert : Service Degradation – Custom connector added to a DLP policy via PowerShell may be removed if policy is edited in Power Platform admin center – RESOLVED
Issue Reported: 02/08/2021 03:36:00 PM
Microsoft Reference : CR275975
Issue Status: RESTORED
Issue Description: Custom connector added to a DLP policy via PowerShell may be removed if policy is edited in Power Platform admin center.
More Info : This only affects the unsupported legacy experience; DLP policies created through the Power Platform admin center are unaffected.
To manage custom connectors in your tenant-level DLP policy, you can now use the Custom Connector URL Patterns feature (currently in preview). Please <a href=”https://docs.microsoft.com/en-us/power-platform/admin/dlp-custom-connector-parity”>review the following documentation.</a>
You can verify whether your custom connector is still in the policy using PowerShell. Please see the following <a href=”https://docs.microsoft.com/en-us/powershell/module/microsoft.powerapps.administration.powershell/get-dlppolicy?view=pa-ps-latest”>documentation</a>.
Final Update – 09/08/2021 09:12:00 AM: After Microsoft’s investigation, they have determined that this is a known bug that only occurs using the unsupported legacy PowerShell experience. The issue occurs when the following steps are performed:
- An admin opens the DLP policies page in the Power Platform Admin Center in a web browser.
- A custom connector is added to the policy using the “Add-CustomConnectorToPolicy” PowerShell cmdlet.
- Without refreshing the policy list, the admin then edits and saves the same policy in Power Platform Admin Center.
- The previously-added custom connector gets removed from the policy.
Microsoft recommends avoiding the above process and perform DLP policy updates using the Power Platform admin center interface.
As this rarely occurs in the above scenario using unsupported methods, we are treating this issue as a known bug that will be addressed in a future service update.