Microsoft 365: Microsoft Purview – How to access the content of Content explorer by assigning the required roles to the user – Data Governance 

by ·

If you have knowledge, let others light their candles in it. 

Hello Everyone, 

Hope you all are doing well. 

Today I am going to discuss about how to access Content explorer by assigning the required roles to the user using Microsoft Purview compliance portal

If you want to know about Microsoft Purview, then you can read the previous article link for following is given below – https://knowledge-junction.in/2023/05/11/microsoft-365-exploring-microsoft-purview-introduction-simplifying-concepts-study-material-for-exam-sc-900-microsoft-security-compliance-and-identity-fundamentals/

Key takeaways from this article

At the end of this article we will understand

  • We will understand about Content explorer in Microsoft Purview
  • Licenses requirement to access the Content explorer in Microsoft Purview
  • Roles/Permission for performing the operation on Microsoft Purview Content explorer
  • Understand how to assign the role group to specific users.
  • We will also understand about how to use Content explorer.

Content explorer

Microsoft Purview Content explorer
Fig. Microsoft Purview Content explorer
  • The Content explorer is a tab in the compliance center’s data categorization pane. It gives administrators access to the source content that’s currently stored in SharePoint, OneDrive, Teams and Exchange in the overview pane that has been summarised
  • The Content explorer brings together Sensitivity labels, Retention labels, Trainable Classifiers and Sensitive info types in one overview.  
  • Content explorer tab takes us into the purview root encompassing Exchange, OneDrive, SharePoint, and Teams
  • Content explorer can even open the relevant document and view its metadata. So that we can check if the classification is correct or not  
  • It enables your compliance, security and privacy officers to get a quick but comprehensive insight into the (sensitive) data in Office 365. 

Licenses requirement for accessing the Content explorer in Microsoft Purview

  • Office 365 E5
  • Microsoft 365 E5
  • Microsoft 365 E5 with Advanced Compliance E5 add-on
  • Microsoft 365 E5 with Advanced Threat Intelligence E5 add-on

Roles / Permissions for to get access to the Content explorer

  • Global administrator
  • Compliance administrator
  • Security administrator
  • Compliance data administrator

The two roles that grant access to Content explorer, and it is granted using the Microsoft Purview compliance portal: 

  • Content explorer List Viewer: This role group allows you to see each item and its location in list view. The data classification list viewer role has been pre-assigned to this role group. 
  • Content explorer Content Viewer: This role group allows you to view the contents of each item in the list. The data classification content viewer role has been pre-assigned to this role group.

To access the Content explorer can be done in one or both role group 

For example

  • If you want to grant an account the ability to view the items and their locations only, grant Content explorer List Viewer rights.  .
  • If you want that same account to view the items in the list, grant Content explorer Viewer rights too.

Problem to be solve

  • You will need to have the correct permissions for this explorer to work.  
  • Microsoft added two new roles for this: Content explorer List Viewer and Content explorer Content Viewer.  
  • The names make it quite easy to understand the roles.  
  • A global admin is one of the roles which can assign these specific roles. 
  • As shown in the figure below we can see that it asked us to have the required permissions to access the Content explorer. 
Permission required to access the Microsoft Purview Content explorer
Fig. Permission required to access the Microsoft Purview Content explorer

Why do we require permission to access items in Content explorer? 

Access to Content explorer is highly restricted because it lets you read the contents of scanned files.

Let get started and see how we can assign the roles groups to specific user

We have the detailed article for navigate to Microsoft Purview compliance portal– Microsoft 365 – Navigate to Microsoft Purview compliance portal – https://knowledge-junction.in/2023/05/04/small-tricks-and-tips-microsoft-365-administration-microsoft-purview-portal-how-to-navigate/

Before getting started make sure that current user is a Global administrator

Microsoft Purview compliance Portal
Fig. Viewing the Microsoft Purview compliance Portal
  • Drag down the Roles & Scopes option and go to Permissions
Select the permission option from Roles & Scope.
Fig. Select the permission option from Roles & Scope.
  • Expand the Microsoft Purview solutions section and select Roles.
Create role group
Fig. Selecting the Create role group
  • On the Role groups for Microsoft Purview solutions page, select Create role group
Giving the name and description for the custom role group
Fig. Giving the name and description for the custom role group 
  • On the Name the role group page, enter a name for the custom role group in the Name field. The name of the role group can’t be changed after creation of the role group. If needed, enter a description for the custom role group in the Description field.
  • Select Next to continue
Selecting the roles for role group 
Fig. Selecting the roles for role group 
  • On the Add roles to the role group page, select Choose roles.
  • Select the checkboxes for the roles to add to the custom role group. Select Select
  • Select Next to continue. 
Adding members to the role group 
Fig. Adding members to the role group 
  • On the Add members to the role group page, select Choose users (or Choose groups if applicable). 
  • Select Next.
Reviewing the details for the custom role group
Fig. Reviewing the details for the custom role group
  • On the Review the role group and finish page, review the details for the custom role group. If you need to edit the information.
  • Select Edit in the appropriate section. When all the settings are correct, select Create to create the custom role group or select Cancel to discard the changes and not create the custom role group.
Successfully created a role group
Fig. Successfully created a role group 
View the custom role group
Fig. View the custom role group which is created  
  • Check whether Custom Role group is created, and user is assigned to that role. 
  • As Shown in above figure it shows our created role and users assign to it.

How to use Content explorer

  • Open Microsoft Purview compliance portal > Data classification > Content explorer
Content explorer from Data classification
Fig. Select the Content explorer from Data classification
  • If you know the name of the label, or the sensitive information type, you can type that into the filter box.
Click on the label type to view the label
Fig. Click on the label type to view the label
  • Alternately, you can browse for the item by expanding the label type and selecting the label from the list. 
Click on the location under All locations
Fig. Click on the location under All locations
  • Select a location under All locations and drill down the folder structure to the item. 
Double click on the folder to view the lists of documents
Fig. Double click on the folder to view the lists of documents
  • Double-click to open the item natively in content explorer. 
click on the document to view the content
Fig. click on the document to view the content
  • Select the document to view the content of that document.

I hope this article will help you to know about how to assign the roles groups to specific users for accessing the content in the Content explorer. 

Have a wonderful day. 

Thanks for reading. 

Tags:

You may also like...

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: