Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Access and permission settings in Data Security Investigations allow you to add or remove users to an investigation, manage role group membership for an investigation, and to people outside your organization as guest users for an investigation.
Add or remove users from an investigation
You can add or remove users to manage who can access the investigation. However, before a user can access an investigation (and perform tasks in the investigation), you must add the user to the Data Security Investigations Manager role group in the Microsoft Purview portal. For more information, see Assign Data Security Investigations (preview) permissions.
Adding users to an investigation
Complete the following steps to add users to an investigation:
Go to the Microsoft Purview portal and sign in using the credentials for a user account assigned Data Security Investigations (preview) permissions.
Select the Data Security Investigations (preview) solution card and then select Investigations in the left nav.
Select an investigation, the select Investigations settings.
On the Investigation settings page, select Permissions.
Under Users, select Add to add users to the investigation. You can also choose to add a role group to the investigation by selecting Add under Role groups.
In the list of users or role groups that can be added to the investigation, select the check box next to the names of the users or role groups that you want to add.
Note
When adding a role group to an investigation, you can only add the role groups that you're a member of.
After selecting the people or role groups to add as members of the investigation, select Add. The selected users are added to the investigation.
Important
If a role is added or removed from a role group that you added as a member of an investigation, then the role group is automatically removed as a member of the investigation (or any investigation the role group is a member of). The reason for this process is to protect your organization from inadvertently providing additional permissions to members of an investigation. If a role group is deleted, it's removed from all investigations it's a member of. For more information, see Assign Data Security Investigations (preview) permissions.
Removing users from an investigation
Only an Data Security Investigations Administrator can remove users from an investigation. Even if you're assigned to the Data Security Investigations Manager role group or initially created the investigation, you aren't able to remove yourself or other members from an investigation unless you're also a Data Security Investigations Administrator. To remove yourself or other members from an investigation, contact a Data Security Investigations Administrator in your organization.
Complete the following steps to remove users from an investigation:
- Go to the Microsoft Purview portal and sign in using the credentials for a user account assigned Data Security Investigations (preview) permissions.
- Select the Data Security Investigations (preview) solution card and then select Investigations in the left nav.
- Select an investigation, the select Investigation settings.
- On the Investigation settings page, select Permissions.
- Under Users, select Remove to remove users from the investigation. You can also remove users from a role group for the investigation by selecting Remove under Role groups.
- In the list of users or role groups that can be removed from the investigation, select the check box next to the names of the users or role groups that you want to remove.
- After selecting the people or role groups to add as members of the investigation, select Remove. The selected users are removed from the investigation.