Preservation hold settings

The Hold Admin tab contains all Legal Hold configuration, Global Reminder settings, and custodian roles.

This page contains the following sections:

See these related pages:

Adding Preservation Hold Settings

To create a Preservation Hold for a custodian, the Preservation Hold Settings will need to be added first. This is a one time setup to create data sources for a preservation hold. On the Preservation Hold Settings page, fill out the fields defined below:

  • Name - enter in the name to identify the data source.
  • Domain Name - enter the Microsoft 365 Tenant Domain.
  • URL - this URL is the connection to Microsoft 365 Protection Services utilized by Relativity Legal Hold (read only).
  • Account User - enter in the username of the account used to access Microsoft 365. This account must be assigned the eDiscovery Manager role in Microsoft 365, which is required to create and remove preservation holds.

    Note: An Microsoft 365 E3 license or higher is required by Microsoft in order to have access to Microsoft 365 preservation features.

  • Account Password - enter in the password for the account user.

    Note: Credentials used for accessing Microsoft 365 are stored in an encrypted state by Relativity for security purposes.

  • Resolve SharePoint Site Permissions - select Yes or No to temporarily grant the required permissions to the Account User in order to obtain the list of custodians that have access to a given site during the target discovery process.

    Note: If this option is not enabled, it is possible that not all targets will be returned during the discovery process. The Account User must have all required permissions to read the site properties. For more information, see Microsoft support.

Microsoft 365 admin account

When setting up an admin account in Microsoft 365, you will need to fill out the Preservation Hold settings with admin Microsoft credentials. The account user needs to have the following permissions:

  • For SharePoint - SharePoint admin
  • For Mailbox and OneDrive - Compliance admin

If the account user does not have these permissions, follow the steps below:

  1. Log into Microsoft 365 as an Administrator.
  2. Go to the Admin Center.
  3. Click Users > Active Users.
  4. Click on your Legal Hold Account User.
  5. Add the appropriate Roles for SharePoint/Mailbox and OneDrive.

Once the account user is an admin, then you need to generate an app password in Microsoft 365. To generate an app password, have Microsoft 365 and Relativity open. Then, follow the steps below:

  1. Log into Microsoft 365
  2. Navigate to My Account.
  3. Click on Security and Privacy.
  4. Click on Create and manage app passwords.
  5. Create a new app password using the create button.
  6. Copy the password.

In Preservation Hold Settings, paste the app password into the Account Password field.

For more information, see Microsoft documentation see Microsoft's Using app passwords with apps that don't support two-step verification documentation.

Another option is to not set up multi-factor authentication. The best practice would be to set up a non-personal account to be the admin. This way Relativity can access the account without being prevented by multi-factor authentication.

To not set up multi-factor authentication in Microsoft 365, leave the Microsoft 365 Business subscription security turned on. No steps need to be taken if defaults haven't been changed. If defaults have been changed, navigate to the Azure Active Directory Properties. Then locate the Manage Security defaults and select Yes. Selecting Yes enables the security defaults, meaning multi-factor authentication won't be used.

If the admin account can't be granted SharePoint Admin privileges in Microsoft 365 for security reasons, you can utilize the Entity OneDrive URL feature to facilitate OneDrive preservations. You are still unable to preserve SharePoint site URLs since SharePoint Admin privileges are required by Microsoft. For more information, see Entity OneDrive URL field.

Deleting a Preservation Hold Setting

To delete a Preservation Hold Setting, delete all projects using the setting first. To learn how to delete projects, see Projects. Once the projects have been deleted, navigate to the Preservation Hold Setting and click the Delete button. This action deletes the Preservation Hold Setting from Relativity Legal Hold.

Note: Due to background processes, the Preservation Hold Setting may not be immediately deleted.