Before I get into this it is VERY important to point out that this article is NOT supported by Microsoft in any way shape of form.
If you have run the Exchange 2010 Service Pack 2 Hybrid Configuration Wizard and therefore setup a configuration – you are NOT supposed to remove it.
If you have created a Hybrid Configuration, but not made use of its features – this will not affect the functionality of Exchange 2010 SP2 at all.
I have performed this process in a LAB – not in production, and I have posted it purely as a proof of concept as it came up on the MVP mailing list, and I was curious if it could be done, and therefore thought that I would share my findings, but it has not been tested for wider ramifications ~ you have been warned.
Background
OK, like me, some of you just out of curiosity might have executed the “Hybrid Configuration” wizard just to see what happens – just to let you in on the secret – what you will end up with by using the single step Configuration Wizard is a Hybrid Configuration entry within Exchange, a federation trust and a Self Signed SSL certificate for Federation on your Exchange servers (of course there is a lot more to it if you choose to actually use a Hybrid configuration) – see below;
Hybrid Configuration:
Federation Trust:
Federation Self Signed SSL:
The next thing that you will notice is that you cannot via either the Exchange Management Console, or Exchange Management Shell remove the Hybrid Configuration (mumble, mumble).
Therefore I have come up with the following process (again to reiterate that is NOT supported by Microsoft) that will remove the configuration and associated elements.
Step 1:
From within the Exchange Management Console – navigate to the “Organization Configuration” node and from the Organization configuration details window select the “Federation Trust” tab. Using the right hand mouse button – select the “Microsoft Federation Gateway” entry and from the context menu that appears choose “Remove Federation Trust” – see below
Step 2:
Navigate to the “Server Configuration” Node within the Exchange Management Console and select each server within your environment. You will see a list of certificates within the “Exchange Certificates” window – select the entry for “Exchange Delegation Federation” with the right hand mouse button and from the context menu that appears choose “Remove” – see below:
Step 3:
Open ADSI edit on your server (typically located within [ Start –> Programs –> Administrative Tools –> ADSI Edit ]) and make a connection to the “Configuration” Partition. You will need to navigate to [ Configuration –>Services->Microsoft Exchange –><Organisation Name>->Hybrid Configuration] – see below
The details pane will change to show you a “Hybrid Configuration” entry – using the Right hand mouse button – select this entry and from the context menu that appears choose “Delete” – see below
Step 4:
You will need to restart the Microsoft Exchange Service Host (MSExchangeServiceHost) service from the Services Manager on each of your Exchange Servers, and wait for AD replication to take place (if you have more than 1 domain controller) after which when you navigate back to the “Organization Configuration –> Hybrid Configuration” you will now see that the entry has gone.
{ 1 comment… read it below or add one }
thank you soooooooooooooo much for your atticle