Forcing the removal of Exchange Attributes on a Directory User (the RemoveExchangeAttributes tool)…
There have been may points over the years where I have personally (not sure if anyone else out there has encountered this) where I have forcibly needed to disassociate (or remove) a user account from its mailbox.
Normally this would be accomplished via the Exchange Management Shell using the Disable-Mailbox or the Remove-Mailbox -StoreMailboxIdentity -Database CMDLETS in a production environment.
However if you have found yourself in the situation where the Mailbox Server has been rebuilt without an suitable backup – or more to the point where Exchange has been forcibly removed from Active Directory which results in having a number of accounts which point to a Mailboxes on a Mailbox Server which no longer exists – I am sure that you are aware of how much of a pain it is to rummage around in AD – remove the required attributes for all of those accounts and reconnect them.
This is exactly where I found myself again recently within my LAB environment.
Essentially like many Exchange Admins I have been testing Exchange 2010 (the initial CTP build).
However due to work commitments I had not had a chance to get really deeply involved in with it, so with the fact that I had more time recently I decided to uninstall the CTP builds and replace them with the RC build.
I uninstalled the CTP from my LAB 2008 servers (which required quite a bit of messing around with the guts of AD) – I completely forgot to remove the mailboxes from the user accounts in AD (this will give you and idea of how much messing around in AD that I needed to do as normally you cannot uninstall Exchange from a MBX server unless you have moved – or removed the accounts).
This resulted in the administrator account which was resident on the previous CTP 2010 mailbox server being orphaned from my new Exchange 2010 MBX servers (which was to be expected) – I jumped into the Exchange Management Console and navigated to [ Microsoft Exchange –> Microsoft Exchange On-Premises –> Recipient Configuration –> Mailbox ] – see below;
When creating a new mailbox and choosing the “ [ Existing users –> Add ]” – see below;
The select user process would not find the Administrator Account (or for that matter – any of the 500 test accounts that no longer had mailboxes – as they were configured to do so on the previous CTP build) – see below;
So with this in mind ( and given that I had come across this so many times before) I decided that I was going to write a command line based tool which (when combined with a script) can be used to selectively remove the Exchange attributes from an AD account so you can create New mailboxes within Exchange.
Today I am pleased to announce the release of the Exchange “RemoveExchangeAttributes” tool.
Download / Installation:
You can download the tool from the following location:
It should be downloaded into “c:\RemoveExchangeAttributes” – on either a Domain Controller within the Domain where the previous mailbox server was resident or onto the new Exchange Server.
- .NET 2.0
- Exchange 2007 / Exchange 2010 (tested against the RC build)
NOTE: This tool is destructive – it will forcibly disassociate a mailbox from its AD account – this process is not easily reversible and should not be performed unless you have good reasons (like the examples used in this article). This is very much use at your own risk – neither Microsoft nor I will be able to support you if something goes wrong – it should only be used in the most severe of circumstances – you have been warned!
The tool weighs in at 11KB in size and when executed (from the Windows Command Prompt) require two parameters: which are as follows:
<samAccountName> info - or <samAccountName> remove
The operating parameters “info” and “remove” are CASE Sensitive and should be in lower case. Therefore usage examples are:
RemoveExchangeAttributes.exe administrator info
RemoveExchangeAttributes.exe administrator remove
Below is an example of the tool being executed in “info” mode:
Below is an example of the tool being executed in “remove” mode:
After executing the tool in remove mode against the chosen account(s) – open the Exchange Management Console and you try to create a new user from an existing account (as per above) you should now see the missing accounts – see below;
So if you should find yourself in the same position as myself above – I hope that you find this tool useful!