Allow dynamic retention policy based on group membership
The below is too great a restriction and renders the retention policy useless.
Groups selection confirmation
The specified groups will be expanded so that an In-Place Hold can be put on the mailboxes in these groups. Only the mailboxes that are currently members of these groups will be placed on hold. Mailboxes added to or removed from these groups won't be added or removed from this hold. After setting the group for the location, the new member changes for this group will not auto apply to this location settings. Do you want to expand these groups?

Currently investigating how to solve this scenario. will update with progress.
14 comments
-
Shukra commented
Allow AD role based authentication and membership. Why recreate the wheel? Use AD please.
-
JG commented
This would be a big win for large organizations. We keep having to create "new" additional retention polices targeting individual users every time we hit the 1000 user limit.
-
Star D. commented
Out of votes, but supporting
-
Connan Olufson commented
I agree with Narsi's comment. Looking for new users added to a group to be assigned to a retention policy. Not looking to remove users from retention policy when they are removed from the group. Current work around is a recurring task running a powershell script to compare group membership and retention policy location, then add group members not listed in the retention policy location. It would be nice if the group could be specified in the retention policy and the comparison for group members missing from the retention policy location could be handled automatically.
-
Anonymous commented
Any update on this? The last update was July 14, 2020. Thanks.
-
Nikki C commented
This is really important when there are different retention rules for users in different countries. It would be much easier to automatically add users to a the Teams chat, mailbox or OneDrive based on rules e.g. Azure user attribute, or membership of a security group.
By default this should be add only.
There should also be an option to decide whether you also want users automatically removed from the retention policy if they no longer meet the rules -
Ian Navran commented
I would like to see the introduction of ‘dynamic labels’. These labels would be defined like DDLs (ie a attribute query based scope). Retention policies could then use labels to define scope for EXO mailboxes
-
Narsi commented
Applying of retention policy to Dynamic group would be ok, however not removing the policy.
Even if user leaves the group they should still have the retention applied as they were part of the group at some point hence data needed to be retained -
Mark commented
vital for delivering to an multi-country Enterprise
-
Philip commented
This would be a huge help to us!
-
Glenn Blinckmann commented
I'd also like to see both retention policies and DLP policies applied to Azure AD Dynamic security groups. This would be extremely helpful with larger enterprise customers.
-
Eric commented
Retention policies for Teams messages and chats should be assignable by AD group instead of having to manually specify each user individually.
-
Anonymous commented
I want to apply a retention policy that is tied to an AD group. When I try to do so, I get the explanation below.
I would like it to be possible to assign a retention policy to a group and have this apply on an on going basis and not just to userrs in the group at the time that it is applied.
Distribution lists and mail-enabled security groups will be expanded so the policy will apply to all the mailboxes in the group. Only the mailboxes that are currently members of these groups will be covered by the policy. Mailboxes added to these groups later won't be covered, but ones that are removed later will still be covered.
-
Anonymous commented
100% agreed. If a retention policy is not going to dynamically support a group (other than initially added members to the policy) there should be integration with Azure AD Dynamic Groups. Let the dynamic groups make the add/remove changes and have the retention policy use the dynamic group members to enforce retention policies. Without this capability all of the automation has to be scripted and maintained.