cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Automatically put mailbox on lithold

Skipster311-1
Iron Contributor

‎Dec 08 2021 08:06 AM

‎Dec 08 2021 08:06 AM

Automatically put mailbox on lithold

Hello 

When a knew mailbox is created i want it to be automatically put on litigation hold. What is the best way to do this? We are currently in  hybrid Exchange environment 

Labels:
1,076 Views
0 Likes
5 Replies
Reply
5 Replies
Vasil Michev

‎Dec 08 2021 08:24 AM

‎Dec 08 2021 08:24 AM

Re: Automatically put mailbox on lithold

Where is the mailbox located? On-premises, you can easily automate this with the Exchange scripting agent or just schedule a PS script. In O365, best take advantage of the "org-wide" retention policies or the recently-introduced "adaptive scopes": https://docs.microsoft.com/en-us/microsoft-365/compliance/retention?view=o365-worldwide#auditing-ret...
0 Likes
Reply
Skipster311-1

‎Dec 08 2021 08:30 AM

‎Dec 08 2021 08:30 AM

Re: Automatically put mailbox on lithold

all mailboxes are in EXonline. Thank you
0 Likes
Reply
Skipster311-1

‎Dec 08 2021 09:17 AM

‎Dec 08 2021 09:17 AM

Re: Automatically put mailbox on lithold

Thanks Vasil. Can you point me to a script that looks at a particular O365 license, and if found put the mailbox on lithold
0 Likes
Reply
best response confirmed by Skipster311-1 (Iron Contributor)
surajbudhani

‎Dec 08 2021 12:05 PM

‎Dec 08 2021 12:05 PM

Solution

Re: Automatically put mailbox on lithold

As Vasil recommended, if users are in Exchange Online you can use Retention Policies in security and compliance center to ensure mailbox data is not deleted.

If you want to use PowerShell to find users with a specific license and then enable litigation hold you can try the following command:

$Users = Get-MsolUser | Where-Object {($_.licenses).AccountSkuId -match "Contoso:EnterprisePack"}
$Users | %{Set-Mailbox $Users.UserPrincipalName -LitigationHoldEnabled $true}

Note: match phrase "Contoso:EnterprisePack" is the account SKU (License) that you are looking for, you can find the SKU using the following command: Get-MsolAccountSku and replace it accordingly
0 Likes
Reply
Skipster311-1

‎Dec 08 2021 12:22 PM - edited ‎Dec 08 2021 12:22 PM

‎Dec 08 2021 12:22 PM - edited ‎Dec 08 2021 12:22 PM

Re: Automatically put mailbox on lithold

Thanks. I want to do a check to see if the mailbox is currently on lithold first. This is what i put together

$pimserviceaccount = "admin.@mycompany.onmicrosoft.com"
$adminpassword = "01000000d08c9ddf0115d1118c7a00c04fc297eb0100000084b78e199e1c3b478efd799c7aab6a910000000002000000000003660000c0000000100000000d19998b9fdab9ec1f44820c65de76fd0000000004800000a000000010000000dce05d1d250d5882967e46b97ecbd0c218000000ab0ceed45aa0a431a0137017b3479b6a6ea8e9694b41327714000000d1b19a01c628ceffedd753a5e2b53d0cd90fb930"
$secureString = ConvertTo-SecureString -String $adminpassword
$cred = New-Object -TypeName PSCredential -ArgumentList $pimserviceaccount, $secureString
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking

$Lithold = Get-MsolUser -all:$true | Where-Object {($_.licenses).AccountSkuId -match "SPE_E5" -or ($_.licenses).AccountSkuId -match "EXCHANGEARCHIVE_ADDON" -or ($_.licenses).AccountSkuId -match "SPE_F1" -or ($_.licenses).AccountSkuId -match "SPE_F5_SECCOMP"} |select UserPrincipalname
$lithold |ForEach-Object {Get-Mailbox -Identity $_.userprincipalname} | Where-Object {$_.litigationholdenabled -eq $false} |set-mailbox -LitigationHoldEnabled:$true

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Skipster311-1 (Iron Contributor)
surajbudhani

‎Dec 08 2021 12:05 PM

‎Dec 08 2021 12:05 PM

Solution

Re: Automatically put mailbox on lithold

As Vasil recommended, if users are in Exchange Online you can use Retention Policies in security and compliance center to ensure mailbox data is not deleted.

If you want to use PowerShell to find users with a specific license and then enable litigation hold you can try the following command:

$Users = Get-MsolUser | Where-Object {($_.licenses).AccountSkuId -match "Contoso:EnterprisePack"}
$Users | %{Set-Mailbox $Users.UserPrincipalName -LitigationHoldEnabled $true}

Note: match phrase "Contoso:EnterprisePack" is the account SKU (License) that you are looking for, you can find the SKU using the following command: Get-MsolAccountSku and replace it accordingly

View solution in original post

0 Likes
Reply