DLP Enforce fails to obtain MIP labels and shows MIP classification sync failed error
search cancel

DLP Enforce fails to obtain MIP labels and shows MIP classification sync failed error

book

Article ID: 261878

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

You created an MIP profile but it never obtains the data classification labels from Azure. The Enforce is showing the below message:

MIP classification sync failed. Could not connect to Microsoft Azure AD Microsoft 365 Security

Environment

15.8/16.0

Cause

There may be a delay of 90 seconds for MIP to respond to the fetch label request. If the request will be not completed in 60 seconds, the Enforce will cancel it and throw an error.

Resolution

If you see a delay in getting a response from MIP:

  1. Go to C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.8.00000\Protect\config and open Enforce.properties
  2. Change com.vontu.enforce.dataclassification.mip.timeout to e.g. 180 seconds.
  3. Save the file and recycle Symantec DLP Manager Service to apply the change.
  4. Try to synchronize your labels.

Additional Information

Before adjusting the timeout setting, make sure that the Enforce can access the URLs listed in DLP Fails to Obtain MIP Labels from Azure (broadcom.com).