Maintain access to mailbox of disabled user

Maintain access to mailbox of disabled user

Post by Charles_ » Thu, 15 Dec 2005 07:38:36


In a nutshell:
How can I maintain access to the mailbox of a user that has left our
employment, while disallowing the mailbox from receiving new messages?

Additional information:
We are running Exch2003 in a 2000 AD, recently migrated from Exch5.5. When
a user leaves, we disable their account in AD, remove from any DLs they were
a member of and hide thier name from the GAL.

Further, for whatever reason, if I do not go in and set the mailbox rights
so that no account has the Associated External Account permission, I have
seen that the mailbox will continue to receive mail. I do not want
mailboxes just getting mail forever though, so I go in an make sure that no
account has that AEA permission.

The problem is, when I do that, although I achieve the need of disallowing
new e-mail from flowing into the mailbox, it also denies access to the
mailbox for anyone that had access to it for reference reasons.

So what permissions need to be set in order for say a manager to have access
to the existing e-mail in the mailbox but for no new mail to be allowed in
and an NDR to be generated to the sender of new mail? Or perhaps I am stuck
archiving the existing mail into a PST for the manager to access, which
would suck cause then I lose the Single Instance Storage and end up with a
huge PST that is subject to corruption etc.

Maintain access to mailbox of disabled user

Post by Mark Arnol » Sun, 18 Dec 2005 19:55:41

On Tue, 13 Dec 2005 14:38:36 -0800, "Charles_B"

It's a bit of a pain yes. How about hiding the user mailbox from the
GAL, setting a complex password/phrase and removing all of the SMTP
addresses other than the default (for which you'll change the alias to
something obvious but meaningless) the new SMTP address will be
stamped and you can use
to maintain access to the account. You can assign the former SMTP
addresses to wherever you want, if indeed you want to assign them