• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 349
  • Last Modified:

Exchange 2013 In-Place Hold - Best way to 'archive' ex-staff Mailboxes

Hi EE,

We've only recently upgraded from Exchange 2007 and have applied In-Place Hold to all mail in all mailboxes, indefinitely.

Traditionally, we have archived mailboxes to PST when staff leave the company. The PST gets stored on a file server and the user account and mailbox are deleted.

This gets a little confusing when In-Place Hold is applied - I can't find any documentation online that outlines if the 'Held' emails will be retrievable if we do a full mailbox export to PST (I've been using New-MailboxExportRequest).

From what I've read the In-Place Hold 'Held' mail will be cleared if I remove the Hold to then allow me to delete the mailbox.

Any suggestions on how to confirm the behavior and work around this? I've been thinking I might have to do two exports, one using the In-Place Hold PST Export feature and 1 Full Mailbox export for each user.

Thanks in advance,

Adam
0
aroddick
Asked:
aroddick
  • 2
1 Solution
 
FarWestCommented:
just to share with you some experience point
1- I don't recommend deleting users on AD, for some reasons like
  - it can happened that you will have new employee who will have same user name as old one, so who is who and receiving emails belongs to the old employee can happened
- When checking security you will find SIDxxxx instead of clear username (like NTFS security)
- Any security mechanism  that depends on username (not SID) like web sites and others is subject that new user will have escalated privileges inherited from old employee  user name

2- for the above reasons disabling  ex-employee user in AD, remove it from any distribution groups and move it to a special OU is preferred to me
3- you can have a separated mailbox database on a large non-expensive HD or HD array, with different backup strategy that you move ex-employees  mailbox to.
4- make a special AD user who is the only account that has full access on those mailboxes , and you can use OWA to access and search mailboxes

regarding In-Place Hold I found some explanations about enabling and disabling hold that maybe useful for you

https://technet.microsoft.com/en-us/library/ff637980%28v=exchg.150%29.aspx

one last think if you could make a POC or test deployment using VM environment to make sure about every decision you make you can have 2 VM with Internal only network to RUN AD and Exchange and safely test any option

Good Luck
0
 
aroddickAuthor Commented:
Thanks very much, some good points that we'd never considered there. I'll definitely propose the extra DB on cheap storage as the 'archive'. Really good advice thank you again. Much appreciated.
0
 
FarWestCommented:
you are welcome, and glad I was able to help
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now