Forum Discussion
Apply a Office 365 Security & Compliance retention policy to specific users
Why do you need to remove users though? Generally speaking, the requirements to keep data also apply to leavers, so there should be no need to update the policy every time a person leaves the company. But to answer the question, the way to find out which policies apply to which objects is to look at the corresponding mailbox attributes. For example:
[09:57:21]# (Get-Mailbox vasil).InPlaceHolds mbxda45e521e0314dd19ec276112c2af7b9:2 [09:59:01]# Get-RetentionCompliancePolicy da45e521e0314dd19ec276112c2af7b9 Name Workload Enabled Mode ---- -------- ------- ---- PersonalStuff Exchange, SharePoint, OneDriveForBusiness, Skype, ModernGroup True Enforce
where I've stripped the "mbx" prefix. For company-wide policies, you should look into the output of the Get-OrganizationConfig cmdlets instead.
I agree, it can be handled in a better manner. And ODFB handling is crap, we've been asking for years now to have it changed based on UPN or something instead of having to always specify the URL.
Why do you need to remove users though? Generally speaking, the requirements to keep data also apply to leavers, so there should be no need to update the policy every time a person leaves the company. But to answer the question, the way to find out which policies apply to which objects is to look at the corresponding mailbox attributes. For example:
[09:57:21]# (Get-Mailbox vasil).InPlaceHolds mbxda45e521e0314dd19ec276112c2af7b9:2 [09:59:01]# Get-RetentionCompliancePolicy da45e521e0314dd19ec276112c2af7b9 Name Workload Enabled Mode ---- -------- ------- ---- PersonalStuff Exchange, SharePoint, OneDriveForBusiness, Skype, ModernGroup True Enforce
where I've stripped the "mbx" prefix. For company-wide policies, you should look into the output of the Get-OrganizationConfig cmdlets instead.
I agree, it can be handled in a better manner. And ODFB handling is crap, we've been asking for years now to have it changed based on UPN or something instead of having to always specify the URL.