When your organization places a legal hold on a user, the held data in OneDrive must remain preserved and accessible to authorized reviewers such as legal counsel or compliance officers. By default, OneDrive files are private to the account owner, so reviewers cannot see them without explicit permission. This article explains how to grant access to OneDrive files under legal hold using the Microsoft 365 admin center, Microsoft Purview eDiscovery, and direct sharing methods. You will learn the exact steps to assign permissions, create an eDiscovery case, and avoid common access issues.
Key Takeaways: Granting Legal Hold Reviewers Access to OneDrive
- Microsoft Purview compliance portal > eDiscovery > Cases: Create a case and add custodians to hold and review OneDrive content without changing source permissions.
- OneDrive admin center > User > Access: Directly assign a reviewer as a site collection administrator for a specific user’s OneDrive.
- SharePoint admin center > Active sites > OneDrive URL > Permissions: Add reviewers to the site members group for full read or write access to the held files.
Understanding Legal Hold Access to OneDrive Files
Legal hold, also called litigation hold, preserves all content in a user’s OneDrive when the organization has a legal or regulatory obligation to retain data. Once a hold is placed, the original user may still access their files, but the data cannot be deleted or altered by automated policies. Reviewers, such as attorneys or compliance auditors, need to view those files without interfering with the hold or the user’s normal work.
There are two primary ways to give reviewers access. The first method uses Microsoft Purview eDiscovery, which creates a separate review environment where files are copied and made searchable. The second method involves directly assigning permissions to the reviewer on the target OneDrive site. Each approach has different implications for security, auditability, and ease of use.
Before granting access, confirm that the target user’s OneDrive is under a legal hold. You can verify this in the Microsoft 365 admin center or through the Purview compliance portal. Also ensure the reviewer has a Microsoft 365 license that includes the necessary services. Reviewers assigned through eDiscovery require an appropriate eDiscovery permissions role, while direct site access requires the reviewer to have a SharePoint Online license.
Method 1: Grant Access Using Microsoft Purview eDiscovery
This method is the recommended approach for legal hold situations because it preserves the original data, provides a full audit trail, and allows reviewers to search, tag, and export files without affecting the source. You must have eDiscovery Manager or eDiscovery Administrator permissions to create and manage cases.
- Open the Microsoft Purview compliance portal
Go to compliance.microsoft.com and sign in with an account that has eDiscovery Manager or Administrator role. In the left navigation, select eDiscovery and then Standard or Premium depending on your license. - Create a new case
Click Create a case. Enter a name for the case, such as “Legal Hold Review – User Name,” and provide an optional description and number. Click Save. - Add the user as a custodian
Inside the case, go to the Custodians tab. Click Add custodian, search for the user whose OneDrive is on hold, and select them. The system will automatically identify the user’s OneDrive site and Exchange mailbox. Click Next and then Submit. - Place the custodian on hold
After the custodian is added, select their name and click Place on hold. Confirm the hold settings. This ensures the OneDrive content is preserved and accessible for review. - Add reviewers to the case
Go to the Permissions tab of the case. Click Add member. Search for the reviewer’s email address and select the appropriate permission level. For read-only access, choose Reviewer. For full control including export, choose Manager. Click Add. - Review the OneDrive files
Reviewers can now sign in to the Purview portal, open the case, and go to the Review set or Search tab. They can search across the custodian’s OneDrive, preview files, and export them as needed. No direct access to the user’s OneDrive site is required.
Method 2: Grant Direct Site Access to OneDrive
If you need to give a reviewer direct access to the user’s OneDrive site without using eDiscovery, you can assign the reviewer as a site collection administrator or add them to the site members group. This method is simpler but does not provide the same level of audit and search capabilities. Use it only when the reviewer needs to browse the live OneDrive site.
Option A: Assign as Site Collection Administrator
- Open the Microsoft 365 admin center
Go to admin.microsoft.com and sign in as a global or SharePoint admin. - Navigate to the user’s OneDrive
In the left navigation, select Users > Active users. Find the user whose OneDrive is on hold. Click their name to open the details panel, then select the OneDrive tab. Click Create link to files or note the OneDrive URL shown. - Open the OneDrive site in SharePoint admin center
Go to SharePoint in the admin center, then select Active sites. Search for the user’s OneDrive URL. Click the site name to open its settings. - Add the reviewer as a site collection admin
In the site settings, go to Permissions > Site collection administrators. Click Add, enter the reviewer’s email address, and click OK. The reviewer now has full administrative access to the OneDrive site.
Option B: Add to Site Members Group
- Access the OneDrive site directly
Open the user’s OneDrive URL in a browser. You must already have at least read access to the site to change permissions. - Open site permissions
Click the gear icon (Settings) and select Site permissions. Then click Add members. - Add the reviewer
In the panel, type the reviewer’s email address. By default, they will be added as Members, which gives read and write access. For read-only access, change the permission level to Visitors. Click Add.
Common Issues When Granting Legal Hold Access
Reviewer cannot see the OneDrive site in eDiscovery
If the reviewer does not see the case or the custodian’s data, verify they have been added as a member of the eDiscovery case with the correct role. Also confirm the custodian was placed on hold. If the hold was not applied, the reviewer will see only the current state of the files, not the preserved version.
Reviewer gets a “permission denied” error when accessing the site directly
The reviewer must have a SharePoint Online license assigned. Even if they are added as a site collection admin, the license is required to access the site. Also ensure the OneDrive site URL is correct. If the user’s OneDrive was deleted and recreated, the URL may have changed.
Legal hold files are missing or incomplete
If the legal hold was not applied before the user attempted to delete files, those files may be permanently gone. The hold only preserves content that exists at the time the hold is placed. Always apply the hold as early as possible. For eDiscovery, use the Place on hold step before the user makes changes.
eDiscovery Case Access vs Direct Site Access: Key Differences
| Item | eDiscovery Case Access | Direct Site Access |
|---|---|---|
| Setup location | Microsoft Purview compliance portal | Microsoft 365 admin center or OneDrive site |
| Required permissions | eDiscovery Manager or Administrator | Global admin or SharePoint admin |
| Audit trail | Full audit of all reviewer actions | Limited to SharePoint audit logs |
| Search capabilities | Keyword, date range, and file type filters | Only basic folder navigation |
| Impact on source data | Read-only copy in review set | Direct changes possible if member permission |
Granting legal hold reviewers access to OneDrive files is a controlled process that depends on your organization’s compliance requirements. The eDiscovery method provides the strongest safeguards for legal preservation, while direct site access offers faster setup for simple review tasks. Before assigning any access, verify that the legal hold is active and that all reviewers have the necessary licenses and roles. If you need to revoke access later, remove the reviewer from the eDiscovery case or delete their site permission entry in the SharePoint admin center.