1) M365 Groups

• M365 Groups (Static Groups): Disabled user accounts will not be automatically removed from any M365 groups.
• M365 Groups (Dynamic Groups): Dynamic groups are managed by rules in Azure AD. When a user is disabled, they will be automatically removed from the group, as they no longer meet the criteria for membership. They will be readded automatically once their ID is enabled.

2) Microsoft Teams

• Private Teams: Disabled users are removed from private teams and channels. Users need to be manually re-added after their accounts are enabled.
• Public Teams: Disabled users are not automatically removed from public teams or channels.
• Org-level Teams: Disabled users are removed from org-level teams. Because it uses a dynamic group, users will not have access when their account is disabled; however, once the account is re-enabled, users will have access to it.

3) SharePoint and Permissions

• Disabled user accounts are not automatically removed from SharePoint permission groups. However, they will not be able to access SharePoint sites while their account is disabled. Once the account is re-enabled, users will have access to it.
• Assigning Permissions to Disabled Accounts: While an account is disabled, permissions cannot be assigned to that user in new sites or teams because M365 cannot resolve the disabled account.

4) OneDrive Permission and Data

• Access: Disabled users lose access to their OneDrive data.
• Data Retention: The data remains intact and can be accessed once the account is re-enabled.

5) Emails and Outlook

• Email Access: Disabled users cannot access their email accounts.
• Email Retention: Emails are retained and will be accessible once the account is re-enabled.

6) Workflow/Job Frequency

• Background Jobs: The frequency of background jobs (inbuilt job by Microsoft) that remove users from private teams, channels, or M365 groups can vary. Typically, these jobs run daily or as configured by your organization’s policies.

Additional Notes:

• Documentation: Maintain clear documentation of when and why user accounts are disabled.
• Communication: Inform users about the impact of disabling their accounts, especially regarding access to Private Teams.
• Re-enabling Process: Establish a streamlined process for re-enabling accounts and re-adding users to necessary groups and teams.
• Regular Reviews: Conduct regular reviews of disabled accounts to ensure they are re-enabled or deleted as appropriate.