Data Loss Prevention (DLP) Network Protect SharePoint File Quarantine marker file is not visible to the end user.

book

Article ID: 184311

calendar_today

Updated On:

Products

Data Loss Prevention Network Protect

Issue/Introduction

Testing DLP Network Protect file quarantine of SharePoint Discover scans and DLP is successfully quarantining the file and leaves marker file in the original file location, however, only the service account(the account configured in DLP to perform the scan and quarantine actions) is able to see marker file. The user that created/uploaded the files that were quarantined cannot see the marker files. 

Cause

The files were located under “Files with no checked in version” on the SharePoint server.


 

Resolution

  1. Manage Files With No Checked In Version: Go to Library Settings and click the "Manage files which have no checked-in version" link. If users have uploaded files but not checked them in, the users who uploaded the documents will be the only ones who can see them. Fortunately, the site owner can take ownership of checked out files, then check them in.
     
  2. Version Access: Go to Library Settings and click the "Versioning Settings" link. If "Content Approval" is turned on, then only people with access to Approve items will be able to see unapproved items. Similarly, if "Create major and minor (draft) versions" is checked, double-check what the "Draft Item Security" is set to-- you probably want it to be "Any user who can read items"
     
  3. Permissions: Finally, go to Permissions for this document library and confirm that there are no documents or folders with unique permissions.