locked
Is there a way to disconnect a user from Exchange 2003 while still maintaining their Active Directory account? RRS feed

  • Question

  • Running Active Directory on Server 2003 with Exchange 2003.

    Here's the situation. I have to deal with a person who is semi-retiring from the organization. This person will still act as a consultant with the organization and will be allowed to log onto the terminal server to access applications and use their user drive, but this person's supervisor does not want the person to have access to email.

    But, I can't just disconnect/disable the mail account as it has been added to Outlook on the supervisor's account so that any lingering or future email can be taken care of.

    I am assuming that I might be able to do this through the "Properties -> Exchange Advanced -> Mailbox Rights" option in Active Directory, but I don't know for certain what to remove.

    Friday, May 27, 2011 6:03 PM

Answers

  • Export the mailbox to a pst and let the supervisor access the legacy mail from there.  ( or copy to his mailbox to subfolders)

    Move all the SMTP addresses from the retiring user to the supervisors account.

     

    Disable the mailbox.

     

     


    • Marked as answer by Greg Buchner Tuesday, June 7, 2011 3:27 PM
    Friday, May 27, 2011 6:09 PM

All replies

  • Export the mailbox to a pst and let the supervisor access the legacy mail from there.  ( or copy to his mailbox to subfolders)

    Move all the SMTP addresses from the retiring user to the supervisors account.

     

    Disable the mailbox.

     

     


    • Marked as answer by Greg Buchner Tuesday, June 7, 2011 3:27 PM
    Friday, May 27, 2011 6:09 PM
  • We need to keep the email account active for any incoming emails from persons who do not know that the retiring person is no longer with the organization.

    It's a current policy to keep email accounts active for up to 1 year after a person leaves to verify that all the email that person is supposed to receive is being taken care of by someone, either their supervisor or their replacement.

     

    Friday, May 27, 2011 6:15 PM
  • We need to keep the email account active for any incoming emails from persons who do not know that the retiring person is no longer with the organization.

    It's a current policy to keep email accounts active for up to 1 year after a person leaves to verify that all the email that person is supposed to receive is being taken care of by someone, either their supervisor or their replacement.

     


    If you move the existing SMTP addresses of the leaving user to the supervisor's mailbox, the messages will go there instead, they wont be lost.

     

    Friday, May 27, 2011 6:33 PM
  • We will try this out next week.

    Thank you

    Friday, May 27, 2011 7:43 PM
  • Hi,

    Have you tried Andy's way? And do you have any update?

    Thanks


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Tuesday, May 31, 2011 5:27 AM
  • Hi ,

    How we do is reset the user account password , set expire date and then hide it from address book .

     

     

     

    Tuesday, May 31, 2011 5:44 AM
  • What is the status of the issue?
    Gulab | MCITP: Exchange 2010 | MCITP: Exchange 2007 | Skype: Gulab.Mallah | Blog: www.ExchangeRanger.blogspot.com
    Tuesday, May 31, 2011 6:15 AM
  • Not yet. The person this change has to be made for still works through today. I'll start working on Andy's way tomorrow.
    Tuesday, May 31, 2011 3:27 PM
  • The person still needs some access to their account after they retire and start working as a consultant at times. Mostly we'd want to disable outgoing email for this person. Resetting the password is not going to help.
    Tuesday, May 31, 2011 3:29 PM
  • OK, another possibility that my superior brought up. Can the mailbox just have the option to send mail for that account disabled. Upper management doesn't care of the person who retired reads the email as this person didn't receive any sensitive business data, but they do not want this person to be able to send mail via the organizations domain.

    Otherwise, Andy's option will be enabled sometime in the very near future.

     

    Wednesday, June 1, 2011 2:44 PM
  • To receive email the user needs a mailbox (thats a given) however to prevent the user from sending email it needs to be blocked at the gateway. If you have a gateway SMTP server you just drop all outbound email addresses. With Exchange you can reject emails from for his account on the SMTP connector.

    If the manager also needs to get email sent from him you can also set the forwarding (delivery options) on his mailbox.

     

     

    Restricting Users from Sending and/or Receiving Mail via the Internet
    http://www.msexchange.org/tutorials/mf009.html


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
    Wednesday, June 1, 2011 3:40 PM
  • Export the mailbox to a pst and let the supervisor access the legacy mail from there.  ( or copy to his mailbox to subfolders)

    Move all the SMTP addresses from the retiring user to the supervisors account.

     

    Disable the mailbox.

     

     


    This is the option the supervisor decided to go with and will be following your advice.

     

    Thank you

    Tuesday, June 7, 2011 3:27 PM