MC1131771: Microsoft Purview | eDiscovery cmdlet connectivity change

Introduction

As part of Microsoft’s ongoing Secure Future Initiative (SFI) (SFI), Microsoft Purview is enhancing protections for cmdlets that connect to other Microsoft 365 services such as SharePoint and Exchange. Starting August 31, 2025, a new connection parameter will be required when using Security & Compliance PowerShell to run specific eDiscovery-related cmdlets.

When this will happen

This change will take effect on August 31, 2025.

How this affects your organization

To maintain functionality and align with modern authentication standards, customers must use Exchange Online PowerShell v3.9.0 and later and include the -EnableSearchOnlySession parameter when running Connect-IPPSSession to execute the following cmdlets:

• New-ComplianceSearchAction
• New-CaseHoldPolicy, Set-CaseHoldPolicy, Remove-CaseHoldPolicy
• New-CaseHoldRule, Set-CaseHoldRule, Remove-CaseHoldRule
• New-ComplianceSecurityFilter, Set-ComplianceSecurityFilter, Get-ComplianceSecurityFilter, Remove-ComplianceSecurityFilter

This change does not impact users accessing eDiscovery through the Purview portal. These cmdlets also remain incompatible with Certificate-Based Authentication (CBA).

You are receiving this message because one or more users in your organization are actively using these eDiscovery features.

What you can do to prepare

• Update scripts and workflows to include the -EnableSearchOnlySession parameter when connecting to Security & Compliance PowerShell.
• Ensure your organization is using Exchange Online PowerShell version 3.9.0 or later.
• For more information, visit: Learn about eDiscovery solutions in Microsoft Purview

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.