Cogmotive Reports is now Radar Reporting! Same great reporting application, but a brand new name and look. Find out more here.

Want to save this blog for later? Download it now.

So an employee is leaving your company. It happens all the time, no big deal. But what do we do about their Office 365 account? This guide aims to answer that question. We’ll go through the following steps:

Change the Users Password
Remotely Wipe their Mobile Device
Give yourself access to the Users Mailbox and Archive
Export the Mailbox to PST for Archiving
Delete the Employee’s mailbox
Assign the Employee’s Email Address to Another Person
Set up an Auto-Responder/Out-Of-Office for the Employee
Free up or Remove the Office 365 Licence

Many of our Office 365 reports can be used to determine if the employee was a member of particular distribution groups or have a mobile device assigned to them.

Change the Users Password

When a user leaves, the first thing you want to do is reset the password on their account. Resetting their password means you can still access their mailbox but prevents them from accessing business information once they have left.

Reset a Users Password in Office 365:

Remotely Wipe their Mobile Device

If the employee has been terminated under less favorable circumstances, you may need to remotely wipe the users mobile phone to prevent them from accessing corporate information.

This needs to be done before you delete their account:

  • Log in to Office 365 as an Administrator and open the Exchange Control Panel
  • In the Exchange Control Panel, in the Select what to manage field, select Another User.
  • In the Select Mailbox dialog box, select the employee’s account, and then click OK. At the top of the page you should see which mailbox you are administering.
  • Select Phone > Mobile Phones.
  • Select the device that you want to wipe, and then click Wipe Device.
  • Double check that you’re wiping the correct user and click OK to the “Are you sure” window.
  • After the remote device wipe is complete, you can remove it from the mobile phones list.

More information about wiping a mobile device for an employee:

Give yourself access to the Users Mailbox and Archive

Before you can export the users mailbox, you need to give your account full access to the employee’s mailbox. This has to be done in Powershell.

First, connect to Office 365 using Powershell.

Then, you need to run the following command. This example gives full access to the mailbox of Obviously you need to replace these two login names with those of your own company.

Add-MailboxPermission -identity -user -AccessRights FullAccess

Export the Mailbox to PST for Archiving

Many industries and companies are required to keep employee records for a period of many years. There is no easy way to do this in Office 365 and this frustrates many people. If you want to delete the user account eventually, you’ll need to export the mailbox to a PST file and store it somewhere safe.

If you use an Enterprise version of Office 365 you can now keep the mailbox on Office 365 indefinitely.

Otherwise, you need to export the mailbox to a PST file.

Remember: PST files are notoriously unstable. So once you have a working PST file, you should back it up immediately. If you need to work on a users PST file later, do so on a copy not the original file. If the PST copy becomes corrupt you can always make another one.

To Export the mailbox using Outlook
First you need to set up a new Outlook profile and connect to the employee’s mailbox on your PC.
Then, export the mailbox to a PST file. Don’t forget to also export the Archive Mailbox if the user has one.

Alternatively, you can use a PST export tool.

Make sure you test the PST file works properly before you delete the source mailbox!

Delete the Employee’s mailbox

This is how you delete a user in Office 365:

  1. Log into the Office 365 Portal as an Administrator
  2. In the header, click Admin.
  3. On the Admin page, in the left pane, under Management, click Users.
  4. On the Users page, select the check box next to the user or users that you want to delete, and then click Delete.
  5. In the Delete confirmation message, click Yes.

Assign the Employee’s Email Address to Another Person

Once you’ve deleted the employee’s user account, you can assign their email address to another person to make sure you don’t miss any important emails. This is relatively easy, and this TechNet blog describes it much better than I ever could:

Set up an Auto-Responder/Out-Of-Office for the Employee

This is an alternative to assigning the users email address to another person. You can create an Auto-Responder, or Out Of Office message, that replies to any emails sent to the departing employee’s email address with a custom message.

The way I do this is with a Shared Mailbox. You are not charged by Microsoft for Shared Mailboxes.

Firstly, Create a Shared Mailbox with the name “Ex Employees” or something similar and give yourself permission to it. This guide explains how.

Now you need to create an Out Of Office message for the Shared Mailbox.

  1. Log into Outlook Web Access for Office 365
  2. Click your name at the top right of the screen and select Open other mailbox
  3. Type the name of the Shared Mailbox you created and click Open
  4. Click the Options button in the top right of the OWA window and select Set up automatic replies
  5. Type in the message you want people to receive when they email a person who has left the company. Make sure you paste the message into both boxes, and check the Send replies to all external senders option.
  6. Click Save

The last thing to do is add the email address for the employee to this new autoresponder mailbox. This is an easy step, and is explained here:

If you make the auto responder email a generic message, you can use this same mailbox for all future employees that leave the company. Simply add their email address to this existing mailbox.

Note: As this is effectively an Out Of Office message, each person who email’s this mailbox will only receive the auto responder message once.

Free up or Remove the Office 365 Licence

Once you’ve deleted a user, their licence becomes free for another user to user. You will still be charged for this licence until you remove it from your subscription. This is done in the Office 365 Administrator Portal.

  1. On the Admin page, in the left pane, under Subscriptions, click Manage.
  2. On the Billing and subscription management page, click a subscription name.
  3. On the Subscription details page, click Change Quantity next to Licence count.
  4. Follow the steps in the wizard.

If you found this blog post useful, and want to refer to it again, why not download it as a PDF?

Related Posts

These other blog posts may be of interest to you:


  • Great instructions! Thanks for putting them together!

