office365: purge an inactive mailbox

i encountered a scenario where an employee returned to the organization after their office365 persona was past the 30 day soft-delete limit. normally, that is no big deal; they’d just end up with a new mailbox. however, in this case i believe since a litigation hold was enabled on the mailbox, the mailbox was retained as a deleted mailbox past the 30 day marker in exchange online. the mailbox would not reattached to the reenabled AD user and i could not manually recover the inactive mailbox in exchange online because this was a federated user. microsoft has instructions on how to recover an inactive mailbox here: https://technet.microsoft.com/en-us/library/dn894100(v=exchg.150).aspx, but they do not work on a federated user. there’s a very convoluted workaround described here: https://blogs.technet.microsoft.com/exovoice/2016/11/21/how-to-restore-an-inactive-mailbox-for-a-federated-user-in-an-exchange-hybrid-deployment/

additional info:
https://technet.microsoft.com/en-us/library/dn186233(v=exchg.150).aspx
https://technet.microsoft.com/en-us/library/dn144876(v=exchg.150).aspx

for starters:
get-mailbox -inactivemailboxonly -identity [UPN]

then you have to remove the litigation hold to be able to do anything with the mailbox, like so:
set-mailbox -inactivemailbox -identity [alias] -litigationholdenabled $false
source: https://technet.microsoft.com/en-us/library/dn890381(v=exchg.150).aspx

the following all resulted in “The operation couldn’t be performed because ‘user’ matches multiple entries.”:
remove-mailbox -identity [alias] -permanentlydelete
remove-mailbox -identity [upn] -permanentlydelete
remove-mailbox -identity [“display name”] – permanentlydelete
get-mailbox [alias] -includeinactivemailbox | remove-mailbox -permanentlydelete

i then ran “get-mailbox [alias] -includeinactivemailbox | fl” and retrieved a unique SamAccountName”
and followed up with:
remove-mailbox -identity [SamAccountName] -permanentlydelete
this time the error was “This mailbox cannot be permanently deleted since there is a user associated with this mailbox in Azure Active Directory”.
finally some progress…

i then unsynced the local AD user and forced the deletion of the O365 account with the usual tactic of:
get-msoluser -returndeletedusers -userprincipalname [UPN] | remove-msoluser -removefromrecyclebin -force
then after a minute or so i was able to run the remove-mailbox command above successfully

This entry was written by resinblade , posted on Friday January 27 2017at 06:01 pm , filed under IT . Bookmark the permalink . Post a comment below or leave a trackback: Trackback URL.

Comments are closed.