Solved

Remove a user from a 2008 Domain / Exchange 2010

Posted on 2013-01-29
6
448 Views
Last Modified: 2013-01-29
I have an employee who left the company.  Management feels this person left nothing of value on the computer systems and should be completely deleted.  what is the recommended way to go about this..

I was thinking....
1- delete the users files (home directory)
2- remove the user from (business specifc) security groups
3 -REMOVE the mailbox from Exchange Management
4- Delete the user AD Users and Computers

As a best practice, for a user that leaves that you want to save data for, whats  the best (and simpliest) way to get email out of exchange.

Thank You
0
Comment
Question by:howmad2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 16

Accepted Solution

by:
Bruno PACI earned 500 total points
ID: 38831744
Hi,

As you're using Exchange 2010 there's only 2 steps:

1) in EMC locate the user mailbox, right-click an choose "Delete". This will remove the mailbox AND the user account. Also, no need to remove the account from any groups as deleting an account automatically make it disappear from any group.
2) Delete the user files...

For users that leave the company and that you want to keep mails but delete the mailbox, the simpliest things is to make a PST export from Exchange Management Shell with Export-Mailbox if you have Exchange 2010 SP1 minimum.
To be able to use the PST exportcmdlet Export-Mailbox, you must be grant the role "Mailbox Import Export" to the admin account that you will use, EVEN IF THIS ACCOUNT IS MEMBER OF "ORGANIZATION MANAGEMENT" !

Take a look at : http://www.stevieg.org/2010/07/using-the-exchange-2010-sp1-mailbox-export-features-for-mass-exports-to-pst/

Have a good day.
0
 
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38831751
We in our environment follow a Offboarding process

1. Take backup of Home drive
2. Take backup of Mailbox data into PST
3. Remove any delegations and any configuration
4. Delete Mailbox and AD account after 15 days

- Rancy
0
 

Author Comment

by:howmad2
ID: 38831942
I REMOVEd the Mailbox from Exchange....There was no option to DELETE.  The mailbox is disconnected now.  There doesnt seem to be an option to DELETE a disconnected mailbox, just connect it.  The user account was automatically deleted -  so I can't (re)connect it... How eliminate this mailbox and what do I do in the future since Remove didnt work (Disable?)?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 16

Expert Comment

by:Bruno PACI
ID: 38831985
Ok, sorry I'm french and Exchange console I usually see are in french, so I translated to "Delete" but it may be "remove".
The important thing is you did not use "Disable" which only delete mailbox but not the user account.

The Disconnected mailbox will be cleaned automatically after the deleted mailbox retention period which is by default 30 days.
No user can access this mailbox until an admin reconnect it to a user account !
So is it really important for you to clean this mailbox right now without waiting for the retention period !?

If the account is deleted no way to use these data event by the person that quitted the company.


Remove DID work ! What you see is the NORMAL Exchange process...


If you can't wait to definitely remove datas from the store (even if I technically don't understand why....) you may follow instructions in this article : http://glazenbakje.wordpress.com/2010/07/01/delete-a-disconnected-mailbox-from-exchange-2010/

Have a good day.
0
 

Author Comment

by:howmad2
ID: 38832077
Thank you both.  I will wait for the retention period to end.
0
 

Author Comment

by:howmad2
ID: 38832093
I've requested that this question be closed as follows:

Accepted answer: 0 points for howmad2's comment #a38832077

for the following reason:

Complete and clear solution provided

soory initially closed it wrong should be ok now...
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question