Deleting & Disabling Mailboxes in Exchange Hybrid 2013 & 2016

In theory, shutting down or disabling a user mailbox in Exchange hybrid 2013 and 2016 might seem simple. But when the time comes, plenty of unplanned scenarios can complicate this simple action. You may want to preserve the mailbox while blocking access or need to enable litigation hold and lock out a user for compliance purposes.

In any case, these three scenarios will help you successfully disable an Exchange hybrid 2013 or 2016 user account.

Terminating Active Directory Synced Users

When an employee leaves your organization, the easiest way to remove the account from Office 365 is to delete or disable the user from Active Directory. This will force the Azure Active Directory Connect client to remove/disable the user in Office 365 during the next sync cycle.

Blocking Sign-in Access

If you need to preserve a user’s mailbox (but block access) you can disable the user’s account in Active Directory or follow the steps below in the Office 365 management portal.

IMPORTANT: Blocking an account can take up to 24 hours to take effect. If you need to immediately prevent a user’s sign-in access, you should reset the password in your on-premises Active Directory and force a directory sync:

  1. Sign in with your Office 365 global admin account at https://portal.office.com/adminportal/home

  2. In the Office 365 admin center, select Users. Office 365 admin center - users                 3. Select the user you want to terminate and choose Edit next to Sign-in status in the user pane. sign in allowed window 4. Finally, select Sign-in blocked. block sign in Office 365 hybrid configuration

Enable Litigation Hold & Terminate User

Many organizations are required to preserve mailbox data for a number of years to meet government compliance requirements, such as PCI, HIPAA or SOX. Placing a mailbox on litigation hold generally satisfies this requirement, but your organization must own at least one Exchange Online Plan 3 license or higher.

To place a mailbox on litigation hold:

  1. Log in to the Exchange Administration Console.
  2. Go to Recipients > Mailboxes.
  3. In the list of user mailboxes, click the mailbox you want to place on Litigation Hold then click Edit.
  4. On the mailbox properties page, click Mailbox features.
  5. Under Litigation hold: Disabled, click Enable to place the mailbox on Litigation Hold.
  6. On the Litigation Hold page, enter the following optional information:
    • Litigation hold duration (days): Use days to specify the duration. If left blank, the mailbox will be placed on hold indefinitely.
  7. Click Save on the Litigation Hold page, and then click Save on the mailbox properties page.

After placing the mailbox on litigation hold, you can delete the user in Active Directory to free up the Exchange Online Plan E3 license so you can place another mailbox on hold the next time an employee leaves your organization.

Looking to get more out of Office 365? Learn about our Office 365 consulting services or schedule a call today.

Published on: .

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

How can we help?

Loading...

Let's start a conversation

location Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

telephone-icon + 1 (619) 292-0800 mail-icon Sean.L@Agileit.com

Don’t want to wait for us to get back to you?