Retention and access to Teams 1:1 chats without an Exchange Online mailbox

%3CLINGO-SUB%20id%3D%22lingo-sub-1801280%22%20slang%3D%22en-US%22%3ERetention%20and%20access%20to%20Teams%201%3A1%20chats%20without%20an%20Exchange%20Online%20mailbox%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1801280%22%20slang%3D%22en-US%22%3E%3CP%3EAs%20we%20know%2C%20a%20'compliance'%20copy%20of%20Teams%20chats%20is%20saved%20to%20either%20personal%20or%20(Microsoft%20365)%20Group%20mailboxes.%20It%20is%20this%20copy%20that%20is%20subject%20to%20retention%20policies%20and%20can%20be%20found%20and%20exported%20via%20Content%20Search.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20happens%20if%20there%20is%20no%20Exchange%20Online%20mailbox%3F%20Basically%2C%20the%20chats%20become%20inaccessible%20which%20become%20an%20issue%20from%20a%20recordkeeping%20and%20compliance%20point%20of%20view.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI've%20been%20working%20with%20some%20organisations%20that%20have%20decided%20(for%20whatever%20reason)%20not%20to%20enable%20the%20Exchange%20Online%20mailbox%20option%20in%20their%20end-user%20licences%20(something%20I%20don't%20recommend).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20logic%20seems%20to%20be%20that%20the%20organisations%20don't%20want%20end-users%20using%20the%20Online%20mailbox.%20However%2C%20this%20creates%20an%20interesting%20side%20effect%20-%20the%20compliance%20copy%20of%20Teams%20chats%20cannot%20be%20saved%20anywhere%2C%20which%20also%20means%20they%20cannot%20be%20found%20via%20Content%20Search.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETo%20confirm%20this%2C%20I%20created%20several%20accounts%20without%20the%20Exchange%20Online%20option%20checked%20when%20the%20licence%20was%20assigned.%20The%20end%20users%20were%20able%20to%20access%20and%20chat%20in%20the%201%3A1%20area%20of%20Teams.%20The%20outcomes%20were%20as%20follows%3A%3C%2FP%3E%3CUL%3E%3CLI%3EIf%20none%20of%20the%20participants%20in%20the%20chat%20had%20an%20Exchange%20Online%20mailbox%2C%20the%20content%20in%20that%20chat%20could%20not%20be%20found%20via%20Content%20Search.%26nbsp%3B%3C%2FLI%3E%3CLI%3EIf%20any%20of%20the%20participants%20had%20an%20Exchange%20Online%20mailbox%2C%20the%20content%20of%20the%20chat%20appeared%20only%20for%20the%20participant%2Fs%20with%20a%20mailbox.%3C%2FLI%3E%3CLI%3EIf%20an%20Exchange%20Online%20mailbox%20is%20enabled%20for%20an%20end-user%2C%20the%20content%20of%20the%20chat%20appeared%20in%20that%20mailbox%20as%20well%20as%20any%20other%20participant%20with%20a%20mailbox.%3C%2FLI%3E%3C%2FUL%3E%3CP%3EFurther%3A%3C%2FP%3E%3CUL%3E%3CLI%3EIf%20you%20allow%20(via%20Teams%20policies)%20end-users%20without%20a%20mailbox%20to%20delete%20chats%2C%20the%20chats%20are%20not%20accessible%20if%20they%20are%20deleted%20-%20they%20are%20completely%20gone.%3C%2FLI%3E%3CLI%3EIf%20you%20allow%20end-users%20with%20a%20mailbox%20to%20delete%20chats%20and%20a%20retention%20policy%20has%20been%20applied%20to%20the%20chats%2C%20the%20chats%20will%20be%20retained%20as%20per%20the%20retention%20policy%20(in%20a%20hidden%20folder).%3C%2FLI%3E%3C%2FUL%3E%3CP%3EAnd%20finally%2C%20if%20you%20allow%20private%20channels%2C%20end-users%20can%20create%20private%20channels%20in%20the%20Organisation%20Team.%20The%20chats%20in%20these%20private%20channels%20are%20usually%20stored%20in%20the%20personal%20mailboxes%20of%20participants%20(not%20the%20Group%20mailbox)%20-%20so%20these%20chats%20are%20also%20inaccessible%20and%20cannot%20be%20found%20via%20Content%20Search.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThat%20could%20be%20a%20problem%20for%20some.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1801280%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EConversations%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMessaging%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Teams%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Regular Contributor

As we know, a 'compliance' copy of Teams chats is saved to either personal or (Microsoft 365) Group mailboxes. It is this copy that is subject to retention policies and can be found and exported via Content Search. 

 

What happens if there is no Exchange Online mailbox? Basically, the chats become inaccessible which become an issue from a recordkeeping and compliance point of view. 

 

I've been working with some organisations that have decided (for whatever reason) not to enable the Exchange Online mailbox option in their end-user licences (something I don't recommend).

 

The logic seems to be that the organisations don't want end-users using the Online mailbox. However, this creates an interesting side effect - the compliance copy of Teams chats cannot be saved anywhere, which also means they cannot be found via Content Search. 

 

To confirm this, I created several accounts without the Exchange Online option checked when the licence was assigned. The end users were able to access and chat in the 1:1 area of Teams. The outcomes were as follows:

  • If none of the participants in the chat had an Exchange Online mailbox, the content in that chat could not be found via Content Search. 
  • If any of the participants had an Exchange Online mailbox, the content of the chat appeared only for the participant/s with a mailbox.
  • If an Exchange Online mailbox is enabled for an end-user, the content of the chat appeared in that mailbox as well as any other participant with a mailbox.

Further:

  • If you allow (via Teams policies) end-users without a mailbox to delete chats, the chats are not accessible if they are deleted - they are completely gone.
  • If you allow end-users with a mailbox to delete chats and a retention policy has been applied to the chats, the chats will be retained as per the retention policy (in a hidden folder).

And finally, if you allow private channels, end-users can create private channels in the Organisation Team. The chats in these private channels are usually stored in the personal mailboxes of participants (not the Group mailbox) - so these chats are also inaccessible and cannot be found via Content Search. 

 

That could be a problem for some. 

2 Replies

@Andrew Warland 

 

Very good points, and a very diligent piece of testing!  :smile:

 

I think this is one of those situations where the responsibility and the risk is definitely with the customer.  We can advise till we are blue in the face, but sometimes the advice will be disregarded.  

 

I think retention in Teams will evolve and change, but for now, it is what it is, and works really well if you do things properly as you suggest.

@Andrew Warland Your scenario is a common problem when organisations start to move to Teams but are still using Exchange on premise. The user does not have an online mailbox so where to the chats compliance records get stored. Answer = they are not, as per your detailed analysis.

 

You will be pleased to know that there is a solution for this. Microsoft has released a new feature where a cloud-based storage area is created so that you use eDiscovery tools to search for and export Teams chat data for on-premises users. You need to request this so that the records are stored in a mirror and hidden online mailbox for the users.

The when you want to search for content you will see a new menu option Add Office app content for on-premises users checkbox. You just need to remember to check the box to include the chat records of your on premise users.

 

I have linked to the relevant Microsoft article https://docs.microsoft.com/en-us/microsoft-365/compliance/search-cloud-based-mailboxes-for-on-premis...