How to Delete an Office 365 Mailbox but Not the Local Active Directory User When Using Dirsync

We recently had a user with various Outlook issues and wanted to verify that there was not any corruption in the mailbox. We had tried creating new profiles and even different computers but this had not helped.

We wanted to give the user a 100% clean fresh new mailbox but did not want to delete the user in Active Directory. We wanted to delete and then re-create the user’s mailbox in Office 365 without deleting the user in our local Active Directory. We use directory sync (Dirsync) with password sync.

o365-errorsmall

A warning message we received along the way

  • Login to Office 365 powershell via Windows Azure
    • Set-Executionpolicy Remotesigned (only if you have not done this before)
    • $LiveCred = Get-Credential
      Connect-MSOLservice –Credential $livecred
      $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
      Import-PSSession $Session
  • Modify user AD attributes using ADSI Edit so that user is not included in the Dirsync
    • edit mailNickname (was MHammond)
    • change to CAS_Mailbox{
  • run dirsync
    • *only if it is still not working, try changing changing mailNickname to CAS_Mailbox{mhammond@christmas.com and run dirsync again
  • Verify both user and mailbox are both deleted (in trash) in Office 365 (this is called a soft delete because the data is still available to be recovered)
  • Hard delete the user and mailbox in Office 365 by getting the using the objectID
    • Get-MsolUser -ReturnDeletedUsers | ft UserP*,ObjectId
      • This will return the ObjectID of the soft deleted users that you can then copy and use in the command below to hard delete
    • Remove-MsolUser -RemoveFromRecycleBin -ObjectId 77a28e58-7c11-4899-826f-2c7e3de7ba0c
  • Verify both user and mailbox are both deleted (hard deleted, not in trash) in 365
  • Use ADSI Edit to change the mailNickname back to MHammond
  • Run dirsync
  • Add 365 license back to user that has now been re-added via the dirsync
    • At this point you SHOULD be finished and the fresh empty mailbox should be created…however, you may have additional issues
  • Received warning message in Office 365 about importing the users mailbox
    • “This user’s on-premises mailbox hasn’t been migrated to Exchange Online. The Exchange Online mailbox will be available after migration is completed.”
    • As a result, the mailbox will never be successfully created
    • You can check the status of the user services/mailbox provisioning with either of the following commands
      • get-msoluser -userprincipalname mhammond@christmas.com |fl
      • (Get-MsolUser -UserPrincipalName mhammond@christmas.com).Licenses[0].ServiceStatus
  • If the mailbox is STILL not working you may need to use ADSI Edit again to remove a few references to an older exchange server if needed. In our case we had migrated from Exchange 2003 to Office 365 with a staged migration about two years prior. The old Exchange server had been decommissioned. Try deleting (or clearing the following values for the user via ADSI Edit).
    • msExchHomeServerName
    • msExchMailboxGuid
    • msExchPoliciesIncluded
  • Run Dirsync
  • Re-assign the Office 365 license
    • Hopefully now you successfully have a new mailbox without any warnings about migration

The following links were helpful along the way

o365 error

This user’s on-premises mailbox hasn’t been migrated to Exchange Online. The Exchange Online mailbox will be available after migration is completed.

Advertisements

2 thoughts on “How to Delete an Office 365 Mailbox but Not the Local Active Directory User When Using Dirsync

  1. SAT says:

    I have exactly the same thing happen; however nowhere does it say that there is this assumption by DirSync that we have an on-prem mailbox. We have no Outlook Anywhere either. I’m going to go through your suggestion above, hopefully it will work.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s