Forum Discussion

Rudi77's avatar
Rudi77
Copper Contributor
May 13, 2020
Solved

disabled on premise AD Account - Consequences for M365 Mailbox\OneDrive data

Hi All We're about to go through the migration process for on premise mailboxes and home drives to M365 Exchange online and OneDrive. We have on premise AD which will remain in place which is synch...
data loss prevention
exchange
office 365
On-Premises
onedrive
  • PeterRising's avatar
    PeterRising
    May 13, 2020

    Rudi77 

     

    OK, if you disable an AD user which is synced to O365, the O365 user will then be blocked from signing in too.

     

    If you sync an AD account to O365, then move the AD account to an OU which is not synced, the O365 account will be deleted on the next scheduled sync pass.  The result of this is that the O365 account will be moved from the Active Users folder to the Deleted Users folder.  It will remain recoverable for 30 days, then it will be permanently purged and not recoverable.

     

    So no, neither of these are options for you i'm afraid.

     

    If you sync the disabled users OU, then the O365 user will not be deleted at the next sync,  but would of course still be blocked from signing in.

Smith_J's avatar
Smith_J
Brass Contributor
May 15, 2020

To remove an employee:

In the admin center, go to the Users > Active users page.

Select the box next to the user's name, and then select Reset password

Enter a new password, and then select Reset. (Don't send it to them.)

Select the user's name to go to their properties pane, and on the OneDrive tab, select Initiate sign-out.

Resources