3What Can you Discover and Export ? Documents: Documents are exported from file shares. Documents and their versions are exported from SharePoint Server 2013.Lists: If a list item was included in the eDiscovery query results, the complete list is exported as a comma-separated values (.csv) file.Pages: SharePoint pages, such as wiki pages or blogs, are exported as MIME HTML (.mht) files.Exchange objects: Items in an Exchange Server 2013 mailbox, such as tasks, calendar entries, contacts, messages, and attachments, are exported as a .pst file.WebSites: Pages and ContentLync Content: Providing Lync 2013 is setup to archive to Exchange 2013Exported in Electronic Discovery Reference Model (EDRM) specification
4Install the Exchange Server cert to the SharePoint Server(s) Install the Exchange Api on all SharePoint 2013 Front End ServersConfigure Server to Server trust between SharePoint and Exchange using the Secure Token Service (STS)Configure Server to Server trust between Exchange and SharePoint using STSAdd the SharePoint EDiscovery users to the Discovery Management group in ExchangeAdd the SharePoint EDiscovery users to a read only Web Application Policy in SharePointNote – For Office 365 this is not possible so you need to add them as site collections adminsCreate an EDiscovery Site CollectionCreate a Search Result Source in the EDiscovery Site Collection to the Exchange ServerIf Discovering content on file Shares ensure the EDiscovery officers have read access to the content (NTFS)Ensure all Search Crawls have runGrant security to view crawl log to EDiscovery user PowerShell or via Search Administration in CAIf you wish to include Lync content ensure you have setup Lync to archive to Exchange.
5Exchange Api & Server to Server Trusts Export Exchange Server trusted root certificate authority cert and import to SharePoint Server C:\exchangeapi>msiexec /i EwsManagedApi.msi addlocal="ExchangeWebServicesApi_Feature,ExchangeWebServicesApi_Gac“ In SharePoint PowerShell new-sptrustedsecuritytokenissuer -name exchange -metadataendpoint https://dcexch.combined.com/autodiscover/metadata/json/1 $exchange=Get-SPTrustedSecurityTokenIssuer $app=Get-SPAppPrincipal -Site https://intranet.combined.com -NameIdentifier $exchange.NameId $site=Get-SPSite https://intranet.combined.com Set-SPAppPrincipalPermission -AppPrincipal $app –Site $site.RootWeb -Scope sitesubscription -Right fullcontrol –EnableAppOnlyPolicy From Exchange Management Console [PS] C:\program files\microsoft\exchange server\v15\scripts> .\Configure-EnterprisePartnerApplication.ps1 -AuthMetadataUrl https://intranet.trainsbydave.com/_layouts/15/metadata/json/1 -ApplicationType SharePoint
6Grant rights to Discovery Management group in Exchange 2013
7Optional - Grant Web Application Policy if not site collection Administrator (On Prem only)
9Configure the Result Source in the EDiscovery site collection https://dcexch.combined.com/ews/exchange.asmxOr use AutoDiscover option
10Grant access to the crawl log for exporting For On Prem you can use the following command or configure Read access to the logs via the Search Service App Administration pageSet-SPEnterpriseSearchCrawlLogReadPermission -SearchApplication (GetSPEnterpriseSearchServiceApplication) -UserNames "<eDiscoveryUsers>“For Office 365 you must use the following PowerShell.$ssa = Get-SPEnterpriseSearchServiceApplication$crawlLogPermission = Get-SPEnterpriseSearchCrawlLogReadPermission -SearchApplication $ssa –Tenant " "Set-SPEnterpriseSearchCrawlLogReadPermission -Identity $crawlLogPermission -SearchApplication $ssa -UserNames "user1;user2” -Tenant " "