Ramblings From The Litter Tray of Life

Posts Tagged ‘Exchange’

A Quick Method of Recovering Deleted User Accounts

Posted by graycat on 15 May 2011

Now I’m sure it’s all happened to us before that an active user account has been deleted by accident at some point. Sometimes it’s due to inactivity or an admin taking their eye off the ball at the wrong moment. Regardless though, it happens and you’ve got to get it back.

The worst case scenario is that the account was actually in use at the time and you have to get that user back and working RTFN. This isn’t so tough if you’re in a contingious network where AD, server OS and Exchange versions all match up. If not, it’s a bit trickier.

Here’s how I do it:

1. Download a copy of ADRestore and install it on the relevant machine.

ADRestore is a fantastic little app that is provided “as is” by one of Microsoft’s MVP. It works really well at enumerating usually hidden objects in AD and allowing basic restoration of them.

2. Point ADRestore at your DC of choice and enumerate objects.

This will hopefully find your deleted account for you. It works due to the method that AD deals with deleting an object. Namely that the object is marked for deletion but only actually deleted during it’s scheduled maintenance run. Until then the object is simply hidden so can be reset.

3. Once you’ve restored the account back into AD you’ll need to reset the account’s password and enable it.

4. Reconnect the mailbox

If you’re using Exchange 2000/2003 then you can easily see the orphaned mailbox within the store and reconnect it via a right-click. However, if you’re using Exchange 2007/2010 you may find that the mailbox does not display under the “disconnected mailbox” section. This is again reliant on scheduled maintenance runs however if you’re in a rush you can run the following PowerShell command:

Clean-MailboxDatabase “Database Name”

Though if you have a few mailbox databases on the server, you may need to run Get-MailBoxDatabase to get the full name of the target db.

At this point you can right-click the disconnected database and reconnect it to the recovered mailbox.

5. Reset the group memberships.

Due to the tombstone process removing all group membership, you’re going to have to go back into the account and add them back in.

6. Check it all works.

I usually grant myself Full Access to the mailbox and check it through OWA just to make sure the e-mail is up and running. Send a few messages back and forth is always a good idea. You can also try running a CLI or shortcut as the recovered user to make sure it has indeed come back as required. After that all you’ve got to do is wait for replication to take place.

Posted in IT, Windows | Tagged: , , , | Leave a Comment »

Entourage 2008 and Exchange 2007

Posted by graycat on 8 September 2010

Some of you may be like me as in completely OS and vendor neutral (ok as far as can be expected) and use both Microsoft and other software vendors. If you use a Mac then you will most likely be aware of Office 2008:Mac from Microsoft. Which, credit where credit is due, is not a bad suite of software. I particularly like Entourage which I rate higher than most version of Outlook for usability and basic functionality for a base user.

However recently I’ve run into a problem. What occurred after an Exchange upgrade from 2003 to 2007 was that Entourage would not connect properly. Initially this was annoying then frustrating and then a blessing in disguise as I work too much and needed down time.

Recently though I’ve had to do some travelling for work and needed both my Mac and a local copy of my e-mails. Mac’s inbuilt e-mail program just wasn’t cutting it so it was time to sort out Entourage.

A lot of research points towards the lack of WebDAV in Exchange 2007 out of the box as being the culprit and to be honest it is. Microsoft has changed a lot of the back end and IIS configuration of Exchange in 2007 and a lot of things just plain aren’t there by default.

Now you can add WebDAV back in pretty easily as well as setup the sub-folders that are no longer in IIS but to my mind this was a last resort really. I mean, why have a new bit of tech only to hobble it by adding old bits back in? Ok, it’s not exactly killing Exchange by putting those bits back in but the thought still stood.

After a lot more research I ran across a page on the Microsoft Mactopia site (who comes up with these names? Seriously.) which discussed Entourage working with the new web services in Exchange 2007. A quick review and a download later and I had the addon. The install is very quick and easy as you would expect with Entourage asking to import settings as per a new build. Supplying my e-mail details and it was away but would it connect?

Simple answer is yes it does and it just works.

So that was it. In a nutshell to get Entourage to work with a vaguely standard Exchange 2007 or even a secured one, first download the addon for Entourage Web Services and you’ll be good to go.

If only everything else was as simple as that when you know how, huh?

Posted in IT | Tagged: , , , , , , | Leave a Comment »

Who’s got that e-mail address?!

Posted by graycat on 9 September 2008

Don’t you just hate it when you go to add a custom e-mail address to either an account or public folder only to find out that it’s already in use and not in your documentation?! You go to add this new custom requested address (usually requested by a marketing department for some reason or other that must make sense during a long liquid lunch) but are confronted with a lovely pop-up error message like this:

This email address aready exists in this organization.

ID no: XXXXXXX Exchange System Manager

Indeed that’s not the most useful of error messages I’ve ever run across …. can you actually run over error messages? Interesting thought but I digress!

Being the concentious admin cat that you are, you’ll not let the rest there but will want to know how to find where it is in use. Doing this manually in your average SME will mean checking hundreds off user accounts and god forbid you are using mail enable public folders! You could be there until the end of time and still not find the darn thing.

Well here’s how to track down who’d in possession of that address in a nice and easy step by step guide:

  • Open the Active Directory Users and Computers Management Console
  • Right Click on the domain > Select Find
  • Select Custom Search in the Find field
  • Select the Advanced tab
  • To find the entity with the email address whatever@yourdomain.com for example, enter the following in the LDAP query field:
  • (proxyAddresses=smtp:whatever@yourdomain.com)
  • This will list the entity containing the email address entered.

If you’re lucky and it is assigned to a user account then this will display clearly in the bottom box of the search and  you’ll be able to open its properties from there. If you can’t find where is hidden in your millions of user accounts, try using a dsquery to produce the info you need as to OU location.

Mail enabled public folders make things a little bit more interesting as is their usual method. Unfortunately the folder will be displayed in the bottom windows as per previously, however if you double click on it you will not get much useful information as to it’s location. There should be enough info for you to apply some logic and knowledge of your own systems to find it but if you have thousands of public folders you may well be in for a long search.

As a bonus, I thought I’d mention that wild cards can be used within the email address (*) to return multiple matches. So if you want to view all the email addresses within the results list, select View > Choose Columns… and select Proxy Address – doing this in association with the query (proxyAddresses=smtp:*@yourdomain.com) will give you a list of all entities within the organisation that have an email address, together with all the email addresses they have.

Posted in IT | Tagged: , , , , | Leave a Comment »