Office 365 E3 - best way to keep access to old mailboxes

paulc2000
paulc2000 used Ask the Experts™
on
Hi all,

We have E3 licences for all our users, with archiving enabled (if that matters).

We would like to keep access to our ex-employees' mailboxes in perpetuity, but as cheaply as possible.  Aside from moving old mailboxes to cold storage, what are our options?  I was told by someone knowledgeable in the area that even unassigning an E3 licence will keep the mailbox intact in Exchange Online.  So, I called Microsoft to confirm, and they tell me no, that's not correct.  30 days is the max they guarantee recovery for.  So I sent her a Microsoft URL that states this:

"Caution: When a user’s license is removed, all data that is associated with that user account is held for 30 days. After the 30 day grace period, the data is deleted and can’t be recovered, except for documents that are saved on SharePoint Online and the data in the user's mailbox. The user mailbox will remain in Exchange Online until it is deleted, permanently removed or purged by the Office 365 admin. You can reassign a license to the user and make the mailbox active again."

https://support.office.com/en-ie/article/Assign-or-remove-licenses-for-Office-365-for-business-997596b5-4173-4627-b915-36abac6786dc

So I was left with little confidence that the support staff had any clue about this issue.

Does anyone know for sure?  The paragraph above is very confusing too: "we delete all data except files and mailboxes."  What's left?!

Thanks,

Paul
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
With the O365 E3 license, you have the ability to use the Inactive mailbox feature in Exchange. https://technet.microsoft.com/en-us/library/dn144876(v=exchg.150).aspx has details on what you can do, but basically it allows you to retain mailboxes for users indefinitely (This is allowed by the E3 license because it includes the Exchange Archiving features, which provide long term storage and retention capabilities in Exchange online).

Essentially, by default, all mailboxes (even E3) will be deleted after 30 days. However, mailboxes that are placed on Litigation hold or that are part of an InPlace hold will be retained until the hold is removed or the mailbox falls out of the scope of an existing InPlace hold, even if the license for the user of that mailbox is removed. That can be forever if you want. Note, though, that this feature is only available for Exchange Online subscriptions that include Exchange Archiving (E3 subscriptions to O365 do include this)

Author

Commented:
Great, many thanks for your reply.

So, in essence, to retain mailboxes indefinitely at no cost, we should set them to litigation hold with no expiry, then remove any licences from those users?

Thanks,

Paul
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
That's correct.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Most Valuable Expert 2015
Distinguished Expert 2018
Commented:
Inactive mailboxes are indeed the preferred solution. They require you to remove the user object though (or exclude it from the sync scope). And if you need regular access to the data stored in said mailboxes, they are not as convenient, so some customers prefer to use the "convert to shared mailbox" method instead. Which also has some downsides :)

Author

Commented:
Thanks both.  Do I *need* to remove the user object also?  Or is removing the licence sufficient?

I found this page which states to remove the user's account:

https://technet.microsoft.com/en-us/library/dn798632(v=exchg.150).aspx

Just wondering if it's a necessity.

Thanks,

Paul
Most Valuable Expert 2015
Distinguished Expert 2018

Commented:
Yes, if you want to keep the user account, use a shared mailbox instead.

Author

Commented:
Sorry for the questions, but why is it necessary to remove the user object?  Why is removing the licence not enough?  Thanks
Senior Systems Admin
Top Expert 2010
Commented:
That's actually another one of Technet's fantastic examples of Quality Writing (TM). You don't have to fully delete the user, just remove the subscription license. Removing the "Office 365 Account" is Microsoftese for removing the license, since this effectively disables all access to Office 365 for the user account. Removing the O365 license causes the mailbox to "disconnect" from the user's Azure AD account, so it falls into the Inactive Mailbox system. You can delete the account at that point as well, but it isn't necessary to do so. Note, though, that if you are using AD Connect to sync your AD with O365, disabling the account in on-prem AD will cause account deletion in O365.

Author

Commented:
Excellent, thank you both very much for your answers.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial