Install-Scanner (PurviewInformationProtection)

The Install-Scanner cmdlet installs and configures the Microsoft Purview Information Protection scanner on a computer running Windows Server 2022, Windows Server 2019, Windows Server 2016, or Windows Server 2012 R2. The Microsoft Purview Information Protection scanner uses this service to scan files on data stores that use the Server Message Block (SMB) protocol, and on SharePoint on premises. Files that this scanner discovers can then be labeled to apply classification, and optionally, apply protection or remove protection. For more information about how to configure the labels and policy settings, see: Overview of sensitivity labels Important You must run this cmdlet before you run any other cmdlet for the Microsoft Purview Information Protection scanner. The command creates a Windows service named Information Protection Scanner. It also creates and configures a database on SQL Server to store configuration and operational information for the scanner. The service that you specify to run the scanner is automatically granted the required rights to read and write to the database that is created. To run this command, you must have local administrator rights for the Windows Server computer, and Sysadmin rights on the instance of SQL Server that you will use for the scanner. After you have run this command, use the Microsoft Purview compliance portal to configure the settings in the scanner cluster and specify the data repositories to scan. Before you run the scanner, you must run the Set-Authentication cmdlet one time to sign in to Azure AD for authentication and authorization. For step-by-step instructions to install, configure, and use the scanner, see Learn about the information protection scanner.