check before: 2026-04-30
Product:
Exchange, Purview, Purview Communication Compliance, SharePoint
Platform:
Online, World tenant
Status:
Change type:
Admin impact, Feature update, Updated message
Links:
Details:
Summary:
Starting April 30, 2026, admins using Data Lifecycle Management cmdlets must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession for improved security. This change affects specific cmdlets but not portal users. Update scripts accordingly.
Details:
Updated May 18, 2026: We have updated the content. Thank you for your patience.
Introduction
Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting April 30, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets.
When this will happen:
Enforcement begins April 30, 2026.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2026-01-06
updated:
2026-05-19
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
PowerShell Cmdlet Compatibility
Admins must use Exchange Online PowerShell v3.9.0 or later, which may lead to script failures if not updated, causing delays in compliance tasks.
- roles: IT Admin, Compliance Officer
- references: https://learn.microsoft.com/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps
Script Execution Errors
Failure to include the -EnableSearchOnlySession parameter may result in execution errors for Data Lifecycle Management cmdlets, impacting data management processes.
- roles: IT Admin, Data Manager
- references: https://learn.microsoft.com/powershell/module/exchangepowershell/connect-ippsession?view=exchange-ps
Increased Security Risks
Without proper updates to scripts, there may be security vulnerabilities due to outdated cmdlet usage, potentially exposing sensitive data.
- roles: IT Admin, Security Officer
- references: https://learn.microsoft.com/microsoft-365/compliance/data-lifecycle-management
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
XXXXXXX ... free basic plan only
Potentional Risks**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
Hypothetical Work Council Statement**
XXXXXXX ... paid membership only
DPIA Draft**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2026-05-19 | MC Messages | Updated April 20, 2026: We have updated the timeline. Thank you for your patience.
Introduction Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting April 30, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets. When this will happen: Enforcement begins April 30, 2026. | Updated May 18, 2026: We have updated the content. Thank you for your patience.
Introduction Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting April 30, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets. When this will happen: Enforcement begins April 30, 2026. |
| 2026-05-19 | MC How Affect | Who is affected: Admins using Data Lifecycle Management cmdlets in Security & Compliance PowerShell.
What will happen: You must use Exchange Online PowerShell v3.9.0 or later. You must include the -EnableSearchOnlySession parameter when running Connect-IPPSession. This applies to the following cmdlets: New-RetentionCompliancePolicy Set-RetentionCompliancePolicy New-RetentionComplianceRule Set-RetentionComplianceRule New-ComplianceTag Set-ComplianceTag Remove-ComplianceTag New-ComplianceRetentionEvent Set- ComplianceRetentionEvent Remove- ComplianceRetentionEvent New-ComplianceRetentionEventType Set-ComplianceRetentionEventType Remove- ComplianceRetentionEventType No impact for users accessing Data Lifecycle Management through the Purview portal. Cmdlets remain incompatible with Certificate-Based Authentication (CBA). What you can do to prepare: Update scripts and workflows to include the -EnableSearchOnlySession parameter. Ensure your organization is using Exchange Online PowerShell version 3.9.0 or later. For more information, visit: Learn about Data Lifecycle Management solutions in Microsoft Purview. Compliance considerations: No compliance considerations identified, review as appropriate for your organization. | Who is affected: Admins using Data Lifecycle Management cmdlets in Security & Compliance PowerShell.
What will happen: You must use Exchange Online PowerShell v3.9.0 or later. You must include the -EnableSearchOnlySession parameter when running Connect-IPPSession. This applies to the following cmdlets: New-RetentionCompliancePolicy Set-RetentionCompliancePolicy New-RetentionComplianceRule Set-RetentionComplianceRule New-ComplianceTag Set-ComplianceTag Remove-ComplianceTag New-ComplianceRetentionEvent Set- ComplianceRetentionEvent Remove- ComplianceRetentionEvent New-ComplianceRetentionEventType Set-ComplianceRetentionEventType Remove- ComplianceRetentionEventType No impact for users accessing Data Lifecycle Management through the Purview portal. What you can do to prepare: Update scripts and workflows to include the -EnableSearchOnlySession parameter. Ensure your organization is using Exchange Online PowerShell version 3.9.0 or later. For more information, visit: Learn about Data Lifecycle Management solutions in Microsoft Purview. Compliance considerations: No compliance considerations identified, review as appropriate for your organization. |
| 2026-05-19 | MC Last Updated | 04/20/2026 17:33:57 | 2026-05-18T18:17:59Z |
| 2026-05-19 | MC Summary | Starting April 30, 2026, admins using Data Lifecycle Management cmdlets must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession for improved security. This change affects specific cmdlets but not the Purview portal, and cmdlets remain incompatible with Certificate-Based Authentication. | Starting April 30, 2026, admins using Data Lifecycle Management cmdlets must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession for improved security. This change affects specific cmdlets but not portal users. Update scripts accordingly. |
| 2026-04-21 | MC Last Updated | 03/24/2026 17:30:04 | 2026-04-20T17:33:57Z |
| 2026-04-21 | MC Messages | Updated March 24, 2026: We have updated the content. Thank you for your patience.
Introduction Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting Jan 31, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets. When this will happen: Enforcement begins January 31, 2026. | Updated April 20, 2026: We have updated the timeline. Thank you for your patience.
