functions/Tenant/Get-OspreyTenantEDiscoveryConfiguration.ps1

<#
.DESCRIPTION
    Searches for all roles that have e-discovery cmdlets.
    Searches for all users / groups that have access to those roles.
.OUTPUTS
    eDiscoveryRoles.csv
    eDiscoveryRoles.xml
    eDiscoveryRoles.json
    eDiscoveryRoleAssignments.csv
    eDiscoveryRoleAssignments.xml
    eDiscoveryRoleAssignments.json
#>
 #conf 7/13
Function Get-OspreyTenantEDiscoveryConfiguration {

    Test-EXOConnection
    $InformationPreference = "Continue"
    
    Out-LogFile "Gathering Tenant information about eDiscovery Configuration" -action

    # Nulling our our role arrays
    [array]$Roles = $null
    [array]$RoleAssignments = $null

    # Look for E-Discovery Roles and who they might be assigned to
    $EDiscoveryCmdlets = "New-MailboxSearch", "Search-Mailbox"

    # Find any roles that have these critical ediscovery cmdlets in them
    # Bad actors with sufficient rights could have created new roles so we search for them
    Foreach ($cmdlet in $EDiscoveryCmdlets) {
        [array]$Roles = $Roles + (Get-ManagementRoleEntry ("*\" + $cmdlet))
    }

    # Select just the unique entries based on role name
    $UniqueRoles = Select-UniqueObject -ObjectArray $Roles -Property Role

    Out-LogFile ("Found " + $UniqueRoles.count + " Roles with eDiscovery Rights")
    $UniqueRoles | Out-MultipleFileType -FilePrefix "eDiscoveryRoles" -csv -xml -json

    # Get everyone who is assigned one of these roles
    Foreach ($Role in $UniqueRoles) {
        [array]$RoleAssignments = $RoleAssignments + (Get-ManagementRoleAssignment -Role $Role.role -Delegating $false)
    }

    Out-LogFile ("Found " + $RoleAssignments.count + " Role Assignments for these Roles")
    $RoleAssignments | Out-MultipleFileType -FilePreFix "eDiscoveryRoleAssignments" -csv -xml -json


}