this post was submitted on 20 Sep 2023
13 points (93.3% liked)

Sysadmin

7664 readers
5 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago
MODERATORS
 

Hello,

TLDR; Approx 2 years ago we manually created Cloud users on our 365 Tenant to start using Teams. Now we're trying to sync our on-prem AD with AAD and experiencing issues due to pre-existing Exchange Online mailboxes. Cannot delete the mailbox without deleting the user. Can't delete the user because we don't want to lose anything in Teams. Looking for help.

During the pandemic we had a lot of staff start working remotely. Our existing messaging platform was not up to the task and we jumped on the Teams bandwagon, shortly after we bought a mix of Business Basic and Business Standard licenses for all our staff. When applying the licenses to the staff we also inadvertently assigned an Exchange Online license. No big deal we thought at the time because our corporate email MX records point to our on-prem Exchange servers.

Fast forward to now and we're in the process of trying to sync all on-prem users to Azure AD so we can ultimately migrate our mailboxes off of our on-prem Exchange 2013 servers and on to Exchange Online. We've run into an issue that Microsoft support is having trouble solving. Because the cloud users were manually created before we setup AAD Connect and configured Hybrid Exchange, the Tenant knows nothing about the on-prem mailboxes. I cannot sync on-prem users to our Tenant because a mailbox exists for the user already. I cannot delete the Exchange Online user mailbox without deleting the user. Deleting the user will cause data and permission loss with Teams.

The sync process works fine if the user doesn't exist on the Tenant first, or if the 365 user doesn't have a pre-existing mailbox.

Hoping to find someone who's been in a similar situation and was able to solve it. Information online is sparse for this scenario and I'm not able to find anything that helpful.

you are viewing a single comment's thread
view the rest of the comments
[–] PeachMan@lemmy.one 1 points 1 year ago

Hey, thanks for circling back and updating! More details here on those mailbox properties in case anyone is curious: https://learn.microsoft.com/en-us/purview/ediscovery-identify-a-hold-on-an-exchange-online-mailbox?view=o365-worldwide#managing-mailboxes-on-delay-hold

After any type of hold is removed from a mailbox, a delay hold is applied. This means that the actual removal of the hold is delayed for 30 days to prevent data from being permanently deleted (purged) from the mailbox. This gives admins an opportunity to search for or recover mailbox items that will be purged after a hold is removed.

So, did you recently remove a hold from these mailboxes? Or were these properties stuck somehow, even though they were more than thirty days old?