Hybrid Exchange - 3 step deprovisioning necessary when using archive

The Microsoft documentation for the Disable-RemoteMailbox powershell cmdlet states:

Note: If you are deprovisioning a cloud mailbox and its associated online archive, you must first disable the online archive with the command Disable-RemoteMailbox -Archive and then perform a directory synchronization prior to disabling the remote mailbox. Attempting to disable both the online archive and cloud mailbox without a sync between them may result in an ArchiveGuid mismatch and validation error.

So 3 steps are required to deprovision a mailbox correctly:

1. Call Disable-RemoteMailbox "David Strome" -Archive
2. Wait for the AD Connect directory synchronization
3. Disable-RemoteMailbox "David Strome"

Is step #2 necessary if you also disable the on-premise AD user and you exclude disabled users from the directory synchronization, effectively deleting the AAD user and eventually the user and archive mailboxes?

If the person comes back for a new work period, the on-premise AD user is enabled. That may happen within the 30 days retention period for the mailboxes.

Solution 1:

It is still recommended that you perform step 2 and it only takes 1-2 minutes to force synchronization.

To force a synchronization from AD to Azure AD PowerShell is used. To perform a delta synchronization run:

Start-ADSyncSyncCycle -PolicyType Delta

To perform a full synchronization use:

Start-ADSyncSyncCycle -PolicyType Initial