Here's something that no one gives a clear description. The scanner agent MUST be installed on the server where you want to SCAN files. In other words, you must install the scanner agent on the on-premises file server(s) or the share point server(s). By installing the scanner agent on the file server, then it will be listed on the Azure portal as a Node.
When I get to the step at 22:54 to set the AIP authentication I get this message "Set-AIPAuthentication : Unable to authenticate and setup Microsoft Azure Information Protection". I've researched, gone over the steps several times, still get this error. Any ideas?
In the discovery phase, can it detect information if the file is a scanned PDF and not a form? Example, If I scan a SS card, will it detect that it has a SS#?
So what's the trick to getting this to work on a server other than the local one you built this demo on? Documentation from MSFT is lacking and every demo I've seen just shows it on 1 box which isn't that helpful for turning this PoC into an actual solution.
Thanks for your comment. What did you mean by "local"? as in on-prem server (physical) or a VM?. There was no real need to configure multiple boxes in the demo, however it is do-able for larger environments. Please elaborate on issues you are facing when configuring additional nodes in your case.
@@m365compliance-scenariobas9 so we did exactly as this video, the only difference is we put a SQLExpress instance on the demo box along with the scanner, not a separate SQL server or at least I assume that was a whole other SQL box in your demo. But I noticed out of my 3 repositories, (2 of which are on another server on prem, same network, can talk etc) the other is on the local machine that is the node withthe scanner, it never scans the other servers file location. But it never errors out. I can't figure out what I am missing there, I also have 0 SQL knowledge being as this SQLExpress instance was my first experience so the issue is likely in the chair at this point.
There could be a file-share permission issue, have you checked event logs? AIP client logs on the AIP server?. how about SQL logs? is the DB accessible to the AIP service? can you see AIP token issued?. As you can see there are a lot of moving parts and place you can look at for further troubleshooting.
Excellent Demo. This is the only video that covers everything. Thank you.
Glad it was helpful! Thanks so much.
Agree with Dean - this was a incredibly thorough demo. Thanks
Thanks very much for your feedback, greatly appreciated.
this was a very comprehensive demo. Thanks for being so thorough.
Thanks for watching and for your feedback!!
I'm with you, pineapple and pizza is nothing I want to have either
Thanks for the great explanation about the AIP scanner configuration
Thanks very much for your feedback, greatly appreciated!
Here's something that no one gives a clear description. The scanner agent MUST be installed on the server where you want to SCAN files. In other words, you must install the scanner agent on the on-premises file server(s) or the share point server(s). By installing the scanner agent on the file server, then it will be listed on the Azure portal as a Node.
When I get to the step at 22:54 to set the AIP authentication I get this message "Set-AIPAuthentication : Unable to authenticate and setup Microsoft Azure Information Protection". I've researched, gone over the steps several times, still get this error. Any ideas?
Am I correct in thinking the log analytics section of this demonstration now deprecated in favour of the Purview portal?
Yes that is correct. All the logs now are moved to Purview Activity Explorer
I do all steps without any problem up until "Acquired access token on behalf of..." but I don't see any scanner under nodes. Can you help, please?
Thanks for the question. It will be hard to say without investigating. Maybe checking the logs and ensure the AIP service is running.
In the discovery phase, can it detect information if the file is a scanned PDF and not a form? Example, If I scan a SS card, will it detect that it has a SS#?
are you referring to OCR?, if yes, then not yet :)
Can the AIP Scanner capability be extended to one drive, Teams and Sharepoint online ?
Thanks for the question. Content Explorer is the feature responsible for data discovery for cloud workload. we have a demo'ed that as well.
@@m365compliance-scenariobas9 Thank you.
Hello Team,
Great videos,
AIP Scanner for on-premise
Content Explorer Cloud
quick question.
Can I discover data on Mobile devices?
Thanks for your coolest and feedback!. Unfortunately this is not supported yet in the MIP solution.
Almost irrelevant now that AIP is in Purview and no longer in Azure portal.
Why doesn't anyone explain which permissions the delegated account needs?
So what's the trick to getting this to work on a server other than the local one you built this demo on? Documentation from MSFT is lacking and every demo I've seen just shows it on 1 box which isn't that helpful for turning this PoC into an actual solution.
Thanks for your comment. What did you mean by "local"? as in on-prem server (physical) or a VM?. There was no real need to configure multiple boxes in the demo, however it is do-able for larger environments. Please elaborate on issues you are facing when configuring additional nodes in your case.
@@m365compliance-scenariobas9 so we did exactly as this video, the only difference is we put a SQLExpress instance on the demo box along with the scanner, not a separate SQL server or at least I assume that was a whole other SQL box in your demo. But I noticed out of my 3 repositories, (2 of which are on another server on prem, same network, can talk etc) the other is on the local machine that is the node withthe scanner, it never scans the other servers file location. But it never errors out. I can't figure out what I am missing there, I also have 0 SQL knowledge being as this SQLExpress instance was my first experience so the issue is likely in the chair at this point.
There could be a file-share permission issue, have you checked event logs? AIP client logs on the AIP server?. how about SQL logs? is the DB accessible to the AIP service? can you see AIP token issued?. As you can see there are a lot of moving parts and place you can look at for further troubleshooting.