de-DEen-GB
 
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.

Exchange Server 2013Exchange Server 2016Description

This script removes Active Directory objects for HealthMailboxes or SystemMailboxes in the Microsoft Exchange System Objects (MESO) container that do not have a homeMDB attribute set.

It is highly recommended to run the script with -WhatIf parameter to check objects first.

Information about accounts deleted or supposed to be deleted are written to a log file.

Requirements

Examples

# EXAMPLE 
# Perform a WhatIf run in preparation to removing SystemMailboxes having an empty database attribute
.\Remove-OrphanedMailboxAccounts.ps1 -SystemMailbox -WhatIf
    
# EXAMPLE 
# Remove HealthMailbox(es) having an empty database attribute
.\Remove-OrphanedMailboxAccounts.ps1 -HealthMailbox

Example log file

2017-02-10 10:18: 11488      - Info     - Script started
2017-02-10 10:18: 11488      - Info     - WhatIf Preference: True
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | 10 objects found
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailboxd32b165a6adf45518c8498fba3c7c93a,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailbox6b66930902d8430e831df7b086bfd49b,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailbox6bf99bdc31474217a6fdc4cd83260e88,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailboxd4410bf131b34907b6a96a7e65263db1,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailbox98f334580dbf457ca2a6d1a19fdf49d1,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailboxc16704bf98c94f5e8453c7955d7897b5,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailboxa64fe085bdff46a786d68782c5070bf1,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailbox6c56f94506974a1183c6b71eebb63406,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailbox9b6666d46aa746e3848f3240e418d731,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Cleaning HealthMailboxes | Delete CN=HealthMailboxb2bd3d4725b249bab81eeed35666de0f,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de
2017-02-10 10:18: 11488      - Info     - Script finished

Version History

  • 1.0, Initial community release

Links

Follow

 

Read More »
On July 25, 2015
0 Comment
3030 Views

Problem

When you mail enable an Exchange legacy public folder, a system object is created in Active Directory which is stored in the so called MESO object container

  • CN=Microsoft Exchange System Objects, DC=MCSMEMAIL, DC=DE

The object created contains all required attributes for Exchange address lists and other Exchange attributes.

When you mail disable a public folder Exchange Server is supposed to delete the MESO object as well. For some reason that might not happen. In this case the public folder will show in Public Folder Management Console as mail disabled, is still capable of receiving emails sent to its email address.

From an Exchange perspective, the email address can still be resolved, because a system object containing the email address still exists.

At first it looked like a permission issue on the MESO object container, but it wasn’t.

Solution

A Microsoft KB article described the issue for a single forest, multi-domain environment and a similar issue with Exchange Server 2010.

Configure the following registry on each Exchange Server hosting a public folder database and restart the MSExchangeIS service.

  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MsExchangeIS\ParametersSystem
  • DWORD (32 bit)
  • EnableDeletePFProxyAndStorePropTogether
  • Value = 1

In addition you should name the public folder and domain controller in the Exchange cmdlet

Enable-MailPublicFolder “\Public Folder Name” –Server PUBLICFOLDERSERVER –DomainController DC01

When you mail enable an exisiting public folder which looks like being mail disabled, but still having an (old) MESO object, a new MESO object will be created. The situation will be as follows:

  • Old MESO object attributes
    • displayName=Public Folder Name
    • CN=Public Folder Name
    • mail=PublicFolderName@mcsmemail.de
  • New MESO object attributes
    • displayName=Public Folder Name
    • CN=Public Folder Name 38513598
    • mail=PublicFolderName2@mcsmemail.de

The result is not necessarily as expected, as the old MESO object is orphaned an never reconfigured again.

Orphaned objects need to be cleaned up manually and beeing recreated again, if necessary. In an Exchange environement that has been migrated from ancient versions to 2010, you might already have a lot of MESO objects having digits added to their common names.

You can cleanup the MESO obejcts as follows:

  1. Delete orphaned object in MESO container
  2. Mail enable public folder

This results in a correctly named and configured MESO object. You can use Bill Long’s PowerShell script to identify orphaned public folder objects in the MESO container.

Note

This information is related to legacy Exchange public folders being hosted on Exchange Server 2007 and/or Exchange Server 2010.

The solution has been validated for Exchange Server 2007 as well, even though the KB article has been published for Exchange Server 2010 only.

Links

 


This post had originally been posted at my former blog SF-Tools.

You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid? You are interested what Exchange Server 2016 has to offer for your environment?

Contact me at thomas@mcsmemail.de
Follow at https://twitter.com/stensitzki

Read More »