Removing In-Place Hold doesn't work for mailboxes in different domains in Exchange Server 2019 and 2016

Applies to: Exchange Server 2019Exchange Server 2016

Symptoms


In a Microsoft Exchange Server 2019 or Exchange Server 2016 environment, consider the following scenario:
  1. You create an organization that has at least two domains. A mailbox for userA is created in the domain that does not have Exchange server.
  2. Run the Set-ADServerSettings -ViewEntireForest $true cmdlet.
  3. You create an in-place hold by using the New-MailboxSearch -Name <Hold1> -SourceMailboxes <userA> -InPlaceHoldEnabled $true cmdlet.
  4. Run the Get-Mailbox cmdlet for the userA and view the In-Place Hold value. The GUID should be populated because it's now part of an in-place hold.
  5. Run the Set-MailboxSearch <Hold1> -SourceMailboxes $null -InPlaceHoldEnabled $false cmdlet.
  6. Run the Get-Mailbox cmdlet again and note the value should not be populated.
  7. Run the Remove-MailboxSearch cmdlet for Hold1, it should be get removed.
In this situation, you find the In-Place Hold attribute isn't cleared from the mailbox that's in another domain. Therefore, the Remove-MailboxSearch cmdlet doesn't work as expected.

Cause


Recipient session has the forest level access when enabling In-Place Hold, whereas when disabling the In-Place Hold by using the Set-MailboxSearch cmdlet, the recipient session has access only to the current domain. Therefore, disabling the In-Place Hold does not clear the in-place hold attribute from the user's mailbox that’s in another domain. In addition, running the Remove-MailboxSearch fails. As the In-Place Hold attribute from the user's mailbox that's in another domain is still present, it's impossible to remove the mailbox search.

Resolution


To fix this issue, install one of the following updates:

References


Learn about the terminology that Microsoft uses to describe software updates.