Introduction Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting April 30, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets. When this will happen: Enforcement begins April 30, 2026. |
| 2026-04-21 | MC End Time | 03/31/2026 10:00:00 | 2026-06-01T10:00:00Z |
| 2026-04-21 | MC Summary | Starting January 31, 2026, admins using Data Lifecycle Management cmdlets must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession for improved security. This change affects specific cmdlets and does not impact portal users. Certificate-Based Authentication remains unsupported. | Starting April 30, 2026, admins using Data Lifecycle Management cmdlets must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession for improved security. This change affects specific cmdlets but not the Purview portal, and cmdlets remain incompatible with Certificate-Based Authentication. |
| 2026-03-25 | MC prepare | https://learn.microsoft.com/microsoft-365/compliance/data-lifecycle-management
https://learn.microsoft.com/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/connect-ippssession?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-retentioncompliancepolicy?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-retentioncompliancerule?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/set-retentioncompliancepolicy?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/set-retentioncompliancerule?view=exchange-ps | https://learn.microsoft.com/microsoft-365/compliance/data-lifecycle-management
https://learn.microsoft.com/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/connect-ippssession?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-complianceretentionevent?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-complianceretentioneventtype?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-compliancetag?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-retentioncompliancepolicy?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/new-retentioncompliancerule?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/remove-complianceretentioneventtype?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/remove-compliancetag?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/set-complianceretentioneventtype?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/set-compliancetag?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/set-retentioncompliancepolicy?view=exchange-ps https://learn.microsoft.com/powershell/module/exchangepowershell/set-retentioncompliancerule?view=exchange-ps |
| 2026-03-25 | MC MessageTagNames | Feature update, Admin impact | Updated message, Feature update, Admin impact |
| 2026-03-25 | MC Summary | Starting January 31, 2026, admins must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession to run Data Lifecycle Management cmdlets. This change enhances security and affects specific retention compliance cmdlets, with no impact on Purview portal users. | Starting January 31, 2026, admins using Data Lifecycle Management cmdlets must use Exchange Online PowerShell v3.9.0+ and include the -EnableSearchOnlySession parameter with Connect-IPPSession for improved security. This change affects specific cmdlets and does not impact portal users. Certificate-Based Authentication remains unsupported. |
| 2026-03-25 | MC Last Updated | 01/06/2026 06:49:12 | 2026-03-24T17:30:04Z |
| 2026-03-25 | MC Messages | Introduction
Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting Jan 31, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets. When this will happen: Enforcement begins January 31, 2026. | Updated March 24, 2026: We have updated the content. Thank you for your patience.
Introduction Connectivity changes between cmdlets and Microsoft 365 services like SharePoint and Exchange now require a new parameter for improved security and modern authentication. Starting Jan 31, 2026, Admins must use Exchange Online PowerShell v3.9.0 or later and include the -EnableSearchOnlySession parameter when running Connect-IPPSession to execute Data Lifecycle Management cmdlets. When this will happen: Enforcement begins January 31, 2026. |
| 2026-03-25 | MC How Affect | Who is affected: Admins using Data Lifecycle Management cmdlets in Security & Compliance PowerShell.
What will happen: You must use Exchange Online PowerShell v3.9.0 or later. You must include the -EnableSearchOnlySession parameter when running Connect-IPPSession. This applies to the following cmdlets: New-RetentionCompliancePolicy Set-RetentionCompliancePolicy New-RetentionComplianceRule Set-RetentionComplianceRule No impact for users accessing Data Lifecycle Management through the Purview portal. Cmdlets remain incompatible with Certificate-Based Authentication (CBA). What you can do to prepare: Update scripts and workflows to include the -EnableSearchOnlySession parameter. Ensure your organization is using Exchange Online PowerShell version 3.9.0 or later. For more information, visit: Learn about Data Lifecycle Management solutions in Microsoft Purview. Compliance considerations: No compliance considerations identified, review as appropriate for your organization. | Who is affected: Admins using Data Lifecycle Management cmdlets in Security & Compliance PowerShell.
What will happen: You must use Exchange Online PowerShell v3.9.0 or later. You must include the -EnableSearchOnlySession parameter when running Connect-IPPSession. This applies to the following cmdlets: New-RetentionCompliancePolicy Set-RetentionCompliancePolicy New-RetentionComplianceRule Set-RetentionComplianceRule New-ComplianceTag Set-ComplianceTag Remove-ComplianceTag New-ComplianceRetentionEvent Set- ComplianceRetentionEvent Remove- ComplianceRetentionEvent New-ComplianceRetentionEventType Set-ComplianceRetentionEventType Remove- ComplianceRetentionEventType No impact for users accessing Data Lifecycle Management through the Purview portal. Cmdlets remain incompatible with Certificate-Based Authentication (CBA). What you can do to prepare: Update scripts and workflows to include the -EnableSearchOnlySession parameter. Ensure your organization is using Exchange Online PowerShell version 3.9.0 or later. For more information, visit: Learn about Data Lifecycle Management solutions in Microsoft Purview. Compliance considerations: No compliance considerations identified, review as appropriate for your organization. |
| 2026-03-25 | MC Title | Microsoft Purview | Data lifecycle Management cmdlet connectivity change | (Updated) Microsoft Purview | Data lifecycle Management cmdlet connectivity change |
| 2026-03-25 | MC End Time | 03/02/2026 09:00:00 | 2026-03-31T10:00:00Z |
Last updated 2 days ago ago
