Forcing the removal of Exchange Attributes on a Directory User (the RemoveExchangeAttributes tool)…

by Andy Grogan on September 2, 2009 · 17 comments

in Exchange 2007 (General), Windows 2003 - ADSI

There have been may points over the years where I have personally (not sure if anyone else out there has encountered this) where I have forcibly needed to disassociate (or remove) a user account from its mailbox.

Normally this would be accomplished via the Exchange Management Shell using the Disable-Mailbox or the Remove-Mailbox -StoreMailboxIdentity -Database CMDLETS in a production environment.

However if you have found yourself in the situation where the Mailbox Server has been rebuilt without an suitable backup – or more to the point where Exchange has been forcibly removed from Active Directory which results in having a number of accounts which point to a Mailboxes on a Mailbox Server which no longer exists – I am sure that you are aware of how much of a pain it is to rummage around in AD – remove the required attributes for all of those accounts and reconnect them.

This is exactly where I found myself again recently within my LAB environment.
Essentially like many Exchange Admins I have been testing Exchange 2010 (the initial CTP build).

However due to work commitments I had not had a chance to get really deeply involved in with it, so with the fact that I had more time recently I decided to uninstall the CTP builds and replace them with the RC build.

I uninstalled the CTP from my LAB 2008 servers (which required quite a bit of messing around with the guts of AD) – I completely forgot to remove the mailboxes from the user accounts in AD (this will give you and idea of how much messing around in AD that I needed to do as normally you cannot uninstall Exchange from a MBX server unless you have moved – or removed the accounts).

This resulted in the administrator account which was resident on the previous CTP 2010 mailbox server being orphaned from my new Exchange 2010 MBX servers (which was to be expected) – I jumped into the Exchange Management Console and navigated to [ Microsoft Exchange –> Microsoft Exchange On-Premises –> Recipient Configuration –> Mailbox ] – see below;

Example-Attr-1Ex2010

When creating a new mailbox and choosing the “ [ Existing users –> Add ]” – see below;

Example-Attr-2Ex2010

The select user process would not find the Administrator Account (or for that matter – any of the 500 test accounts that no longer had mailboxes – as they were configured to do so on the previous CTP build) – see below;

Example-Attr-3Ex2010

So with this in mind ( and given that I had come across this so many times before) I decided that I was going to write a command line based tool which (when combined with a script) can be used to selectively remove the Exchange attributes from an AD account so you can create New mailboxes within Exchange.

Today I am pleased to announce the release of the Exchange “RemoveExchangeAttributes” tool.

Download / Installation:

You can download the tool from the following location:

ESEUtilGUIIcoRemove Exchange Attributes Tool – Version 1.0 – [11KB]

It should be downloaded into “c:\RemoveExchangeAttributes” – on either a Domain Controller within the Domain where the previous mailbox server was resident or onto the new Exchange Server.

Requirements:

  • .NET 2.0
  • Exchange 2007 / Exchange 2010 (tested against the RC build)

Usage:

NOTE: This tool is destructive – it will forcibly disassociate a mailbox from its AD account – this process is not easily reversible and should not be performed unless you have good reasons (like the examples used in this article). This is very much use at your own risk – neither Microsoft nor I will be able to support you if something goes wrong – it should only be used in the most severe of circumstances – you have been warned!

The tool weighs in at 11KB in size and when executed (from the Windows Command Prompt) require two parameters: which are as follows:

<samAccountName> info - or <samAccountName> remove

The operating parameters "info" and "remove" are CASE Sensitive and should be in lower case. Therefore usage examples are:

RemoveExchangeAttributes.exe  administrator info

or

RemoveExchangeAttributes.exe  administrator remove

Below is an example of the tool being executed in “info” mode:

Example-Attr-4Ex2010

Below is an example of the tool being executed in “remove” mode:

Example-Attr-5Ex2010

After executing the tool in remove mode against the chosen account(s) – open the Exchange Management Console and you try to create a new user from an existing account (as per above) you should now see the missing accounts – see below;

Example-Attr-6Ex2010

So if you should find yourself in the same position as myself above – I hope that you find this tool useful!

{ 17 comments… read them below or add one }

David Harrington May 22, 2011 at 1:22 am

Thank you for making my nightmare a little better!!!

Reply

Thorsten October 27, 2011 at 11:30 am

Thank you very much for this great tool

Reply

Sean Aindow November 29, 2011 at 4:07 pm

Brilliant Tool, Thanks

Reply

Gary June 2, 2012 at 1:55 pm

YOU THE MAN!!! I was missing with this for hours.

Reply

Gary June 2, 2012 at 1:55 pm

Messing with this for hours*

Reply

Benjamin DePaz June 24, 2012 at 10:37 pm

This is an amazing tool!!! I had an exchange disaster that went on for two days and finally I found this tool which ended the horrible nightmare. Thanks so much!!!

Reply

Rene July 16, 2012 at 11:54 am

Thanks for the tool. Ik workls great.

Reply

Mohammed September 6, 2012 at 8:29 am

Thanks, excellent tool. You made my day.

Reply

Jernej October 8, 2012 at 7:56 pm

Great work many THANKS!! Brilliant.
You saved my friend a lot of trouble.

Reply

Rakesh December 17, 2012 at 5:35 am

thanks, Great MAN. You save my a lot times.

Reply

Mike December 18, 2012 at 8:47 pm

GOD BLESS YOU. Seriously, saved so much time.

Reply

Nigel January 23, 2013 at 3:29 pm

What a legend…Cheers!

Reply

ralf February 17, 2013 at 1:14 pm
Andy Grogan February 17, 2013 at 1:18 pm

Thanks Ralf – that works ok if you are using Exchange 2003 and there is not something fundamentally wrong with the mailbox. The tool is targeted at Exchange 2007 specifically – where I have seen the cmdlets in the article fail and just to reiterate – there is no supported means of doing this outside the cmdlets – this tool is for use in non-production environments only.
Cheers
A

Reply

ralf February 17, 2013 at 1:25 pm

Hey Andy,

ah ok, i hab some trouble with exchange 2003 (on a sunday.. http://mjd.pl/adminspotting.png)
i had to fully reinstall the sbs server, i created the ad-users (with!) exchange mailboxes and after this i restored a offline backup of exchange. this was the failure because i cant reconnect the mailboxes as the users had mailboxes – therefore i had to remove the ex-attributes so it was possible to reconnect the restores mailboxes.

so, if some one has to reinstall sbs:
DONT CREATE THE USERS *WITH* EXCHANGE MAILBOXES ;)

Reply

Stefan July 17, 2014 at 12:32 pm

Works like a charm,Exchange 2010

Reply

rituraj July 23, 2014 at 8:42 am

Thanks you very much you saved my day

Reply

Leave a Comment

*

Previous post:

Next post: