Results 1 to 6 of 6
  1. #1
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Question Fine-tuning Exchange mailbox retirement procedures and retention settings

    Hi Loungers,

    I am starting this thread so I can make a more fine tuned set of procedures for retiring Exchange mailboxes when users leave my organization. I will explain my current procedure, then I will follow up with the issues/questions I have with a user that left the organization and now is returning. I also would like to address the backup component of mailboxes and retention settings.

    Note: When making replies, please include step by step instructions on how to make the changes you suggest, as I am relatively new to Exchange 2010.


    Software installed:
    Windows Server 2008 R2 (64-bit)
    Exchange Server 2010 SP1
    Symantec Backup Exec R3


    My current procedure:
    1. Disable user account in Active Directory Users and Computers (ADUC)
      -Either at this step or in the step 3, I don't know which, the mailbox now appears in the "Disconnected" mailbox list in Exchange

      On the MAIL server, go to the Exchange Management Console. In the left tree window, browse to Microsoft Exchange On-Premises -> Recipient Configuration -> Disconnected Mailbox
      .
    2. Remove user from the "Staff" ADUC container into the "Non-Staff" container.
      .
    3. Move user's mailbox from the default mailbox database to the "ex-employees" mailbox database.
      -This is keep the size of the default mailbox smaller.

      On the MAIL server, go to the Exchange Management Console. In the left tree window, browse to Microsoft Exchange On-Premises -> Recipient Configuration -> Mailbox. Highlight the user’s mailbox. In the actions pane on the right, click “New Local Move Request”. Click Browse under the “Target mailbox database” heading. Choose “Ex-employees”. Click Ok. Click Next. Click New.
    4. Hide user from the Outlook Exchange Address Book

      On the MAIL server, go to the Exchange Management Console. In the left tree window, browse to Microsoft Exchange On-Premises -> Recipient Configuration -> Mailbox. Right click on the user’s mailbox and choose Properties. Enable the check box entitled “Hide from Exchange address lists”. Click OK.

      Note: It takes 24 hours for the domain controller to propagate this change to the Outlook Address Books of the staff.
    Questions:
    1. When in the "Disconnected Mailbox" window why do all the users (who I have disabled accounts for) display the default mailbox database instead the Ex-employees mailbox database in the "Mailbox Database" column?
      .
    2. How do I reconnect a users mailbox for an employee who has returned to work at my organization?
      I un-did steps 1 and 2 in my procedure above. However I couldn't undo step 3. When I viewed the users mailbox in "Microsoft Exchange On-Premises -> Recipient Configuration -> Mailbox" there was no option for a local move request to move the mailbox back to the default Mailbox database. Also, when in the "Disconnected Mailbox" folder, when I right clicked on the user and chose "Connect" -> User Mailbox", I couldn't browse for the user in either the "Matching user" or "Existing User" options, and hence couldn't reconnect them.
      Exchange screenshot.PNG
    3. Every friday I run a full backup on all my servers, (file, application, mail, etc.). Is there a way to save space in my backups so that Symantec Backup Exec isn't backing up the "Ex-Exployees" mailbox database every Friday unless it has changed?
    Thank you,
    Peter
    Peter
    Support for a large nonprofit
    Projects

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 986 Times in 916 Posts
    1. The mailbox should just show up as "shared" if you disable the account in ADUC. Are you sure you haven't ticked "delete Exchange mailbox" as well?

    2. If the mailbox is shared there is no need to re-connect, but you may want to change the status to "regular". This is a powershell command which I can't remember off the top of my head.

    3. If you use different stores for normal and ex-employees you can backup the ex store weekly instead of daily, but there is a risk of data loss if the mailbox is moved before you disable the account in ADUC.

    cheers, Paul

  3. #3
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Paul T View Post
    1. The mailbox should just show up as "shared" if you disable the account in ADUC. Are you sure you haven't ticked "delete Exchange mailbox" as well?
    I don't know what you mean here about the "shared" state, please post a screenshot of where to see this setting. Similarly, all I did with the outdated mailbox was a local move request using the wizard, so I didn't check any "delete" boxes. Would it help if I shared my mailbox retention settings? Please specify where to, if you need them.

