Solved

Exchange - disabling mailboxes

Posted on 2014-04-15
6
64 Views
Last Modified: 2015-04-11
Hi,

We are trying to implement a process to disable users and disable their mailboxes. What is a good practice to disable a mailbox so that the user cannot send/receive emails?

We disable the AD account of the user, will that cause Exchange to reject email for that user?
0
Comment
Question by:elchermans
6 Comments
 
LVL 3

Expert Comment

by:ukjerry2
ID: 40002084
Disabling the user in AD will prevent them from logging in and using (i.e. sending) email.  To stop them receiving any, you might also want to remove their smtp email address from their account too.
0
 
LVL 8

Expert Comment

by:EEhotline
ID: 40002102
Disable their AD accounts, then disable their mailboxes so it won't be receiving any new emails. If you need to keep the mailbox for managers to look at or audit, change its email address to something else then people will get NDR when they send email to that mailbox.
0
 
LVL 1

Author Comment

by:elchermans
ID: 40002381
I changed the SMTP address from the properties of the mailbox and tab "email addresses" to "DISABLEDJohn.Smith@domain.com" and he can still receive email... where do I change the SMTP address? Does it take time to apply?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 1

Author Comment

by:elchermans
ID: 40002382
He can still receive email to John.Smith@domain.com
0
 
LVL 3

Expert Comment

by:Krishna Patil
ID: 40003272
you need to just disable mailbox for that user from exchange management console/shell.
No need to disable user from AD.

Disabling user will stop normal user login operations.
After disabling mbx, user wont be able to his outlook/owa, thus he wont be able to check mails.
0
 
LVL 7

Accepted Solution

by:
Murali Reddy earned 500 total points
ID: 40086134
even if you change the smtp address to any, still the internal people can send emails as they resolve with names.

So, if you want those mailboxes to be still active but the users can't login to access then..

Create a dummy mailbox say DUMMY.
Configure the disabled mailbox's "Mailflow settings -- message delivery restrictions -- accept messages only from.." such that it accepts emails only from DUMMY mailbox. As DUMMY mailbox won't send any emails and others have a restriction to send to this, your purpose is solved.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question