Remove all Exchange data from AD and user accounts then re-install with fresh exchange Org

Posted on 2014-03-17
Last Modified: 2014-04-02
HI All

I need to remove all data from AD relating to the Exchange 2010 org and then re-create as new.

Background Info...We have a single forest / domain running on Windows 2008R2 dcs although the DFL / FFL are both Windows 2003 server.

Recently I powered off one of our DC's that was a VM and stuck it in an isolated Test environment at the request of the management as they wanted to test Integration between our HR system and AD. I seized all the FSMO roles and manually cleaned up AD / DNS of all the DC's and sites not in use in the test lab so i was left with a single DC that was in a healthy state, i then renamed the domain from to

All is good so far, everything looks healthy from a logs perspective and dcdiag etc

Now that has finished they have thrown me  curve ball i was not expecting and requested Exchange be added to the test LAB. In prod we have 4 CAS / HT servers and 3 mailbox servers in a DAG so i do not want to P2V those into the LAB.

My preference would be to remove all exchange data from AD in test lab and all the attributes from user accounts and then install a fresh Install of exchange in a new Org and then re create blank mailboxes.

Anyone help me on how to go about this.

Question by:ncomper
LVL 37

Expert Comment

ID: 39936207
P2V or simply dragging production exchange servers into test lab won't work because you have renamed your domain

When you renamed domain, your Exchange has braked at that moment
Also even if you wipe out Exchange attributes from user properties and cleanup exchange setup from adsiedit.msc, your schema is already upgraded to work with Exchange and that changes can't be undone

At a maximum you can try by removing Exchange completely through adsiedit.msc\configuration container\service container
Then try to reinstall MS Exchange again, then delete all Exchange attributes from users and groups through Exchange EMC
The best way to deal with your situation I can see:
Prepare new domain as same name as your production domain \ the name whichever you want in isolated network
Modify AD schema with MS Exchange setup
Install brand new Exchange ORG
create required test users, groups OU structure for testing
setup application integration \ whatever testing you want
Once done replicate the changes to production environment

LVL 12

Expert Comment

by:Md. Mojahid
ID: 39936272
If you have setup new AD that is good to fresh exchange installation although you can install on same add after remove old exchange server complete information from Remove (legacy) Exchange server using ADSIEdit.
LVL 26

Expert Comment

by:Leon Fester
ID: 39937157
Do you also have a lab version of the HR software?

The best options to properly replicate the environments for simulation testing is to use the same domains.

This means isolating your LAB Domain, LAB Exchange and LAB HR system onto a single switch that is not connect to your production network.

In this scenario, you do the AD clean-up tasks as done previously and then run Exchange installation with the recoverserver options. It will read from AD and rebuild your first Exchange Server. I've not tried the Exchange disaster recover installation on a renamed domain, but it's an option you could try.
You can recover a lost server by using the Setup /m:RecoverServer switch in Microsoft Exchange Server 2010. Most of the settings for a computer running Exchange 2010 are stored in Active Directory. The /m:RecoverServer switch rebuilds an Exchange server with the same name by using the settings and other information stored in Active Directory.

Recovering a lost Exchange server is often accomplished by using new hardware. However, you can also use an existing server.

This topic shows you how to recover a lost Exchange 2010 server that isn't a member of a database availability group (DAG). For detailed steps about how to recover a server that was a member of a DAG, see Recover a Database Availability Group Member Server.

By rebuilding all the servers entirely you're actually not replicating your environment and other issue could appear when you try your integration.
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

LVL 27

Accepted Solution

Steve earned 500 total points
ID: 39937506
You're in a difficult position as it's all a bit complicated.

Firstly, it's true that you cannot P2V your exchange to add it to your lab as you have changed the domain name. Exchange cannot handle that so that option is out.
Secondly, the proper way to remove exchange attributes is part of exchange, so you cannot do this safely without the exchange server(s)
Lastly, wiping exchange and reinstalling may not be a very good replica of your existing system, so be aware that your testing of the new HR system may not reveal all the issues that your real system may experience.

Sack off your existing Lab and create it again including one of the exchange boxes. You may be able to get away without P2Ving them all but it can be a pain with so many. (this would mean you cannot amend the domain name though.

Remove the exchange system manually. The organisation can be removed using ADSIedit and the attributes can be removed using 3rd party tools. Hou can then reinstall exchange from scratch (take care with these options as messing with AD can screw your domain completely)

Sack off the existing lab and create a new one from scratch (wont be a proper version of your existing system so may not really serve as a suitable testbed.)

Remote attribute tool:

remove exchange organisation:
LVL 37

Expert Comment

ID: 39937563
Even if you replicate your environment in lab, you cannot guarantee that you will not face any issues in production

The lab is after all test lab and production setup is production setup and the scale of both setup have drastic difference

The Idea of test lab is to check basic functionality and to build confidence

Author Closing Comment

ID: 39971864
Thanks, ill try that tool

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Last week, our Skyport webinar on “How to secure your Active Directory” ( provided 218 attendees with a step-by-step guide for…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question