none
Best Practice? Deleting User Accounts - OnPrem AD and Office 365 Mailbox hybrid

    Question

  • Hi,

    Can someone please provide some guidance on the steps required to properly delete a user account based on our hybrid setup?

    Background - we've only just recently started migrating users' mailbox from Exchange 2013 to Office 365/Exchange Online.  

    We have:
    AD OnPrem
    Exchange 2013 OnPrem
    Office 365/Exchange Online
    Azure AD Connect

    Prior to having 365, we delete an account in AD and that will take care of the mailbox as well.
    Now i'm not sure if doing the same will also delete the mailbox from 365 and if that is the best/right way to do so or do I have to follow a certain procedure.

    Thanks in advanced.
    I'm new to Azure / 365 / Cloud so please be gentle :)

    Thursday, January 12, 2017 11:41 PM

All replies

  • Hi,
    Have you tried to use directory synchronization via Azure Active Directory Sync tool? As far as I know, by using that, the deletion of the on-premises Active Directory object will be synced to Microsoft Azure Active Directory (Azure AD).
    You could refer to the following KB for more details: https://support.microsoft.com/en-us/kb/2709902
    And as the problem is also related to Azure AD, you could post the questions in the Azure AD forum:
    https://social.msdn.microsoft.com/forums/azure/en-US/home?forum=windowsazuread
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, January 13, 2017 5:37 AM
    Moderator
  • Hi,

    as you are using AD connect for directory synchronization, once you delete account in on-premise AD, it replicates to cloud and related cloud account will show up in the list of deleted users on portal for a month (You can restore it if you want). Due to cloud account becomes deleted, related mailbox will be disabled too, so there is no need in any additional procedures.



    Friday, January 13, 2017 5:59 AM
  • I assume you are talking about properly terminating users (btw deleting them straight away is usually not considered a best practice). Ideally that should be a one-action process, i.e. somebody clicks a 'deprovision' button and everything happens via a script or in some other automated way.

    You can have a look at Adaxes that supports AD, Exchange (on-prem and online) and O365. So you can just hook all you need (like disabling on-prem AD account, removing Exchange mailbox, either on-prem or online and revokes O365 licenses) to one automated procedure and it'll just happen.

    http://www.adaxes.com/active-directory_provisioning.htm

    http://www.adaxes.com/exchange_management-automation.htm

    Friday, January 13, 2017 7:02 AM
  • Hi,

    I am checking how the issue going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, January 20, 2017 9:34 AM
    Moderator