  • A very important point that MS either hopes you don’t find out about, or doesn’t seem to think is important, is that changing the user’s password, and even setting the user to BLOCKED in the admin portal, has no effect on that user’s ability to send and receive emails as long as they have an active session before having their account blocked or password changed.

    I have confirmed this and even had a MS support employee witness me do it on Logmein. He told me the only way that you can actually block a user’s access is by removing the user’s license. I’m waiting for some official comment from MS on this. This is a hole as wide as the Grand Canyon, IMO. Especially that it appears that all’s well, the user is locked out, the password is changed, so there’s no way in right? WRONG:

    • Thanks for bringing it to our attention Paul. Certainly something that we want people viewing this blog to know about!

  • What if you only want to remove the Office 365 email and not wipe the entire Phone. It needs to be realized that smart phones of these days not only servers as a phone but individuals life’s revolve around them. Not everyone backs their info all the time.
    Is there a way only to wipe the Office365 information and not anything else.

  • Is this the right link?
    “The last thing to do is add the email address for the employee to this new autoresponder mailbox. This is an easy step, and is explained here:

  • I’m very keen to get Microsoft to reveal some answers on this. Last week a client had to terminate someone, so I changed the users password. Unfortunately we did not have access to the users phone, and SEVERAL HOURS later this person was still getting work emails on that phone. This is the sort of thing that can result in lawsuits, client obviously very unhappy.

    How can we prevent this from happening? Do we need to disable the entire account for 72 hours? Disable Activesync? Any other method?

    • Yank their license, the mailbox is stable for 30 days according to MS. Then after changing the password, etc. Reassign it and go about the other steps.

  • what if the user deletes all / some of his emails before leaving the company. is there an easy way of restoring those mails. Lastly can all users be blocked from deleting any emails or archiving emails.

    • You can restore deleted items in Outlook – there’s a ‘recover deleted items’ function. A knowledgeable user would know to purge this too though.

      If you want further protection that that, you’d need to look at some of the legal hold style options available in the enterprise version.

  • How do you deal with Exchange Online leaving a person’s mailbox in any dist. groups they were part of, even after the mailbox/office 365 account was completely deleted?

    Obviously I could remove them before deleting but when you only have Exchange Online that’s a real pain as you have to go into each group one by one and perform the deletion.

    I’ve tried setting the mailbox to ‘hide from address books’ before deleting the office 365 account, but this doesn’t seem to help.

  • What about OneDrive for Business data? Is that preserved when you remove the user?

  • So, here’s a situation. Our office Administrator set us up on Office 365, has access to all of our business email accounts, and got mad and left. Not coming back. So, how do we get our individual business e-mail addresses un-connected from the Office 365 account that they set up so that they cannot read our e-mails? I already tried changing an e-mail password, but it automatically migrated and changed in Office 365 despite my doing it on web-based mail. This is a nightmare!

  • You can extract all mailboxes of Office 365 accounts into emails clients based file formats (PST, MSG, EML, HTML, RTF and PDF) through third party tool. In our organization, we are using ‘Stellar Office 365 Extractor’ with full assurance of safety metrics.


  • Hi,

    Our IT Manager has left from the company since 4 months, we need to delete its email and create a forward for its gmail account for the deleted email, how can we do this? is there a way to forward a deleted email?

    Thanks in advance.

  • What happens to the user’s floating office365 licenses (the ones used on private machines)?
    Can the user retain them? Note these licenses may be used to access private accounts (like private email via outlook) or no accounts at all (like Excel).

  • Thanks for this. Great article!

  • This article helped us for the next terminated employee. One question that wasn’t addressed…why does it take so long for the password resets to work? We had a terminated employee still reading new mail 29 hours later. We now know that we can delete the license without losing their email, but is there a way (maybe in Powershell?), to make this password change immediate before they can read anymore emails? Thanks!

  • What happens with the users’ content of One Drive? Is there a way of either transferring the ownership to another user, say a replacement, or downloading all documents/folders to a ZIP file or something like that?

  • Why export to PST? If yuor licence allows it would you not use the litigation hold feature of O365 to preserve the mailbox rather than unstable PST files?

  • Heya i’m for the first time here. I came across this board and I find
    It really helpful & it helped me out a lot. I hope to provide something again and
    help others such as you helped me.

  • hi!,I really like your writing so a lot! share we keep up a correspondence more about
    your article on AOL? I require an expert on this area to resolve my problem.
    May be that’s you! Having a look ahead to peer you.

  • Marvelous, what a webpage it is! This webpage gives useful facts to us, keep
    it up.

  • I blog frequently and I genuinely thank you for
    your content. Your article has truly peaked my interest.
    I will book mark your website and keep checking for new details about once per week.
    I opted in for your Feed as well.

  • Great article.

  • Howdy! I could have sworn I’ve visited this site before but
    after going through many of the articles I realized it’s new to me.

    Nonetheless, I’m definitely delighted I found it and I’ll be book-marking it and
    checking back regularly!

  • Great site you have here.. It’s difficult to find quality writing
    like yours nowadays. I seriously appreciate people like
    you! Take care!!

  • I can’t believe 3 years later and MS still doesn’t have a function to wipe email from a mobile device without wiping the whole device. That’s nuts!

  • Is there a way to automatically remove all the recurring meetings that the terminated user has created.

  • […] Dealing with terminated employees in Office 365 … […]

Leave a Comment

Your email address will not be published. Required fields are marked *