Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to safely delete the old Exchange mailbox entry from ADSI Edit ?

Posted on 2015-02-01
14
Medium Priority
?
4,898 Views
Last Modified: 2015-02-08
Folks,

My Exchange Servers in the domain are all Exchange Server 2010 SP2 and I need your assistance and guidance in how to safely deleting the old  Microsoft Exchange Server 2007 SP2 mailbox entry from the AD ?

because when issuing the following powershell command:
Get-MailboxServer | Select Name, AdminDisplayVersion, ServerRole, ExchangeVersion, IsValid, ExchangeLegacyServerRole, DistinguishedName | ft -AutoSize

Open in new window


I can still see the old entry:
Name         AdminDisplayVersion        ServerRole ExchangeVersion IsValid ExchangeLegacyServerRole DistinguishedName                                                                                                                 
----         -------------------        ---------- --------------- ------- ------------------------ -----------------                                                                                                                 
oldMAILBOX      Version 8.2 (Build 176.2)     Mailbox 0.1 (8.0.535.0)    True                        0 CN=oldMAILBOX,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Domain,CN=Microsoft Exchange...
PRODMBX02-VM Version 14.2 (Build 247.5)    Mailbox 0.1 (8.0.535.0)    True                        0 CN=PRODMBX02-VM,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Domain,CN=Microsoft Exch...
PRODMBX01-VM Version 14.2 (Build 247.5)    Mailbox 0.1 (8.0.535.0)    True                        0 CN=PRODMBX01-VM,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Domain,CN=Microsoft Exch...

Open in new window



from the DNS entries (ping test) I cannot find the object name oldMAILBOX.

But from AD Users & Computers console, I can still find the oldMAILBOX computer object with the label (Exchange 2007 CCR Computer Account). Is it safe to delete ?

What do I need to backup in case I cannot continue my Exchange Service Pack installation due to this entry missing ?

and what or where can I delete that entry from ?
0
Comment
  • 6
  • 5
  • 2
14 Comments
 
LVL 3

Assisted Solution

by:Henry Dawson
Henry Dawson earned 800 total points
ID: 40583415
Hey.....You need to ensure that you have the following backups in order to proceed with the decommissioning process:

1. System State Backup of your Active directory
2. Exchange Database Flat file Backup
3. Run ExBPA Report and Export the Report for future reference.
4. Go to Registry Editor and Export “My Computer” as Registry backup.

606128.jpg
If you have the same condition like this as shown in figure, then  you are at the right location to safely delete the old Exchange Server mailbox entry .
The best & cleanest way is to delete the whole server object. This wouldn't break your Exchange 2010 configuration. But make sure you don't delete the “Servers” folder itself.

Thanks
Henry
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40583460
Ok so in this case there is no reason for that old object to still linger in the AD database.

Is that the correct object to delete from ADSI edit ?

I'm worried that it would break my Exchange Server SP3 patching if the object is still there.
0
 
LVL 3

Assisted Solution

by:Henry Dawson
Henry Dawson earned 800 total points
ID: 40583465
Hey...
This method does not perform cleanups of references to the server object outside the server's own container.

You can use the /removeorg switch with the Exchange 2007 Setup program to remove the whole Exchange 2007 organization from Active Directory.

The /removeorg switch removes the Organization container and all sub-containers from Active Directory. You can run this command from any server in the forest, not just from an Exchange 2007 server. This command does not remove services, files, or registry keys.

Important:
Do not use this method unless you want to remove Exchange completely from your enterprise. The /removeorg switch will remove all the Exchange servers from your organization. If you do this inadvertently, you may be forced to reinstall all the Exchange servers in your enterprise.

Thanks
Henry
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 24

Accepted Solution

by:
VB ITS earned 1200 total points
ID: 40583497
Honestly the words "safely" and "ADISEdit" don't really go well together in the same sentence :)

- Click Start then click on Run
- In the Run dialog box that appears, type in adsiedit.msc
- Right click on ADSI Edit on the left pane then click on Connect to..
- Click on Configuration in the Select a well known Naming Context drop down selection then click OK
- Now expand to the following path:
- CN=Configuration,DC=domain,DC=com
- CN=Services
- CN=Microsoft Exchange
- CN=Your Organization Name
- CN=Administrative Groups
- CN=Exchange Administrative Group (FYDIBOHF23SPDLT)
- CN=Servers
- CN=Exchange 2007 Server Name
- Right click on CN=Exchange 2007 Server Name and delete it.
- Delete the computer object in AD for the old server as well if it's long gone
- Rerun the Get-MailboxServer command in your original post to verify the old server no longer appears
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40583661
Thanks VB,

Does that steps you suggest require server reboot or it will be applied immediately ?

Is there any way to export the value first as backup plan in case the Exchange Service Pack installer complaints about it ?
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 1200 total points
ID: 40583693
No need to reboot, just wait for AD to replicate.

System State backup is always recommended before you make any changes using ADSI Edit.

If you want, you can look at using the LDIFDE tool to export just the objects within the Microsoft Exchange container in AD. See these article for more help: http://www.mysysadmintips.com/windows/active-directory/266-export-active-directory-objects-with-ldifde-before-performing-changes-with-adsi-edit
http://support.microsoft.com/kb/237677

Keep in mind that this gets tricky when multiple DCs are involved as you'd have to look at disabling replication on the DC to isolate it while you do this testing.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40583707
Ah I see, my single forest domain got about 3 DC so I guess, I just take the System State backup from the Schema Master role FSMO holder. Is that correct ?
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40583709
Take a System State backup of all three DCs, won't hurt :)
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40583714
whoa.. that is so much backup just for the one entries to be deleted :-) in my previous case with Schema Master System State backup, it was 11 GB with Windows Backup.

So how do I restore it in case it causes a problem later on with the Exchange Server SP3 setup ?
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 1200 total points
ID: 40583745
Haha I forget that not everybody has free disk space for these sort of things! It's still worth it though if you're concerned about something happening to AD in the event of an issue.

So how do I restore it in case it causes a problem later on with the Exchange Server SP3 setup ?
I'd say this all depends on your internal DR procedures really. I assume you would perform a full restore on all your DCs using the System State images taken earlier as changes in ADSI Edit can't easily be reversed.

With that being said I really can't see how the 2010 SP3 install will have any effect on an old defunct Exchange 2007 server. How long has this server been offline? Are you seeing any strange issues right now? Have you properly migrated and moved all PFs to the new 2010 PF database?

It's worth noting that removing an Exchange 2007 server using ADSI Edit isn't supported by Microsoft (doesn't mean it can't be done though) and I'm also not a very huge fan of it. My preferred method is to bring the 2007 server online then gracefully uninstall Exchange.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40583754
Well it's been decommissioned or no longer in the Domain since 2011.

I've just joined this company 1 month and didn't know what's the story behind the old exchange server 2007 that was not decommissioned properly.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40583757
Yep that doesn't help. The ideal scenario here would be to set up a virtual test lab with your DCs and Exchange servers + 1 workstation and make the necessary changes there. Unfortunately not everybody has the resources or time to do this, however if you really want to be sure the SP3 install won't break your environment then this would be the way to go.
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 40597341
Thanks !
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
This video discusses moving either the default database or any database to a new volume.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question