    I found an article entitled "Connect or Restore a Disabled Mailbox".
    I ran the command below and determined that all the mailboxes for disabled users that have been moved to the "ex-employees" store are in the "Soft-deleted" state in the original "default" mailbox.
    Code:
    [PS] C:\>Get-MailboxStatistics -Database 'Mailbox Database 0967836029' | Where { $_.DisconnectReas
    on -eq "SoftDeleted" } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason
    So I ran the restore command:
    Code:
    [PS] C:\>New-MailboxRestoreRequest -SourceDatabase 'Mailbox Database 0967836029' -SourceStoreMailb
    ox "User Name" -TargetMailbox UserAlias
    Next I checked that the commend completed:
    Code:
    [PS] C:\>Get-MailboxRestoreRequest -Name "MailboxRestore"
    However, the users mailbox is still sitting the "disconnected" window, and I can't "connect" it, and am still having the same issue.


    2. If the mailbox is shared there is no need to re-connect, but you may want to change the status to "regular". This is a powershell command which I can't remember off the top of my head.
    Same as the comment I made above, where do I see this "regular or shared" status?


    3. If you use different stores for normal and ex-employees you can backup the ex store weekly instead of daily, but there is a risk of data loss if the mailbox is moved before you disable the account in ADUC.
    Thanks, I can modify my backup schedule to remove the "ex-employees" mailbox store from the Monday through Thursday night incremental backups.
    Peter
    Support for a large nonprofit
    Projects

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,199
    Thanks
    48
    Thanked 986 Times in 916 Posts
    The mailbox type is shown in the Find dialogue in the GUI. You can also show it in PS.
    get-mailbox username | fl

    cheers, Paul

  5. #5
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Paul T View Post
    The mailbox type is shown in the Find dialogue in the GUI. You can also show it in PS.
    get-mailbox username | fl

    cheers, Paul
    Hi Paul,

    I used the "Find" search window in the "Microsoft Exchange On-Premises -> Recipient Configuration -> Mailbox" window, and it displayed the following fields:
    "Display Name", "Alias", "Organizational Unit", "Recepient Type Details", and "Primary SMTP Address". "Recepient Type Details" for my user contained the property: User Mailbox.

    I didn't see anything about "Regular" or "Shared". Plus I don't know how that will help me resolve my issue even if I find either of those options. Then how to I do i change the mailbox type. And after that, will that allow me to "Connect" the mailbox? If not, what are the steps? Also, are you giving me instructions for Exchange 2010 R2?

    When I ran the powershell command 100 lines popped up, and I didn't see anything helpful either.

    --

    I am starting to worry that my user who is coming back on Monday won't have a Mailbox, so I'm starting to plan other solutions, like creating a new mailbox, and just exporting mail out of the old one and into the new one.

    In order for you be helpful, I really would ask if you could please be more specific and detailed in what steps I should take and why in your responses, as I am pretty new at this and am stuck. Plus I would appreciate it if instead of ignoring some of my lengthly set of questions, you could reply to my other questions with "Those steps aren't needed", or simply "I don't know" or the like.

    Thank you,
    Peter
    Peter
    Support for a large nonprofit
    Projects

  6. #6
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Thumbs up Solution: How to recover a retired mailbox for a user who left your org.

    ------
    Here is how I reconnected my users mailbox. The issue was that I had diabled the user's active directory account, and then I moved their mailbox to another mailbox database.
    ------

    I.Procedure – Reactivating a User's Mailbox (Exchange 2010 SP1)

    1. Enable the user account in Active Directory Users and Computers (ADUC)


    2. Move user back to the "Staff" ADUC container from the "Non-Staff" container.


    3.Clear the Previous Move Requests

    Use the EMC to clear a move request
    You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox moves" entry in the Mailbox Permissions topic.
    1. In the console tree, navigate to Recipient Configuration > Move Request.
    2. In the result pane, select a recipient that has a Move Request Status of Completed or Completed with warning.
    No code has to be inserted here.
    1. In the action pane, click Clear Move Request.
    2. A warning message appears confirming that you want to clear the move request. Click Yes.
    4.Copy the mailbox to the primary mailbox database
    Move the user’s mailbox back from the “Ex-employees” database to the “Primary Mailbox Database” database.

    On the MAIL server, go to the Exchange Management Console. In the left tree window, browse to Mailbox -> Microsoft Exchange On-Premises -> Recipient Configuration -> Mailbox. Highlight the user’s mailbox. In the actions pane on the right, click “New Local Move Request”. Click Browse under the “Target mailbox database” heading. Choose “Primary Mailbox Database”. Click Ok. Click Next. Click New.


    5.View the current status of the move commands
    Mailbox -> Microsoft Exchange On-Premises -> Recipient Configuration -> Move Request
    Use the “Refresh” button in the Actions pane to monitor the process.


    6.Test opening Outlook
    When on a computer while logged in as the desired user, try opening Outlook.
    Peter
    Support for a large nonprofit
    Projects

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •