I am hoping this is an easy question. We have recently merged company resources on varied levels using site-to-site VPN and domain two-way transitive trusts. Our Exchange server sits in our primary domain and we have converted local user accounts from the secondary domain with user mailboxes on the primary domain to Linked Mailboxes. These were not new accounts; however, both the wizard for creating new Linked Mailboxes as well as the EMS commands to convert existing mailboxes to Linked state disable the user account in the primary domain.
This is all well and good for every intent they are being used for except one. When we disable the local account, our Barracuda message level backup systems no longer can backup the messages in the mailbox as the system says the mailbox is disabled.
While I suppose from the view of the Barracuda appliance, this is true; however, in reality it is not. These mailboxes are actively being used by their externally linked counterparts in the trusted domain. Barracuda says there is nothing we can change to enable the message level backups on a "disabled" mailbox from within their system. We are still getting full DB backups though but this does not allow for easy retrieval or searches of messages in mailboxes.
My Question: Does the account residing in the primary domain absolutely need to be disabled? For a myriad of reasons I can see why you would want it disabled; however, I need to come up with at least a stop-gap measure for getting message level backups going again for these users. It seems that simply re-enabling the account after going through the conversion process would still work.
I've done small scale testing which show positive (the secondary domain account can still use its local SSO to access the primary domain account's mailbox without requests for additional credentials) but I was hoping for anyone's long term experience in doing this. I mean, there has to be a reason for why the local account is disabled right? I cannot find anything specific though.