Applies to: Exchange Server 2013, Exchange Online

Topic Last Modified: 2012-06-07

Use the Get-DlpPolicy cmdlet to view information about existing data loss prevention (DLP) policies.

For information about the parameter sets in the Syntax section below, see Syntax.


Get-DlpPolicy [-Identity <DlpPolicyIdParameter>] [-DomainController <Fqdn>] [-Organization <OrganizationIdParameter>]


Example 1

This example returns a summary list of all DLP policies.

Copy Code

Example 2

This example returns detailed information about the DLP policy named Employee Numbers. The command is piped to the Format-List cmdlet to display the detailed configuration of the specified DLP policy.

Copy Code
Get-DlpPolicy "Employee Numbers" | Format-List

Detailed Description

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Data loss prevention (DLP)" entry in the Messaging Policy and Compliance Permissions topic.


Parameter Required Type Description




The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that retrieves data from Active Directory.




The Identity parameter specifies the DLP policy you want to remove. You can use any value that uniquely identifies the DLP policy. For example, you can specify the name, GUID, or distinguished name (DN) of the DLP policy.




The Organization parameter is reserved for internal Microsoft use.

Input Types

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

Return Types

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.