forked from 12Knocksinna/Office365itpros
-
Notifications
You must be signed in to change notification settings - Fork 0
/
SPOSitesRetention.ps1
59 lines (57 loc) · 3.46 KB
/
SPOSitesRetention.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# A script to display details of the retention policies applying to SharePoint and OneDrive for Business sites in an Office 365 tenant.
# Uses the Security and Compliance Center PowerShell module
$Report = @()
# Fetch a set of retention policies that apply to SharePoint and aren't to publish labels
$Policies = (Get-RetentionCompliancePolicy -ExcludeTeamsPolicy -DistributionDetail -RetentionRuleTypes | ? {$_.SharePointLocation -ne $Null -and $_.RetentionRuleTypes -ne "Publish"})
ForEach ($P in $Policies) {
$Duration = $Null
Write-Host "Processing retention policy" $P.Name
$Rule = Get-RetentionComplianceRule -Policy $P.Name
$Settings = "Simple"
$Duration = $Rule.RetentionDuration
# Check whether a rule is for advanced settings - either a KQL query or sensitive data types
If (-not [string]::IsNullOrWhiteSpace($Rule.ContentMatchQuery) -and -not [string]::IsNullOrWhiteSpace($Rule.ContentMatchQuery)) {
$Settings = "Advanced/KQL" }
Elseif (-not [string]::IsNullOrWhiteSpace($Rule.ContentContainsSensitiveInformation) -and -not [string]::IsNullOrEmpty($Rule.ContentContainsSensitiveInformation)) {
$Settings = "Advanced/Sensitive Data" }
# Handle retention policy that simply retains and doesn't do anything else
If ($Rule.RetentionDuration -eq $Null -and $Rule.ApplyComplianceTag -ne $Null) {
$Duration = (Get-ComplianceTag -Identity $Rule.ApplyComplianceTag | Select -Expandproperty RetentionDuration) }
$RetentionAction = $Rule.RetentionComplianceAction
If ([string]::IsNullOrEmpty($RetentionAction)) {
$RetentionAction = "Retain" }
If ($P.SharePointLocation.Name -eq "All") {
$ReportLine = [PSCustomObject][Ordered]@{
PolicyName = $P.Name
SiteName = "All SharePoint Sites"
SiteURL = "All SharePoint Sites"
RetentionTime = $Rule.RetentionDurationDisplayHint
RetentionDuration = $Duration
RetentionAction = $RetentionAction
Settings = $Settings}
$Report += $ReportLine }
If ($P.SharePointLocationException -ne $Null) {
$Locations = ($P | Select -ExpandProperty SharePointLocationException)
ForEach ($L in $Locations) {
$Exception = "*Exclude* " + $L.DisplayName
$ReportLine = [PSCustomObject][Ordered]@{
PolicyName = $P.Name
SiteName = $Exception
SiteURL = $L.Name }
$Report += $ReportLine }
}
ElseIf ($P.SharePointLocation.Name -ne "All") {
$Locations = ($P | Select -ExpandProperty SharePointLocation)
ForEach ($L in $Locations) {
$ReportLine = [PSCustomObject][Ordered]@{
PolicyName = $P.Name
SiteName = $L.DisplayName
SiteURL = $L.Name
RetentionTime = $Rule.RetentionDurationDisplayHint
RetentionDuration = $Duration
RetentionAction = $RetentionAction
Settings = $Settings}
$Report += $ReportLine }
}
}
$Report | Sort SiteName| Format-Table PolicyName, SiteName, RetentionDuration, RetentionAction, Settings -AutoSize