Applies to: Exchange Server 2013, Exchange Online

Topic Last Modified: 2012-07-27

Use the Set-DlpPolicy cmdlet to modify data loss prevention (DLP) policies in your organization.

For information about the parameter sets in the Syntax section below, see Syntax.

Syntax


`Set-DlpPolicy -Identity <DlpPolicyIdParameter> [-Confirm [<SwitchParameter>]] [-Description <String>] [-DomainController <Fqdn>] [-Mode <Audit \| AuditAndNotify \| Enforce>] [-Name <String>] [-State <Enabled \| Disabled>] [-WhatIf [<SwitchParameter>]]`

Examples

Example 1

This example disables the DLP policy named Employee Numbers.

	Copy Code
Set-DlpPolicy "Employee Numbers" -State Disabled

Detailed Description

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Data loss prevention (DLP)" entry in the Messaging Policy and Compliance Permissions topic.

Parameters

Parameter	Required	Type	Description
Identity	Required	Microsoft.Exchange.MessagingPolicies.CompliancePrograms.Tasks.DlpPolicyIdParameter	The Identity parameter specifies the DLP policy you want to modify. You can use any value that uniquely identifies the DLP policy. For example, you can specify the name, GUID, or distinguished name (DN) of the DLP policy.
Confirm	Optional	System.Management.Automation.SwitchParameter	The Confirm switch causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm switch.
Description	Optional	System.String	The Description parameter specifies an optional description for the DLP policy.
DomainController	Optional	Microsoft.Exchange.Data.Fqdn	The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.
Mode	Optional	Microsoft.Exchange.MessagingPolicies.Rules.RuleMode	The Mode parameter specifies the action and notification level of the DLP policy. Valid values for this parameter are: `Audit`: When a message matches the conditions specified by the DLP policy, the actions specified by the policy aren't enforced, and no notification emails are sent. `AuditAndNotify`: When a message matches the conditions specified by the DLP policy, the actions specified by the policy aren't enforced, but notification emails are sent. `Enforce`: When a message matches the conditions specified by the DLP policy, the actions specified by the policy are enforced, and notification emails are sent. If the State parameter is set to `Disabled`, the value of the Mode parameter is irrelevant.
Name	Optional	System.String	The Name parameter specifies a unique name for the DLP policy.
State	Optional	Microsoft.Exchange.MessagingPolicies.Rules.RuleState	The State parameter enables or disables the DLP policy. Valid input for this parameter is `Enabled` or `Disabled`.
WhatIf	Optional	System.Management.Automation.SwitchParameter	The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch.

Input Types

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

Return Types

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.