\\;LanmanRedirector incidents are observed in Enfroce.
search cancel

\\;LanmanRedirector incidents are observed in Enfroce.


Article ID: 274999


Updated On:


Data Loss Prevention


DLP incidents with the following path '\;LanmanRedirector;P:000000000038339b\foldername' are being observed in the Enforce console, and they appear to be originating from a shared drive.


These incidents are occurring as a result of a third-party application attempting to access or use a network share. Importantly, it's not a DLP issue but rather a Windows issue related to how the path has been sent to the DLP system.


To address this issue, follow these steps:

  1. Identify the specific third-party application responsible for the incidents on the affected client machine.
  2. Once you've identified the application, add it to the Global Application Monitoring list.
  3. In the Global Application Monitoring settings, disable the network share option for this application.

Additional Information

 Lanman redirector in this Microsoft document.


How to whitelist or exclude an application from DLP Endpoint agents