Exchange: Find Disabled Accounts with Mailboxes Via PowerShell
Summary: This article will go over how to search for disabled users with mailboxes. This is part 2. In part 1; this was done using ADUC.
Exchange: Find Disabled Accounts with Mailboxes
http://msexchangetips.blogspot.com/2007/06/exchange-find-disabled-accounts-with.html
This part will go over how to use powershell.
1. Download Quest powershell. http://www.quest.com/activeroles-server/arms.aspx
Run the following query. I like to export just the name, description and altrecipient to find out if the mailbox is doing any forwarding as well.
[PS] H:\>get-qaduser -includedproperties altrecipient, homeMDB -disabled | select-object -property "name", "description" , "altrecipient", "homeMDB" > c:\mailboxes.csv
Then sort by HomeMDB
James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com
Exchange: Find Disabled Accounts with Mailboxes
http://msexchangetips.blogspot.com/2007/06/exchange-find-disabled-accounts-with.html
This part will go over how to use powershell.
1. Download Quest powershell. http://www.quest.com/activeroles-server/arms.aspx
Run the following query. I like to export just the name, description and altrecipient to find out if the mailbox is doing any forwarding as well.
[PS] H:\>get-qaduser -includedproperties altrecipient, homeMDB -disabled | select-object -property "name", "description" , "altrecipient", "homeMDB" > c:\mailboxes.csv
Then sort by HomeMDB
James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com
posted by jamestechman at 12:39 PM
10 Comments:
Hi James,
If I were you I would remove the ldap filter for disabled users and use the builtin -disabled parameter (less to type),
you can also remove (objectClass=User) since get-qaduser gets user objects only :)
I would also add -sizeLimit 0 to bypass the 1000 objects limit and pipe the results to export-csv.
Even Better! Thanks Shay; you are the powershell master!!
Hi James,
I've got a nagging problem that maybe you can post about.
Scenario: VP has an assistant who is a delegate and has explicit permissions to calendar, etc. Assistant leaves the company and her mailbox is deleted (AD account still exists, no MSX attributes). All explicit permissions and delegate status have been removed from VP's account.
Now, internal users sending meeting requests to the VP get NDR message from the *assistant*: "The e-mail account does not exist at the organization this message was sent to." The request is received by the VP but the NDRs are annoying to the people sending meeting requests to the VP.
I have already used adsiedit to verify no attributes in VP's account are still set for the assistant.
Sorry to leave this as a comment - I couldn't find a better way to post on your blog, and you looked like a good person to ask. :)
Thanks,
Alyssa
Alyssa,
You've probably already tried this, but we've run into this too and using the outlook.exe /cleanserverrules switch has helped clear this sometimes. When that fails, using the MFCMapi tool to remove the hidden rule from the VP's mailbox will work. Be careful using this tool as it is easy to hose the mailbox when used improperly. Make sure you review the doc before running it against the mailbox.
Pat: I'd be too wary with the MFCMapi tool... do you have any other suggestions?
The Hogan scarpe
reminds to the spring’s pure coolers. Have a look at our fashion store online where you can find the Hogan scarpe donna
. The modern atmosphere of the hogan donna
campaign is not only in the items used. Among the many interesting points he made was that Hogan scarpe uomo
swing was very difficult to copy.
I love when I find these blogs that post information regarding technology and all of those aspects of the worldwide information.
I can't find part 1 of this articles.
That is very good comment you shared.Thank you so much that for you shared those things with us.Im wishing you to carry on with ur achivments.All the best.
Wow, there is a great deal of useful data above!
Post a Comment
<< Home