While working on an automation for one of our clients, We have used Disable-RemoteMailbox command in hybrid environment to disable the user mailboxes as well as shared mailboxes.
User mailbox disablement is replicating correctly after removing the license group and running Disable-RemoteMailbox command on exchange onpremise Server but Shared mailbox although being disabled at on-premise exchange server, it was not getting disabled at Exchange online.
We coordinated with Microsoft and came to know that this is by design and is mentioned in the documentation as well.
Due to the current service architecture, you need to convert shared mailboxes to user mailboxes prior to running the Disable-RemoteMailbox cmdlet.
To overcome this behavior, there are two options, we have used the second one, you can use anyone.
- Convert the Shared mailbox to User mailbox
Use Set-RemoteMailbox -Identity vikasmbx -Type Regular
Let it synchronize and then run Disable-Remotemailbox.
-Type has below values to choose from:
Another option is simpler than above, just move the AD object to an OU that is not replicating to AzureAD from AzureADconnect ( after running the Disable-Remotemailbox Command).
Or If you do not have such OU, create an OU to host these disabled objects and exclude it from the AzureAD connect synchronization.
Just sharing this small issue and resolution in case you are also in similar situation, although I have not seen often that organization disabling Shared mailboxes but if that is the case then keep in mind above situations.
Thanks for reading…….