Configuring EDiscovery between SharePoint 2013 and Exchange 2013.

Configuring EDiscovery between SharePoint 2013 and Exchange

2013

Steve Smith

@stevesmithcksteve@combined-

knowledge.com

What Can you Discover and Export ?• Documents: Documents are exported from file shares.

Documents and their versions are exported from SharePoint Server 2013.

• Lists: If a list item was included in the eDiscovery query results, the complete list is exported as a comma-separated values (.csv) file.

• Pages: SharePoint pages, such as wiki pages or blogs, are exported as MIME HTML (.mht) files.

• Exchange objects: Items in an Exchange Server 2013 mailbox, such as tasks, calendar entries, contacts, email messages, and attachments, are exported as a .pst file.

• WebSites: Pages and Content• Lync Content: Providing Lync 2013 is setup to archive to

Exchange 2013

• Exported in Electronic Discovery Reference Model (EDRM) specification

1. Install the Exchange Server cert to the SharePoint Server(s)

2. Install the Exchange Api on all SharePoint 2013 Front End Servers

3. Configure Server to Server trust between SharePoint and Exchange using the Secure Token Service (STS)

4. Configure Server to Server trust between Exchange and SharePoint using STS

5. Add the SharePoint EDiscovery users to the Discovery Management group in Exchange

6. Add the SharePoint EDiscovery users to a read only Web Application Policy in SharePoint• Note – For Office 365 this is not possible so you

need to add them as site collections admins7. Create an EDiscovery Site Collection8. Create a Search Result Source in the EDiscovery Site

Collection to the Exchange Server9. If Discovering content on file Shares ensure the

EDiscovery officers have read access to the content (NTFS)

10.Ensure all Search Crawls have run11.Grant security to view crawl log to EDiscovery user

PowerShell or via Search Administration in CA 12.If you wish to include Lync content ensure you have

setup Lync to archive to Exchange.

Exchange Api & Server to Server TrustsExport Exchange Server trusted root certificate authority cert and import to SharePoint Server

C:\exchangeapi>msiexec /i EwsManagedApi.msi addlocal="ExchangeWebServicesApi_Feature,ExchangeWebServicesApi_Gac“

In SharePoint PowerShellnew-sptrustedsecuritytokenissuer -name exchange -metadataendpoint https://dcexch.combined.com/autodiscover/metadata/json/1$exchange=Get-SPTrustedSecurityTokenIssuer$app=Get-SPAppPrincipal -Site https://intranet.combined.com -NameIdentifier $exchange.NameId$site=Get-SPSite https://intranet.combined.comSet-SPAppPrincipalPermission -AppPrincipal $app –Site $site.RootWeb -Scope sitesubscription -Right fullcontrol –EnableAppOnlyPolicy

From Exchange Management Console[PS] C:\program files\microsoft\exchange server\v15\scripts>.\Configure-EnterprisePartnerApplication.ps1 -AuthMetadataUrl https://intranet.trainsbydave.com/_layouts/15/metadata/json/1 -ApplicationType SharePoint

Grant rights to Discovery Management group in Exchange 2013

Optional - Grant Web Application Policy if not site collection Administrator (On Prem only)

Create the EDiscovery Site Collection

https://dcexch.combined.com/ews/exchange.asmx

Or use AutoDiscover option

Configure the Result Source in the EDiscovery site collection

For On Prem you can use the following command or configure Read access to the logs via the Search Service App Administration page

Set-SPEnterpriseSearchCrawlLogReadPermission -SearchApplication (GetSPEnterpriseSearchServiceApplication) -UserNames "<eDiscoveryUsers>“

For Office 365 you must use the following PowerShell.

$ssa = Get-SPEnterpriseSearchServiceApplication$crawlLogPermission = Get-SPEnterpriseSearchCrawlLogReadPermission -SearchApplication $ssa –Tenant "00000000-0000-0000-0000-000000000001"Set-SPEnterpriseSearchCrawlLogReadPermission -Identity $crawlLogPermission -SearchApplication $ssa -UserNames "user1;user2” -Tenant "00000000-0000-0000-0000-000000000001"

Grant access to the crawl log for exporting

Reference Links

• http://technet.microsoft.com/en-us/library/fp161514(v=office.15).aspx

• http://technet.microsoft.com/en-us/library/fp161516(v=office.15).aspx

• http://technet.microsoft.com/en-us/library/fp161512(v=office.15).aspx

• http://technet.microsoft.com/en-us/library/jj219532(v=office.15).aspx

• http://technet.microsoft.com/en-us/library/jj683115(v=office.15).aspx

• http://technet.microsoft.com/en-us/library/jj219817(v=office.15).aspx

• http://technet.microsoft.com/en-us/library/jj218665(v=exchg.150)

THANK YOU