Ediscovery member permissions so users could edit the search query on the case but could not add another mailbox for search.
Ediscovery is a very powerful and useful solution that is available for everyone. It can hold mailboxes of leavers and this way we can preserve the licenses, however a big problem arises when someone needs access to a leavers mailbox. After giving user permission to preview you have to add him to a security group "compliance search" which gives the user access to add any mailbox "active or inactive", it is a big security implication so the service is useless for the end user and therefore we would have to process every single request when they need to access the email history.
My idea is to create a separate group that would allow to access the case for the members that are added in to the case membership group so they could edit ONLY the search query themselves and download any emails that are required.
How I plan to use this
Now then on "Ediscovery" menu
I was thinking to create "Name Surname" that references of user who will be using the service, then we he/she has the relevant permission to access the service they open the menu and all they can see is the "searches" option which will have mailboxes assigned as per required mailbox search source which they will not able to point to anything else but that 1 source mailbox. After the user goes to search function he will be able to only alter the search query as per the users needs.
That would not only make Ediscovery better, that will also make everyone rely more on Office365 services and move out from third party services for archiving. Whats the point to use cloud when you have to keep PST`s archived onprem and pay for all the tin.
I think ediscovery would be a perfect tool if we would have these functions.
Justin Miskinis - GTR IT
agreed. I feel this is a rather major oversight. So currently there are two options.
1 - a user with the "reviewer" and "preview" roles can view an existing case and the results of a predefined search query but is UNABLE to further redefine said query. So either they have to scroll through loads of content or I have to make the search term so specific that I might as well just do everything for them.
2 - a user with "eDiscovery manager" role, can search for any content with any office 365 service, from any user with the organisation!
In my opinion this is all or nothing. More granular permissions are needed.
Bernard Welmers commented
I agree there is little ability to allow current employees to search inactive user's mailboxes. The best that I have found is to create an E-Discovery case and allow people into that case but not the ability to change the case. Unfortunately I just found out that people with "Compliance Search" capabilities can still use the general search to search for other mailboxes. So unfortunately that is not an answer either.