Back

Deleting & Disabling Mailboxes in Exchange Hybrid 2013 & 2016

In theory, shutting down or disabling a user mailbox in Exchange hybrid 2013 and 2016 might seem simple. But when the time comes, plenty of unplanned scenarios can complicate this simple action. You may want to preserve the mailbox while blocking access or need to enable litigation hold and lock out a user for compliance purposes...

3 min read
Published on Mar 28, 2017
disabling-mailboxes-exchange-hybrid-2013-2016

In theory, shutting down or disabling a user mailbox in Exchange hybrid 2013 and 2016 might seem simple. But when the time comes, plenty of unplanned scenarios can complicate this simple action. You may want to preserve the mailbox while blocking access or need to enable litigation hold and lock out a user for compliance purposes.

In any case, these three scenarios will help you successfully disable an Exchange hybrid 2013 or 2016 user account.

Terminating Active Directory Synced Users

When an employee leaves your organization, the easiest way to remove the account from Office 365 is to delete or disable the user from Active Directory. This will force the Azure Active Directory Connect client to remove/disable the user in Office 365 during the next sync cycle.

Blocking Sign-in Access

If you need to preserve a user’s mailbox (but block access) you can disable the user’s account in Active Directory or follow the steps below in the Office 365 management portal.

IMPORTANT: Blocking an account can take up to 24 hours to take effect. If you need to immediately prevent a user’s sign-in access, you should reset the password in your on-premises Active Directory and force a directory sync:

  1. Sign in with your Office 365 global admin account at https://portal.office.com/adminportal/home

  2. In the Office 365 admin center, select Users. Office 365 admin center - users                 3. Select the user you want to terminate and choose Edit next to Sign-in status in the user pane. sign in allowed window 4. Finally, select Sign-in blocked. block sign in Office 365 hybrid configuration

Enable Litigation Hold & Terminate User

Many organizations are required to preserve mailbox data for a number of years to meet government compliance requirements, such as PCI, HIPAA or SOX. Placing a mailbox on litigation hold generally satisfies this requirement, but your organization must own at least one Exchange Online Plan 3 license or higher.

To place a mailbox on litigation hold:

  1. Log in to the Exchange Administration Console.
  2. Go to Recipients > Mailboxes.
  3. In the list of user mailboxes, click the mailbox you want to place on Litigation Hold then click Edit.
  4. On the mailbox properties page, click Mailbox features.
  5. Under Litigation hold: Disabled, click Enable to place the mailbox on Litigation Hold.
  6. On the Litigation Hold page, enter the following optional information:
    • Litigation hold duration (days): Use days to specify the duration. If left blank, the mailbox will be placed on hold indefinitely.
  7. Click Save on the Litigation Hold page, and then click Save on the mailbox properties page.

After placing the mailbox on litigation hold, you can delete the user in Active Directory to free up the Exchange Online Plan E3 license so you can place another mailbox on hold the next time an employee leaves your organization.

Looking to get more out of Office 365? Learn about our Office 365 consulting services or schedule a call today.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

What Is a POAM?

What Is a POAM?

Learn how a Plan of Action and Milestones (POAM) helps meet NIST 800-171 & DFARS compliance. Understand its role in FedRAMP, security categorization, and risk mitigation.

Apr 8, 2025
8 min read
Best Cybersecurity Practices for Achieving CMMC Compliance

Best Cybersecurity Practices for Achieving CMMC Compliance

Achieving CMMC cybersecurity compliance requires strong security controls. Learn best practices for securing your IT environment, protecting CUI, and implementing MFA.

Apr 7, 2025
6 min read
8-pranks-for-windows-11-happy-april-fools

8 Pranks for Windows 11 - Happy April Fools!

Happy April Fools Day The day of the year when some IT staff think it might be humorous to do something to generate hundreds of support tickets for ...

Apr 1, 2025
3 min read
Office 365 License Comparison: Business Plans Vs. E5, E3 and E1

GCC High Vs GCC for Protecting CUI with CMMC

Learn the key differences between GCC and GCC High for handling CUI under CMMC, DFARS, and NIST 800-171. Find out which cloud meets your compliance needs.

Mar 31, 2025
4 min read
Risks of not using a CMMC RPO

The Risks of Not Using a CMMC RPO for Compliance and Certification Readiness

A CMMC RPO helps organizations prepare for certification and avoid compliance failures. Learn why working with an RPO is essential for achieving CMMC compliance.

Mar 20, 2025
8 min read
CMMC 2.0 Require GCC High for Compliance

Does CMMC 2.0 Require GCC High for Compliance?

Does CMMC 2.0 require GCC High? Learn the cloud options for compliance, data security, and protecting CUI under NIST 800-171 and DFARS.

Mar 17, 2025
10 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation