Support Portal

Question

How do I configure eDiscovery to collect from SharePoint 365?

Prerequisites

• Internet access from the Collections Work Manager machine

Answer

Follow the steps below.

1) Create a SharePoint Service Account

1. Sign in to the O365 Admin console at https://admin.microsoft.com as an administrator
2. Under User Management click "Add user"
   
3. Specify a name and credentials for the new user.
4. Expand Roles and select "Customized administrator", then check "SharePoint administrator"
   
5. Click "Add" to create the new user

2) Grant Permissions Using either the Modern or Classic SharePoint Admin Center

Modern SharePoint Admin Center:

1. Login to your SharePoint Admin page (https://-admin.sharepoint.com) as an Administrator
2. Under Sites on the left, click "Active sites"
   
3. Do the following for every site you wish to be able to collect from:
   1. Highlight the desired site
   2. Click "Owners" at the top and select "Change admins"
      
   3. Add your newly created service account user and click "Save"
      Note: Sites may be listed in eDiscovery even if the specified account is not an admin of that site. However, collections against these sites will fail until you add the account as an admin.

Classic SharePoint Admin Center:

1. Login to your SharePoint Admin page (https://-admin.sharepoint.com) as an Administrator
2. In the menu on the left, click "Classic SharePoint admin center"
   
3. On the left, click "site collections"
   
4. Do the following for every site you wish to be able to collect from:
   1. Highlight the desired site
   2. Click "Owners" at the top and select "Manage Administrators"
      
   3. Add your newly created service account user under "Site Collection Administrators" and click "OK"
      Note: Sites may be listed in eDiscovery even if the specified account is not a Site Collection Administrator of that site. However, collections against these sites will fail until you add the account as a Site Collection Administrator.

3) Add a SharePoint Connector in eDiscovery

1. Login to eDiscovery as an Administrator
2. Click "Data Sources" at the top
   
3. Click the SharePoint tab
   
4. Click the plus sign  to create a new connector
5. Specify the Web Application URL and the Username and Password of the previously created service account user, then click "OK"
   Note: The Web Application URL should be a root site in the form https://domain.sharepoint.com

Perform Collections

1. In the Jobs tab, click on the  to create a new collection
2. In the pull down box, select Collection
3. Select SharePoint in the selection box below
4. In the SharePoint tab, select the SharePoint site that you need to collect from
5. Complete the collection as you would any other collection

Notes

• AD eDiscovery does not support collecting from sites based off the Modern "Team site" template.
• Sites based on the Modern "Team site" template will not be listed in the Classic SharePoint Admin Center.
• "Admin" in the Modern SharePoint Admin Center is the equivalent of "Site Collection Administrator" in the Classic SharePoint Admin Center.