Microsoft Purview · eDiscovery

eDiscovery Administrator

All eDiscovery Manager permissions PLUS organization-wide access to all cases, global eDiscovery settings management, and hold report oversight across entire tenant.

Scope: Organization-wide access to ALL eDiscovery cases, settings, and administrative functions across entire tenant

Permissions

  • Manager Permissions - ALL permissions of eDiscovery Manager (cases, searches, holds, review sets, analytics, predictive coding)
  • All Cases Access - View, access, and manage ALL eDiscovery cases across entire organization (no case isolation limits)
  • Global Settings - Configure organization-wide eDiscovery settings: analytics preferences, OCR settings, search permissions
  • Global Workflows - Manage custodian workflows and legal hold notification templates globally
  • Hold Reports - Access hold report (Premium) to view all holds across all cases tenant-wide
  • Case Management - Add, remove, or modify members in ANY case (including cases created by other managers)
  • Case Deletion - Delete and close any eDiscovery case regardless of who created it
  • Case Override - Override case permissions and access privileged attorney-client materials in all cases
  • Indexing Management - Manage advanced indexing settings and reprocessing jobs organization-wide
  • Role Management - Configure eDiscovery role groups and assign eDiscovery permissions to other users
  • Activity Reports - View and export comprehensive eDiscovery activity reports and analytics across all cases
  • Troubleshooting - Troubleshoot and resolve eDiscovery issues across all cases and investigations
  • Storage Management - Manage eDiscovery storage quotas, limits, and performance optimization
  • Orphaned Cases - Access abandoned or orphaned cases when original managers leave organization

Common use cases

  • General Counsel or Chief Legal Officer requiring oversight of all legal matters and litigation
  • Centralized eDiscovery operations center managing all legal discovery across organization
  • Emergency access to critical cases when original case manager is unavailable or has left company
  • Compliance audits of eDiscovery activities and legal hold compliance across all cases
  • Managing global eDiscovery program: templates, processes, best practices, training
  • Troubleshooting complex eDiscovery issues across multiple cases or custodians
  • Providing hold reports to executive leadership on litigation risk and preservation status
  • Managing eDiscovery during organizational restructuring, mergers, or acquisitions
  • Coordinating with outside counsel on high-stakes litigation requiring cross-case visibility
  • Ensuring consistent eDiscovery practices and quality control across legal team

Best practices

  • Limit eDiscovery Administrator role to 1-2 senior legal leaders maximum (General Counsel, eDiscovery Director)
  • Use eDiscovery Administrator primarily for oversight, emergency access, and global settings - NOT day-to-day case work
  • Implement formal approval workflows and justification for accessing other managers' cases
  • Regularly audit eDiscovery Administrator activities using Advanced Audit logs
  • Maintain strict confidentiality and privilege protection across all accessed cases
  • Document business justification for any cross-case access in compliance records
  • Use this role to establish organization-wide eDiscovery standards, templates, and policies
  • Conduct quarterly hold reports to identify stale holds and reduce preservation costs
  • Review eDiscovery Manager assignments periodically and remove unnecessary access
  • Establish ethical walls procedures for cases with conflicts of interest
  • Use Privileged Identity Management (PIM) for just-in-time activation of this highly privileged role
  • Separate eDiscovery Administrator from IT admin roles to maintain attorney-client privilege
  • Create playbooks and runbooks for common eDiscovery scenarios to ensure consistency
  • Monitor eDiscovery storage consumption and archive/delete old cases to manage costs
  • Provide training and mentorship to eDiscovery Managers on best practices

Security considerations

  • HIGHEST RISK eDiscovery role - can access ALL investigations and privileged attorney-client materials
  • Cross-case access can create conflicts of interest - establish ethical walls and Chinese walls
  • Must maintain absolute attorney-client privilege and confidentiality across all accessed matters
  • Should NEVER be combined with IT admin roles to preserve privilege and work product protections
  • All activities are permanently logged in Advanced Audit - subject to external audit and oversight
  • Access to multiple cases simultaneously increases insider threat risk - monitor closely
  • Exported data across multiple cases must follow strict chain of custody and encryption
  • Hold report access reveals litigation strategy and risk - protect from unauthorized disclosure
  • Can delete cases and destroy evidence - establish approval workflows for case deletion
  • REQUIRED to use Privileged Identity Management (PIM) for just-in-time activation
  • Should have segregated user account (admin account vs daily work account)
  • MFA and conditional access required - consider location-based access restrictions
  • Annual ethics training and confidentiality agreements required
  • May be called as witness in litigation if accessing cases - document all justifications

Official Microsoft Learn documentation →

Open the interactive RBACMap →