How Do I Handle Inactive Accounts in Microsoft 365 E3?
Benjamin Gbolaru
Microsoft 365
December 17th, 2024
To handle inactive accounts in Microsoft 365 E3, identify them using audit logs or reports and take appropriate actions, such as disabling, deleting, or reassigning licenses. Regular reviews and automation ensure inactive accounts don’t pose security risks or consume unnecessary resources.
Steps to Manage Inactive Accounts in Microsoft 365 E3
Use Microsoft 365 Admin Center or PowerShell to find inactive accounts.
Admin Center:
Go to Users > Active Users.
Use filters to identify users with no recent activity.
PowerShell Command:
Run the following script to list inactive accounts:powershellCopy codeGet-MsolUser -All | Where-Object { $_.LastPasswordChangeTimestamp -lt (Get-Date).AddDays(-90) }
Adjust the -90 days based on your inactivity threshold.
2. Review Account Activity
Check the usage activity for the identified accounts.
Use Microsoft 365 Usage Reports to monitor login activity for:
Outlook (Email)
Teams
SharePoint
OneDrive
Log in to Admin Center > Reports > Usage for detailed data.
3. Take Action on Inactive Accounts
Depending on the account’s status, choose the appropriate action:
Action
When to Use
Steps
Disable the Account
Account may be needed later.
– Go to Active Users. – Disable sign-in.
Remove License
To free up unused licenses.
– Navigate to the user profile. – Remove assigned licenses.
Delete the Account
No longer needed permanently.
– Ensure data backup. – Go to Active Users and delete.
Convert to Shared Mailbox
Former employee’s emails needed.
– Remove license. – Convert mailbox to shared.
4. Backup Data Before Deleting Accounts
Ensure critical data is not lost before deleting accounts:
Export mailboxes using eDiscovery.
Archive documents from OneDrive and SharePoint.
Use third-party tools for automated backups.
5. Automate Inactive Account Management
Use Azure AD to automate detection and management:
Enable Azure AD Conditional Access Policies to monitor user inactivity.
Set up automated workflows with tools like Power Automate to disable accounts after defined periods.
Best Practices for Managing Inactive Accounts
Set Inactivity Thresholds: Define a timeframe for account inactivity (e.g., 90 days).
Schedule Regular Reviews: Conduct quarterly audits of inactive accounts.
Implement Multi-Factor Authentication (MFA): Reduce risks for inactive accounts.
Document Account Policies: Maintain clear policies for handling inactive accounts.
Why Is Managing Inactive Accounts Important?
Improves Security: Prevents unauthorized access to unused accounts.
Optimizes Costs: Frees up licenses for active users.
Ensures Compliance: Keeps data organized and aligned with internal policies.
Need Help Managing Microsoft 365 E3 Accounts?
Medha Cloud can help you efficiently manage inactive accounts, improve security, and optimize licensing.
Contact Medha Cloud today for a free consultation!
I'm Benjamin, a Microsoft 365 Specialist, helping small and large businesses deploy, configure, and secure M365 environments to maximize the benefits of Microsoft tools. With sound expertise in driving cloud adoption, identity and access management (IAM), security monitoring, system reliability, and proactive troubleshooting.
