Nov 17 2021
06:58 PM
- last edited on
Feb 08 2023
09:56 AM
by
TechCommunityAP
Nov 17 2021
06:58 PM
- last edited on
Feb 08 2023
09:56 AM
by
TechCommunityAP
Deleting a user and assigning their Exchange mailbox doesn't delete them any more.
The previous/expected process:
The actual process/experience"
This process works correctly if you do not reassign the mailbox, so it appears something in that process has broken. I would guess that confidentiality is a huge concern amongst those deleting former employees, and having access to company email is a major concern so I hope this is addressed ASAP.
Nov 17 2021 06:59 PM
Nov 17 2021 11:36 PM
Nov 17 2021 11:37 PM
As for any changes in the wizard behavior, @Nino_Bilic might have some info.
Nov 18 2021 06:21 AM
Nov 18 2021 01:49 PM
Hi guys, thanks for the responses, hopefully I can clear a few things up so we're on the same page:
@VasilMichev "Converting the mailbox to shared always required you to keep the underlying user object"
I agree; previously this user would be kept as a "Deleted User", which would allow you to "Restore" the user if you'd deleted them by mistake or something similar. That's not currently happening.
"There is no way to "unlink" a user from the mailbox, at least not a supported way."
I understand what you're saying, however this used to work. I'm not sure what else to tell you here.
"The "assign" part from that wizard is simply granting Full Access permissions, the "original" user account will still have access."
Yes, however there are clearly steps after this portion of the wizard that would then remove sign in access and shift the user to "Deleted Users" and whatever else.
"You can easily test this yourself - create a user mailbox, then convert it to Shared from within the EAC or PowerShell. You will notice that the user object remains as is. If you then delete the user object, the shared mailbox will be gone too."
I understand, however the previous behaviour of deleting the user from the Office 365 Admin Console was different to how it is now. I'm not suggesting that it straight away deleted all objects, but the process used to be as I described in my post.
@Nino_Bilic "Deleting the user would always result in mailbox being disconnected (therefore loss of access to the mailbox)."
I don't know what to tell you. Like I said, deleting the user in the Office 365 Admin Console would give you the option to convert the mailbox to shared and assign it to another user, then move the user to "Deleted Users" where they would no longer have access to their Office 365 sign in or Exchange mailbox. After 30 days, both would be deleted.
"Shared mailboxes in Exchange Online must have the user account associated with them; by default this user account will not be enabled for direct logon but user account has to exist whether the shared mailbox was created anew or the user mailbox has been converted to a shared mailbox. This is expected design. The mailbox cannot exist on it's own without a user account."
Agreed, however the handling of it has changed. The user account used to be in "Deleted Users", where the end user had no access to it, and eventually it would be removed, however that has changed or is broken. Now the Office 365 user remains active, and they would still have access to their mailbox. Just as importantly, this user will not be deleted, ever. They remain an Active User, so clearly the "Delete User" function is broken.
"Note also that if the mailbox is converted from user to shared, the password for the user account should be reset too."
Why? The whole point of the user being deleted is that it removes access for the user. This is a point I tried to make; deleting a user used to encompass all the termination process and was very useful. If this is no longer the case, these functions and wizards are completely useless.
Nov 18 2021 03:24 PM
Nov 18 2021 03:38 PM
Nov 18 2021 11:12 PM
Nov 21 2021 03:10 PM