• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1632
  • Last Modified:

Deleted email addresses Still in Global Address List Months after Deletetion

Hi there,

I am having quite a serious issue with deleted user accounts still being present in Active Directory somewhere.  We found this issue after a few users who had left the company as contractors (and had their accounts deleted) became full time employees and required new user accounts and mailboxes.  

Essensially what happens is that when I create an account for one of these users, I get an error that their SMTP address is already in use.  I get no warning of username being already present.  For example, I create a new account for Joe Soap, his account gets created without incident, but his old SMTP address would have been joesoap@company.com, and this gives me an error that it already exists.  So, to get his account created, I make his SMTP address joesoap2@company.com.

The ONLY places I can see this other phantom email address is in Outlook and Exchange System Manager.  If I type Joe and press ALT-K in Outlook, I get 2 Joe Soap entires.  If I look at the properties of these, only one has valid data, such as Group Memberships and phone numbers etc.  The other one says, "Unable to Connect to Retrieve Additional Data".  If I send a message to this phantom account, I get an NDR saying "Email Address Not Found".  I don't find this other address in OWA.

Before you say, "Easy to fix!  Outlook has a cached copy of the GAL", I can also see the phantom address by running a preview of the Default Global Address List in Exchange System Manager.  I can see both accounts in this preview, but if I try and edit or delete the bad one, I get a message saying, "Active Directory Object Cannot be Found".

I have searched for lingering AD objects using repadmin, but it says there are 0 found.  I have enabled strict replication consistancy about a week ago to try and prevent any more of these problems.  We have quite a widely dispersed network with about 300 domain controllers in multiple sites.  All of the remote DCs are in a child domain with no Exchange Servers in that domain.  I have searched in lpd and followed all the technet articles I can find about removing lingering objects.  Nothing!

I have rebuilt the GAL with the Recipient Update Service a few times, but the ghosts are still there.  I identified the one account as having been deleted over a year ago, so surely any cache or anything like that would have been cleared long ago.

Any ideas or advice would be greatly valued.
0
Dunny21
Asked:
Dunny21
  • 2
1 Solution
 
David Scott, MCSENetwork AdministratorCommented:
do you have anything in your error logs pertaining to lingering objects or replication?
0
 
Dunny21Author Commented:
Nope, not really.  Our WAN is a little dodgy, and we have DCs in stores with no technical staff whatsoever.  This does mean that DCs are often switched off, or the line is down for a few days to a rural area, but nothing bad in the parent domain which is where these problem account reside.
0
 
Dunny21Author Commented:
I actually fixed it.  There were some lingering objects in the sub domain to where our Exchange servers are.  I was only looking in the primary domain, because I assumed that is where the problems would be.  After removing all lingering objects lower down in the tree, everything is working.
0
 
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now