Regaining Control Over Unmanaged GenAI Apps: New Microsoft Purview Enhancements in Edge

Many organizations are growing increasingly concerned about the widespread use of unsanctioned Generative AI (GenAI) tools. These apps, often accessed through unmanaged browsers, pose significant risks to data security and compliance. To help with this, Microsoft is now updating some features in  Microsoft Purview that will enhance policy enforcement for unmanaged cloud apps accessed via the Edge browser.  What’s Changing? Previously, enforcing Purview Data Loss Prevention (DLP) and Collection policies required manual creation of Edge configuration policies. These policies were often complex and needed to be scoped correctly to block unsupported browsers or apply protections. With this update, Microsoft automates much of that process: Collection Policies now apply directly within Edge without needing a separate blocking configuration. DLP Policies automatically generate Edge configuration policies that align with the scope of the DLP rules. DLP policies can operate in two mode...

Issue with enable-csuer when the user first name contain spaces

I have run into an issue with the set-csuser command in a few deployments. The error occurs when I try to use set-csuser with the "-sipaddresstype firstlastname" switch.


If I changed the -sipaddresstype from "firstlastname" to "emailaddress", I was able to use the script to enable the same user.

It turned out this user had two first names (with a space between) in the fname property in AD (fname="First Name"). If I removed one of them (fname="First"), or used a hyphen between them (fname="First-Name"), the script started working again.