If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
Script needed - Remove all server-side forwarding from mailboxes where the AD account is disabled
Current client NEVER removes old mailboxes. All they do is disable the AD account and set the mailbox to be hidden from the GAL.
However, now they are aware that there are a lot of these that still have active autoforwards set to external addresses. Not good. So they want these rules gone.
However, now they are aware that there are a lot of these that still have active autoforwards set to external addresses. Not good. So they want these rules gone.
Asked:
2-
2
- +1
2 Solutions
LVL 26
Instead of that, why not dump the mailboxes to PST and delete the mailbox? Saves space and you don't have to keep old accounts around.
even if you disable ad account and hide it from GAL, it won't stop receiving new mails on mailbox and since forwarding if removed, it will simply filling space in that mailbox and nobody will see those mails
Better if you delete mailbox as well as suggested above
Better if you delete mailbox as well as suggested above
It's a bit more challenging to do for disabled accounts but you stated the accounts are disabled and the mailbox hidden from the address lists. In that case, lets target those mailboxes that are hidden from the address lists.
For all mailboxes with the HiddenFromAddressListsEnab
Hope this helps.
For all mailboxes with the HiddenFromAddressListsEnab
Get-Mailbox -ResultSize Unlimited | Where { $_.HiddenFromAddressListsEnabled -eq $true } | Set-Mailbox -DeliverToMailboxAndForward $false -ForwardingSmtpAddress $null -ForwardingAddress $null
Import-CSV "DisabledUsers.csv" | foreach-object { Get-Mailbox -Identity $_.DisabledUser | Set-Mailbox -DeliverToMailboxAndForward $false -ForwardingSmtpAddress $null -ForwardingAddress $null }
Hope this helps.
Thanks all. Yes it would be easier to remove the old accounts of course. BUT its up to my client not me to decide this - I just advise lol.
Paul, thanks for getting back to us and accepting the question. Just wanted to ask though why you accepted Mahesh's answer when all he did was agree with me?
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Administration of Active Directory does not have to be hard. Too often what should be a simple task is made more difficult than it needs to be.The solution? Hyena from SystemTools Software. With ease-of-use as well as powerful importing and bulk updating capabilities.
Tackle projects and never again get stuck behind a technical roadblock.
Join Now