adclean generates duplicates in 5.5 gal

Posted on 2005-03-27
Medium Priority
Last Modified: 2008-02-01

I'm moving mailboxes from several 5.5 Exchange servers to a 2K3 one.
Exchange servers are in different sites within the same organization. The 2K3 one is in another administrative group.
There is also a 2K3 Exchange server member of a 5.5 site and running adc.

For a couple of mailboxes, things didn't go well.The mailbox has been moved, but there are now 2 entries in my 5.5 gal. One for the moved mailbox (2K3 mailbox attached to a 2K3 windows account), and a phantom one (2K3 mailbox attahced to a nt4 account).
The nt4 account has been moved through admt with no error.
I guess that there must be a problem with adclean and adc. Adclean has been launched after the mailbox has been moved. As far as I understand hiw it works, it removes Exchange attributes from the disabled ad account, put these attributes to the fresh 2K3 account, then delete the disabled account.
It seems that adc sometimes can't replicate the deletion of the disabled account.
So the gal has either the 2K3 account and the disabled one.
My problem is that I can't remove this entry from the 5.5 gal. Moreover, both entries have the same email address. The user can no longer receive emails from outside.

This is a curious but extremely awkward issue that I can't reproduce. I had to stop the migration. I first need to know how I can remove duplicates from the gal and understand how they are generated.

Thanks in advance for any help.
Question by:fho
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 13641416
Exchange 2003 Active Directory Account Cleanup Wizard is only for to merge the duplicate objects for mailbox logon purposes.Its purpose is to to solve problem related to migrated users who are not able to logon to their mailboxes after you use Active Directory Migration Tool and Active Directory Connector


Author Comment

ID: 13642537
That's how I use it.
ADC has generated the creation, in AD, of several inactive users relative to NT4 users. Each of them is bound to a 5.5 mailbox.
During the migration of a NT account and his mailbox :

The NT user is moved from NT4 to W2K3 (admt),
The mailbox associated to this user is moved from Exchange 5.5 to 2K3 ("ad user and computers" mmc),
Until I use Adclean, the moved mailbox is still associated to the inactive user. Adclean merges the moved mailbox to the 2K3 user and deletes the inactive user.

But, .... after this last operation, it seems that, sometimes,  ADC can't replicate correct information to 5.5. There are 2 lines in the GAL for my migrated user (a good one, and an orphan one).
I'd like to remove this last one.
LVL 26

Expert Comment

ID: 13648814
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

LVL 26

Expert Comment

ID: 13648827

Author Comment

ID: 13724022
Excuse my late answer, but I've been far from my email for a couple of says.
thanks for these pieces of information. I already knew them.
Unfortunately, they don't solve my problem.

It seems that, having several 5.5 sites, the 2003 inactive user is deleted by AdClean before the replication between my 5.5 sites is finished. It must explain why, sometimes, there are duplicates.
I know how to do to avoid having this issue again.

My problem is that I can't figure out how to remove orphan users.

All of them are "coming from" AD as in the 5.5 GAL. On the General Tab of the property of each duplicate entry, Home Site and Home Server values are those of the 2003 Exchange server. Raw properties show similar information.

The problem is that I can't find them in the AD, even through AdsiEdit.
So, I can't delete them.
I was wondering if there was some way to recreate an account in the AD with same properties as the orphan user, then to run ADC so that this new user is bound to the orphan. If I can do that, it would allow me to remove the orphan user from the 5.5 GAL. If yes, which attributes must match ?

Author Comment

ID: 13760822
We finaly found the solution (with the assistance of Microsoft).

We could detect and delete the orphan user through LDP on the SRS. It seems that the SRS is the only place where it was possible to delete this user (it couldn't be found in the AD, neither in 5.5 directory).

It worked perfectly.

Accepted Solution

RomMod earned 0 total points
ID: 13902611
The question has been PAQ'd and the 500 points have been refunded.
Community Support Moderator

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question