Exchange Online · Compliance & Security
Discovery Management
Members can perform searches of mailboxes for data that meets specific criteria and can configure legal holds on mailboxes. By default, this role group has no members.
Scope: All mailbox content for eDiscovery and legal hold purposes
Permissions
- Legal Hold - Place mailboxes on Litigation Hold or In-Place Hold
- Mailbox Search - Search mailbox content using In-Place eDiscovery
Common use cases
- Legal discovery requests and litigation
- Internal investigations
- Compliance audits
- Placing mailboxes on legal hold
Best practices
- Limit membership to legal and compliance teams only
- Audit all discovery activities
- Use Microsoft Purview eDiscovery for comprehensive searches
- Document the legal basis for each hold and search
Security considerations
- Can search and view any mailbox content in the organization
- Can place indefinite holds on mailboxes preventing deletion
- Discovery actions are logged but should be monitored
- By default, no users have these permissions - not even admins