Inactive Mailboxes in Microsoft Purview Compliance Portal

The Transition of the EAC

Updated 30 May 2022

The news that Microsoft will finally retire the old Exchange Online admin center (inherited from the on-premises server) in 2022 started me thinking about information which Microsoft should expose in the new EAC. Not every tenant administrator likes PowerShell, and even fewer enjoy grappling with the Microsoft Graph APIs. The kind of situation I’m thinking of is where it would be useful to have a GUI to manage data that’s not exposed today. Like inactive mailboxes.

As I pointed out in the article, Microsoft still has work to do to move functionality from the old EAC to wherever it’s going to be in the future. Exchange’s Mailbox Records Management (MRM) is a special concern because some retention operations (like moving messages to archive mailboxes) is unsupported by Microsoft 365 retention policies. Mobile device access policies are another example.

Some Objects Never Featured in the EAC

And then there are some parts of Exchange which have never shown up in EAC. Inactive mailboxes are an example of what I’m thinking of. These objects occur when an administrator deletes a Microsoft 365 account which is still subject to a litigation or eDiscovery hold. In either circumstance, the mailbox of the now-deleted account holds information which might be needed, so Exchange Online keeps the mailbox in an inactive state. The contents are online, indexed, and discoverable (including non-user data like Teams compliance records), but the mailbox is inaccessible to users unless it is restored. Microsoft created inactive mailboxes to allow tenants to retain Exchange Online user mailboxes for eDiscovery without being connected to a licensed account. This problem doesn’t arise on-premises, which is why inactive mailboxes never appeared in the old EAC.

Inactive mailboxes remain online until the last hold elapses. At this point, the Managed Folder Assistant removes the mailbox. The hold might be:

• An Exchange Online litigation hold (on the whole mailbox).
• A Microsoft 365 retention policy (which could be scoped to cover the entire mailbox).
• A hold placed by a retention label.
• A hold placed by a Core or Advanced eDiscovery case.

In addition, some old holds from Exchange eDiscovery might still be in place. Microsoft deprecated these holds in 2020, but the nature of eDiscovery is that some cases last a long time.

Management of Inactive Mailboxes

Inactive mailboxes don’t need a lot of management unless you want to recover data from an inactive mailbox or restore the inactive mailbox to a new mailbox. Apart from that, inactive mailboxes are self-managing and remain in place until the holds supporting their status expire. Note that the Managed Folder Assistant continues to process inactive mailboxes and will remove items which are not needed by the holds in place.

It’s reasonable to ask administrators to use PowerShell to preform infrequent tasks like recovery and restore of inactive mailboxes. What’s less acceptable is the invisibility of inactive mailboxes across the Microsoft 365 administrative interfaces. That’s excepting PowerShell, because you can always run the Get-ExoMailbox cmdlet to return the set of inactive mailboxes, like this:

Get-ExoMailbox –InactiveMailboxOnly -Properties WhenSoftDeleted | Sort WhenSoftDeleted -Descending | Format-Table DisplayName, WhenSoftDeleted

DisplayName                                  WhenSoftDeleted
-----------                                  ---------------
Jack Smith                                   17/06/2021 15:37:53
Sanjay Patel                                 26/11/2020 14:10:56
Nancy Anderson                               03/10/2020 13:14:05
Boris Johnstone                              29/05/2020 09:23:00
Sanjoyan Mustafi                             12/05/2020 15:33:08
Kerry Jones                                  12/05/2020 15:12:03
John Hubbard                                 12/05/2020 15:12:02

The WhenSoftDeleted property tells us when Exchange Online put the mailbox in that state. After a mailbox spends 30 days in a soft-deleted state, Exchange Online will remove it permanently. That is, unless a hold exists on the mailbox, in which case it becomes inactive. All of the mailboxes listed above are well past the 30-day soft-deletion period, so the holds on the mailboxes must still be active.

Inactive Mailboxes in the Purview Compliance Portal

A change which I recently noticed is the addition of an inactive mailboxes listing under Retention in the Data Lifecycle section of the Microsoft Purview Compliance portal. The case for inclusion here rather than the new EAC is that inactive mailboxes are more important to compliance than day-to-day operations. It’s a reasonable position.

Apart from acknowledging this as a starting point, it’s hard to get excited about the listing because it’s currently not very functional. You can see a list of inactive mailboxes and select a mailbox to view its properties. Unfortunately, the set of properties shown is limited (Figure 1) and you can’t do anything with a selected mailbox.

It would be nice if Microsoft allowed administrators to use the new GUI to:

• Update the display name of an inactive mailbox (the Set-Mailbox -InactiveMailbox command only updates the LitigationHoldEnabled and LitigationHoldDuration parameters for inactive mailboxes. I like to mark inactive mailboxes by updating their display name (as in Figure 1). Unfortunately, I often forget, and once the mailbox becomes inactive, its display name cannot be changed.
• Recover an inactive mailbox.
• Restore an inactive mailbox.
• Report the holds which make a mailbox inactive.
• Release a litigation hold.
• Exclude the mailbox from retention policies (so that the hold doesn’t apply).

I don’t advocate releasing inactive mailboxes from eDiscovery holds as investigators often run eDiscovery cases and administrators might be unaware of the reasons for holds placed on mailboxes.

In any case, the new page in the Purview Compliance portal is a start. Let’s hope Microsoft expands its functionality to make it easier to manage inactive mailboxes.

---

Make sure that you’re not surprised about changes which appear inside Office 365 applications by subscribing to the Office 365 for IT Pros eBook. Our monthly updates make sure that our subscribers stay informed.