Find mailboxes in Exchange that have disabled users.

I need to find a Exchange Mangement Shell command to find all the mailboxes that have disabled users.  The only thing i have found comes up with an empty result set, that I know should have at least 1 entry.  This is what I have so far:

$mailboxlist = Get-Mailbox -ResultSize Unlimited | ? {$_.UserAccountControl -match “AccountDisabled” -and $_.isLinked -match “false” -and $_.isResource -match “false”}
tommy porterAsked:
Who is Participating?
 
QlemoConnect With a Mentor Batchelor, Developer and EE Topic AdvisorCommented:
Viral,

very, very bad style to use ft | out-file. Unless for very specific cases, where formatting needs to be exactly that way.

But you are correct, that seems to have changed. In MSX 2007 UserAccountControl works. Online doc for 2010/2013 tells different, though (https://msdn.microsoft.com/de-de/library/microsoft.exchange.data.directory.management.mailbox.exchangeuseraccountcontrol(v=exchg.150).aspx).


So the correct command should be
$mailboxlist = Get-Mailbox -ResultSize Unlimited |
  ? { $_.ExchangeUserAccountControl -match “AccountDisabled” -and !$_.isLinked -and !$_.isResource }

Open in new window

1
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Though it is no good style, it still works (for me). But you should not use -match for boolean values, it is better to write:
$mailboxlist = Get-Mailbox -ResultSize Unlimited |
  ? { $_.UserAccountControl -match “AccountDisabled” -and !$_.isLinked -and !$_.isResource }

Open in new window

0
 
tommy porterAuthor Commented:
That did not work.  All it does is CR to the next line with no output.  thanks for the attempt, though

exchange server 2010
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Of course it does "nothing". The result is in the var. Did you check the var's content?
0
 
tommy porterAuthor Commented:
Then, I don't know where to look.  Could you elaborate?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
For testing, use
Get-Mailbox -ResultSize Unlimited |
  ? { $_.UserAccountControl -match “AccountDisabled” -and !$_.isLinked -and !$_.isResource }

Open in new window

Otherwise, $mailboxlist contains the results. You can type that in directly on the command prompt to see its value.
0
 
tommy porterAuthor Commented:
I am definitely missing something. I can't seem to get it to work.  Either i am not using it correctly or not looking in the right spot.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
What does this display?
Get-Mailbox -ResultSize Unlimited | ft -a Identity, UserAccountControl, isLinked, isResource

Open in new window

0
 
tommy porterAuthor Commented:
Something similar to this.
Capture.PNG
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
UserAccountControl is empty? Test
   Get-Mailbox | gm u*
it should list UserAccountControl as a property.
0
 
Viral RathodConsultantCommented:
Get-Mailbox | ?{$_.ExchangeUserAccountControl -eq 'AccountDisabled'} | ft Name,Database,ExchangeUserAccountControl |Out-File "c:\path.txt"
0
 
tommy porterAuthor Commented:
I ran:

UserAccountControl is empty? Test
   Get-Mailbox | gm u*
it should list UserAccountControl as a property.

and Got:

TypeName: Microsoft.Exchange.Data.Directory.Management.Mailbox

Name                         MemberType Definition
----                         ---------- ----------
UMDtmfMap                    Property   Microsoft.Exchange.Data.MultiValuedProperty`1[[System.String, mscorlib, Vers...
UMEnabled                    Property   System.Boolean UMEnabled {get;}
UsageLocation                Property   Microsoft.Exchange.Data.Directory.CountryInfo UsageLocation {get;set;}
UseDatabaseQuotaDefaults     Property   System.Nullable`1[[System.Boolean, mscorlib, Version=2.0.0.0, Culture=neutra...
UseDatabaseRetentionDefaults Property   System.Boolean UseDatabaseRetentionDefaults {get;set;}
UserCertificate              Property   Microsoft.Exchange.Data.MultiValuedProperty`1[[System.Byte[], mscorlib, Vers...
UserPrincipalName            Property   System.String UserPrincipalName {get;set;}
UserSMimeCertificate         Property   Microsoft.Exchange.Data.MultiValuedProperty`1[[System.Byte[], mscorlib, Vers...
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
See code in http:#a40623038
0
 
tommy porterAuthor Commented:
that get's me:


Name                      Alias                ServerName       ProhibitSendQuota                                      
----                      -----                ----------       -----------------                                      
DiscoverySearchMailbox... DiscoverySearchMa... xxxxxxxx         50 GB (53,687,091,200 bytes)
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Sounds like a hit!
0
 
tommy porterAuthor Commented:
Ok, that really doesn't tell me what I want to know, or I am mis-interpreting the data.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Obviously the Discovery...  mailbox is the only one being disabled, not linked and not a resource?!
0
 
tommy porterAuthor Commented:
I think the issue may be that the UserAccountControl property isn't populated, how do i change that?  it would make sense that it can't find any to match ? { $_.ExchangeUserAccountControl -match “AccountDisabled" if it doesn't exist anywhere.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
UserAccountControl has been populated with my Exchange. ExchangeUserAccountControl is the correct one, according to the doc. And you got one record by using it in the condition.  IMO the result shown is plausible.
0
 
tommy porterAuthor Commented:
I know that there is at least one user (not any shown) that has a disabled user account through ad but still has a mailbox.  I am using that as my baseline for my search.  Until that user pulls up in the result set, I know that I am not looking at or in the right spot or information.  

On looking at this result set, (http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_28621197.html#a40622199) it would be logical to assume that I should see that field populated, however it isn't.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Again, it is expected that ExchangeUserAccountControl is filled, so test
Get-Mailbox -ResultSize Unlimited | ft -a Identity, UserAccountControl, ExchangeUserAccountControl, isLinked, isResource

Open in new window

now. One of both columns should contain the AccountDisabled value.
0
 
tommy porterAuthor Commented:
I think we are on the same page, I don't have any values for the UserAccountContorl field.  That is where the issue lies.  Working on getting that populated.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
That field does not exist for you. That is why we try to tell you to look at ExchangeUserAccountControl. Did you?
0
 
tommy porterAuthor Commented:
I get some data returned, but not what I am looking for.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.