Around three years ago I released a small command line based tool which forcibly removed the Exchange related attributes from a user within Active Directory. The original rationale behind writing the tool was:
There have been many points over the years where I have personally (not sure if anyone else out there has encountered this) where I have forcibly needed to disassociate (or remove) a user account from its mailbox.
Normally this would be accomplished via the Exchange Management Shell using the Disable-Mailbox or the Remove-Mailbox -StoreMailboxIdentity -Database CMDLETS in a production environment.
However if you have found yourself in the situation where the Mailbox Server has been rebuilt without an suitable backup – or more to the point where Exchange has been forcibly removed from Active Directory which results in having a number of accounts which point to a Mailboxes on a Mailbox Server that no longer exists – I am sure that you are aware of how much of a pain it is to rummage around in AD – remove the required attributes for all of those accounts and reconnect them.
Recently I found myself in the situation again (through me messing something up in my lab (again!)) – and I needed to remove the attributes from a number of accounts. I went to my old tool – and found that whilst it worked ~ it was not particularly good when you needed to use it in bulk.
I also found that due to the various changes that have happened in Exchange since I released the original code – there were a number of attributes that the tool does not clear up as they were not present on the user properties at the time (there have been a number of schema updates which have added properties to user mailboxes).
So, I decided to rewrite the tool so that it was capable of working on multiple mailboxes and add in some additional attributes to be removed that have been added into Exchange since version 1.0 of the tool was published.
The REA is HIGHLY destructive – it is designed for use in very particular circumstances, and only as a last resort. I cannot be held responsible for any data loss that might occur as a result of using this tool. Please ensure that you understand the ramifications of using this tool against a WORKING mailbox(es):
- The Active Directory Account will be orphaned from the Mailbox within the database
This tool is designed for use against Active Directory accounts where the mailbox, mailbox database or server are no longer available and the normal Exchange cmdlets do not work.
Microsoft does not, and will not support this use of this tool – use at your own risk!
- .Net Framework 3.5 Service Pack 1
- Exchange 2010 and Exchange 2013 – Only
- Needs to be executed in the context of a Domain User account
Double click on the installation binary file “REA.exe”.
You will be asked if you wish to continue with the installation – click on the “Yes” button if you wish to proceed.
Select your desired location for the main tools binary to be placed (remember this location as the installer does not create icons in the Start menu) When done click on “Unzip”.
When the process has completed you will be presented with the “Successful” dialog box – click on “OK” to exit.
Start the tool by double clicking on the tool binary file from the location where you installed it during the installation process.
When the tool has executed – in the “samAccountName” field type in the account name of user that you wish to forcibly remove the attributes of.
When done, click on the “Search” button.
The account details pane will populate – review the information to ensure that you are happy to proceed.
Click on the “Add >>” button which will transfer the account to the “Selected Mailboxes” window. Repeat the process to add further accounts for processing.
When ready – click on the “Remove” button. The tool will then process each account and remove all of the relevant Exchange attributes from the account.
The old version of tool will remain available as it is still compatible with versions of Exchange from 2003 to 2007.