When your organization faces a compliance review, you need to produce specific files from OneDrive for Business quickly and accurately. Compliance reviews can involve legal discovery, audit requests, or internal investigations. The challenge is that OneDrive stores personal and shared files in a user’s own library, which standard search tools may not cover. This article explains how to locate, preserve, and export OneDrive files using Microsoft 365 compliance features, including eDiscovery and retention policies.
Key Takeaways: Preparing OneDrive Files for Compliance Review
- Microsoft Purview compliance portal > eDiscovery > Cases: Create a case to search, hold, and export OneDrive files across selected user accounts.
- eDiscovery search query syntax (e.g., site:https://tenant-my.sharepoint.com/personal/user_domain_com): Targets specific OneDrive sites to find files by keywords, date ranges, or file types.
- Microsoft 365 admin center > Users > Active users > OneDrive settings: Get the OneDrive URL for each user to include in eDiscovery searches.
What Is a Compliance Review for OneDrive Files?
A compliance review is a formal process where an organization must demonstrate that its data handling meets regulatory, legal, or internal policy requirements. For OneDrive, this means producing specific files stored in user libraries, such as emails, documents, or spreadsheets, that are relevant to an audit or litigation. Unlike shared team sites, OneDrive files are personal and not indexed by default in SharePoint search unless explicitly included.
To prepare OneDrive files, you need to use the Microsoft Purview compliance portal, which provides tools like eDiscovery (Standard) or eDiscovery (Premium). These tools allow you to search across OneDrive sites, place files on legal hold to prevent deletion or modification, and export them for review. Prerequisites include having the eDiscovery Manager role assigned in the Microsoft Purview compliance portal and having access to the user’s OneDrive URL.
The process involves three main steps: locating the user’s OneDrive site, creating an eDiscovery case, and exporting the results. You can also apply retention policies to automatically preserve files before a review begins. This article focuses on the manual preparation method for a specific review request.
Steps to Prepare OneDrive Files for a Compliance Review
Step 1: Get the User’s OneDrive URL
- Open the Microsoft 365 admin center
Go to admin.microsoft.com and sign in with an account that has Global Admin or SharePoint Admin privileges. - Navigate to the user’s profile
Select Users > Active users, then click the user whose OneDrive files you need. In the user details pane, click the OneDrive tab. - Copy the OneDrive URL
Under “OneDrive settings,” you will see a link likehttps://tenant-my.sharepoint.com/personal/user_domain_com. Copy this URL. If the link is missing, the user may not have a OneDrive site created yet, or their license does not include OneDrive.
Step 2: Create an eDiscovery Case
- Open the Microsoft Purview compliance portal
Go to compliance.microsoft.com and sign in with an account that has the eDiscovery Manager role. - Create a new case
Select eDiscovery > Cases, then click Create a case. Give the case a name, such as “Q3 Audit – User OneDrive Files,” and add an optional description. Click Save. - Open the case
After creation, click the case name to open it. You will see tabs for Holds, Searches, and Exports.
Step 3: Create a Search to Find OneDrive Files
- Start a new search
Inside your eDiscovery case, click the Searches tab, then click New search. - Name the search
Enter a name like “User OneDrive – All Files” and click Next. - Specify the locations
On the “Locations” page, toggle Exchange mailboxes and SharePoint sites to On. Under “SharePoint sites,” click Choose sites, then paste the user’s OneDrive URL you copied earlier. Click Add, then Done. - Define search conditions (optional)
On the “Conditions” page, you can filter by keywords, date range, or file type. For example, to find all documents modified in the last 90 days, add a condition: Date (last modified) – Within 90 days. Click Next. - Review and submit
Review your search settings and click Submit. The search will run and show results in the Searches tab.
Step 4: Place a Legal Hold on the Files
- Go to the Holds tab
In your eDiscovery case, click the Holds tab, then click Create. - Name the hold
Enter a name like “User OneDrive – Legal Hold” and click Next. - Select the same locations
On the “Locations” page, toggle Exchange mailboxes and SharePoint sites to On. Under “SharePoint sites,” click Choose sites, paste the user’s OneDrive URL, and click Add. Click Done. - Set hold duration
On the “Conditions” page, you can optionally set a date range. If you want to hold all content indefinitely, leave the date fields blank. Click Next, then Submit. The hold prevents files from being deleted or modified until the hold is released.
Step 5: Export the OneDrive Files
- Open the search results
In the Searches tab, click the search you created. In the search details pane, click Export. - Choose export settings
Select the export format. For compliance reviews, choose All items in an unzipped folder to get native file formats (e.g., .docx, .xlsx). Click Next. - Start the export
Click Export. The system will prepare the files. This may take several minutes depending on file count and size. - Download the export
When the export is ready, click Download results. A .zip file containing a folder structure with the files and a results.csv manifest will be downloaded. Extract the files to a secure location for review.
Common Issues When Preparing OneDrive Files for Compliance Review
The OneDrive URL does not appear in the admin center
This can happen if the user has never signed in to OneDrive or if their license does not include OneDrive. To fix this, ask the user to go to portal.office.com and click the OneDrive app icon. If the user is licensed, the site will be provisioned within a few minutes. After that, the URL will appear in the admin center.
eDiscovery search returns zero results
Check that the OneDrive URL you entered is correct. The URL format is case-sensitive. Also verify that the user has files stored in their OneDrive, not just shared files from other sites. If the user has not uploaded any files, the search will return zero results. Use a broader search query without conditions to confirm the site is accessible.
Legal hold fails to apply
The eDiscovery Manager role must be assigned to you. Additionally, the user’s OneDrive site must be indexed. If indexing is incomplete, the hold may not apply to all files. Wait 24 hours after the user first signs in to OneDrive for indexing to complete. You can also check the site’s crawl status in the SharePoint admin center under More features > Search > Crawl log.
OneDrive File Preparation Methods: Manual vs Automated
| Item | Manual eDiscovery Case | Automated Retention Policy |
|---|---|---|
| Setup effort | Requires creating a case, search, and hold per user | One-time policy creation for all users |
| Scope | Specific users and date ranges | All OneDrive sites in the tenant |
| Flexibility | High – can target exact files | Low – applies to all content |
| Export format | Native files with metadata | Not applicable – retention only preserves |
| Best for | Ad-hoc legal discovery or audits | Ongoing compliance to prevent deletion |
You can now prepare OneDrive files for a compliance review using eDiscovery cases, holds, and exports. Start by verifying the user’s OneDrive URL and creating a targeted search. For ongoing compliance, consider setting up a retention policy in the Microsoft Purview compliance portal under Policies > Data lifecycle management > Retention policies to automatically preserve all OneDrive files. A practical tip: use the Copy to clipboard button in the eDiscovery search results to quickly share a list of file paths with the review team.