Recovering Leaver/Disabled/Deleted Mailboxes in Exchange Online
Once you start your Exchange Online journey, a lot of the things you took for granted are now not so simple. One for us was around what we do with leaver and disabled mailboxes and their licences.
If you have a user who is on long term sick leave or maybe you’ve just deleted a user who has been disabled for ages and now they are back. A common one is maternity leave or sabbatical, the user could be offline for some time, and while they are employed and need their email, you are likely to come under pressure to reclaim their licence — and everything does come down to money at the end of the day…
This blog will explain how to recover a users mailbox, (where possible) which has been deleted due to the licence being removed.
To put it simply, if you remove the Exchange Online licence your users will lose access to the email, this is self explanatory. Microsoft do offer you a 30 day grace period when you migrate a user to Exchange Online, after which you will need a licence.
After 30 days from when the licence has been removed, one of two things will happen.
If you don’t have any kind of litigation hold enabled on the mailbox, the mailbox will be deleted and the data is lost — shared and resource mailboxes do not need a licence, but they won’t have litigation hold — that requires a licence.
It makes sense to assign some kind of litigation hold to your users mailboxes so you are able to recover the data if a licence has been removed, like my example above. The important thing is when did the licence get removed? If it’s under 30 days ago, then the mailbox will automatically get reattached to the user and everything will carry on as normal.
Was the licence was removed over 30 days ago?
If the licence was removed over 30 days ago and you’ve got litigation hold enabled, you can get the data back. Unfortunately simply reassigning a licence back to the user will not fix the Correlation ID error. The mailbox has now gone into an Inactive state and you have to move the email to a new mailbox — I’ll explain the process below.
If you’ve deleted the user account, providing you restore it within 30 days the mailbox will simply reattach. If it’s over 30 days, you need to follow the below process.
Step 1 — Creating a New Mailbox
If this is the first time you’ve seen this error then you are likely wondering how you create the user a new mailbox, as Exchange Online thinks it already has one. The answer lies on in ADSIEdit (or Attribute Editor in AD)…
Open AD and locate the user in question (you cannot use the search option, you must browse to the user object). Once there, select the Attribute Editor tab.
While I have done this in our environment and the information was provided to me by Microsoft Premier, you run this at your own risk. I strongly recommend you take a copy of the values before you clear them.
Here you need to make the following changes:
msExchArchiveGUID — clear this value
msExchArchiveName — clear this value
msExchMailboxGuid — clear this value
msExchRemoteRecipientType — set this value to 1
After your next sync with AD Connect, your user will have a brand new shiny mailbox.
Step 2— Restoring the Email
Sadly, the only way around this is to create a New-MoveRequest and copy the data from the inactive mailbox to the new one.
Step 3— Adding the LegacyExchangeDN
This step is optional however if you don’t, the chances are when someone replies to an old email the user has sent, it will bounce and produce a NDR.
This is because the LegacyExchagneDN will be different. A simple fix is to take the leavers mailbox LegacyExchangeDN and add it as an X500 address on the new mailbox. This will fix this issue.