When offboarding a user, the option to retain that user’s mailbox and give other people access is, convert to a shared mailbox. When you do this it doesn’t delete the user account. It still shows up as an active, unlicensed user. This can be sort of troubling as reporting of active user counts still includes those users. I’m not 100% sure that this is different, but many of our users are hybrid with an on-prem AD. When we try to delete the user and convert to a shared mailbox, the deletion fails, but the convert to shared succeeds. If we subsequently move to on-prem account to an un-synchronized OU, the user account and it’s associated share mailbox also get deleted. The way I’ve found to fix this is to restore the AAD user account after we move the on-prem account. It’s all a bit of a hassle and I wonder if there’s a better way. How do you handle offboarding hybrid accounts?
deleted by creator
(I know this post is a month old, but I just came across it.)
We deal with this by not dealing with it, so to speak. We keep the on-prem AD account disabled and just move it to a synced OU called “Terminated”, then strip all group memberships/permissions from it. Once we’ve held onto the shared mailbox for the required length of time, we then delete both the on-prem AD account and the shared mailbox.
