Forum Discussion
User able to send mail with account locked
Hello and Happy New Year!
I tried to go through the official M365 support channels on this issue, but they were unable to help me.
Environment:
Local Active Directory synced to Azure/M365 via Azure AD Connect
All user mailboxes reside on Exchange Online
We found out, via a external security audit, that we had an user account, which was both locked and had an expired password, that was still able to send email out via the iOS Outlook app. We were under the impression that if an account was locked that they could still receive email, but not send.
The account was for an employee that is no longer active and thus has been archived and deleted. We are just hoping for an explanation/root cause of this and how we can hopefully prevent it from happening in the future.
Thank you,
Tony Martinac
AMIC
Hello Tmartinac,
Perhaps, the iOS device had the old log in session and had not refreshed session token. You could force sign out from all devices, by revoking sessions, in Azure AD for the concerned account.
https://learn.microsoft.com/en-us/entra/identity/users/users-revoke-access
I hope this helps.
Thank you.
