Teams Private Channel eDiscovery

5/5 - (2 votes)

Yesterday, I was asked about the eDiscovery process for Private Channels in Teams.

It’s a little bit hairy at the moment, so I’ve included some scripting and examples to help you out with it.

[shameless plug] I’ve adapted some of this content from one of my books, Deploying Microsoft 365 Teamwork: Exam MS-300 Guide.[/shameless plug]

Background

eDiscovery for Microsoft Teams (like other Office 365-based content) is done using the Security & Compliance center. The Security & Compliance center allows you to conduct content searches both within the boundary of an eDiscovery case as well as standalone content searches.

Unless you’ve been living under a rock, you probably know that a Microsoft Teams’ team is based on an Office 365 group (meaning it has a group mailbox and a SharePoint site, among other things). When performing searches for conversation data located in Microsoft Teams, you can normally just select the appropriate object in the Security & Compliance center search interface.

However, if you’re searching for SharePoint content, you’ll need to select the team’s SharePoint site as well.

About Private Channels

And then, there’s the whole thing about private channels.  Private channels have their own SharePoint site for file content, and messages posted in the General/Conversation channel gets stored in individual user mailboxes of the private channel members.

When searching for content that may be present in private channels, you’ll have to select both the private channel SharePoint URLs as well as the mailboxes of the private channel members.

Guest chats: To index and store the chats of guests, the Office 365 service provisions a phantom or shadow mailbox for external recipients. Conversation content for guests is stored in those mailboxes.

Locating the associated private channels for a Team will take a bit of PowerShell scripting—you’ll need both the Microsoft Teams and SharePoint Online PowerShell cmdlets.

In our example, we have created a Team called Project Rover and have created a private channel called Rover Private Channel, as shown here:

To locate the team members whose mailboxes we’ll need to include in eDiscovery or content search as well as the URL of the private channel, we’ll need to run several PowerShell commands.

Getting Started

As mentioned earlier, you’ll need both the Microsoft Teams PowerShell module and the SharePoint Online PowerShell module.  To install the Microsoft Teams PowerShell module, run Install-Module MicrosoftTeams from an elevated PowerShell prompt.

To install the SharePoint Online Management Shell, download and install it from https://www.microsoft.com/en-us/download/details.aspx?id=35588.

Once you have those modules installed, you’ll have to connect to Teams and SharePoint Online to get the information you need. I know this goes without saying for most folks, but use your own tenant name where tenant is present. Replace Team Name with the team name that you are trying to locate private channels for.

Connecting to PowerShell Interfaces

To connect to Microsoft Teams, use the following command from a PowerShell console:

Connect-MicrosoftTeams

To connect to SharePoint Online, use the following command from a PowerShell console:

Connect-SPOService -Url https://<tenant>-admin.sharepoint.com

Finding the Things You Need

Now that you’re connected to both Microsoft Teams PowerShell and SharePoint Online, you’ll need to find multiple things:

  • Private Channels for the Team in question
  • Members of each of the Private Channels
  • The associated SharePoint Online site for each of the Private Channels

Identifying Private Channel Users

To locate all of the private channel users whose mailboxes you would need to include in a content search or eDiscovery, follow these steps:

  1. Connect to Microsoft Teams using the Connect-MicrosoftTeams cmdlet (above).
  2. Locate the Team group object ID using the following command:
    $Team = Get-Team -DisplayName "Team Name"
  3. Locate the Team’s private channels using the following command:
    $Channels = Get-TeamChannel -GroupId $Team.GroupId | ? {$_.MembershipType -eq "Private"} 
  4. Locate the Team’s private channel users with the following command:
    $Users = ($Channels | %{ Get-TeamChannelUser -GroupId $Team.GroupId -DisplayName $_.DisplayName}).User | Sort -Unique

The list of users whose mailboxes you need to search will be saved in the $Users variable.  You can list them by just typing $Users at the PowerShell prompt:

Identifying Private Channel SharePoint Sites

Next, you need to find the locate the SharePoint Online Sites associated with a Team. You’ll also need to
use the SharePoint Online PowerShell:

  1. Connect to SharePoint Online using the Connect-SpoService cmdlet.  The syntax is (replacing <tenant> with your tenant name:
    Connect-SPOService -Url https://<tenant>-admin.sharepoint.com
  2. Locate all of the site collections that were using the private channel template using the following command:
    $Sites = Get-SPOSite -Template "TEAMCHANNEL#0" -Limit All

    Note: This returns all of the sites in the entire tenant using that template.  You can only retrieve the necessary properties using the -Limit All parameter (using any -Filter parameters will cause the required properties to not be captured).

  3. Loop through all of the returned sites to match the RelatedGroupId property to the Team GroupId with this snazzy bit of  PowerShell:
    [array]$PrivateChannelSites = @()
    Foreach ($Site in $Sites)
       {
       $Temp = Get-SPOSite -Identity $Site.Url -Detailed
       If ($Temp.RelatedGroupId -eq $Team.GroupId) { $PrivateChannelSites += $Temp }
       }
    $PrivateChannelSites | Select Url

After running the above code, the console will display the SharePoint Online site URLs for the private channels associated with the sites, as shown here: Once you have located both the additional user mailboxes and SharePoint Sites associated with any private channels for a Team, you can add them to your eDiscovery or Content Search like you would any mailbox or specific SharePoint site URL.

Hopefully you can do what U2 couldn’t and find what you’re looking for.

author avatar
Aaron Guilmette
Helping companies conquer inferior technology since 1997. I spend my time developing and implementing technology solutions so people can spend less time with technology. Specialties: Active Directory and Exchange consulting and deployment, Virtualization, Disaster Recovery, Office 365, datacenter migration/consolidation, cheese.

3 Replies to “Teams Private Channel eDiscovery”

Comments are closed.