What is Litigation Hold?
Litigation Hold, also known as Legal Hold, is an email setting to preserve a users mailbox content including deleted items and modified items. Litigation hold is used by some companies to preserve email for VIP users or employees with sensitive access. The most common use is to activate the feature prior to an investigation or termination is being done on an employee. The feature will prevent any sort of tampering or mass delete that could be done.
Some important items to note are:
- The setting can take up to 60 minutes to take effect.
- A user can still work as normal in email when placed on litigation hold.
- A users archive mailbox is also preserved when litigation hold is activated.
- The default setting will store 30GB of data. It is recommended to monitor the size of your legal hold mailboxes to avoid reaching the limit.
- You can set a duration of time to keep the data or keep it indefinitely.
Enable Litigation Hold for a User:
Any of the Office 365 Powershell commands will first require that you connect to your tenant.
First launch Powershell as administrator, then run the commands and enter your O365 admin account.
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Next enable litigation hold for a specific user with the following command.
If you wish to set a duration you can add the -litigationholdduration flag.
Disable Litigation Hold for a User:
To disable litigation hold run the following command.
Find all users in O365 on Litigation Hold:
To find all users in your Office 365 tenant that are on legal hold run the following command:
NOTE: you can also check if any mailboxes are on hold in soft delete with the command:
