Tenant Exchange Administrators who visit the Quarantine Security Portal (https://security.microsoft.com/quarantine) need to be a Quarantine Administrator to perform Quarantine operations in the portal.
When this will happen
Starting early February 2023, we will stop honoring the execution of Quarantine operations by Exchange Administrators who are not Quarantine Administrators, Security Administrators or Global Administrators in the security portal
We will first provision a Quarantine Admin role for all Exchange Administrators who have performed Quarantine operations in the past on the security portal. This will allow those Exchange Admins to continue executing Quarantine operations successfully in the security portal in early to late January 2023.
How this will affect your organization
Exchange Admins were able to perform Quarantine operations (such as release, delete, download, preview of quarantined messages) in the security portal on behalf of users in their organization without being in the Quarantine Administrator role. With this change, Exchange Administrators will also need to be assigned a Quarantine Administrators to perform these Quarantine operations.
What you need to do to prepare
Admins should update their organization roles as they see fit and update and relevant training documentation.
- Manage Quarantined Messages and Files as an Admin in EOP
- Permissions in the Microsoft 365 Defender Portal
Message ID: MC447339
Action required by: 2023-01-06
Platform: Online, World tenant