Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized... Membership! Membership!

Tweet Register as an member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

Exchange Attributes after Exchange Server Uninstall

February 20, 2023 No Comments

by Amit Singh

There are many reasons why you would need to uninstall your local Exchange Server. If you are decommissioning the local Exchange Server after a migration to Exchange Online and all the users have been Azure joined, you would not need the local Exchange Server or even the Active Directory. For setups which will retain their Active Directory due to local applications that require Active Directory authentication, you need to perform a clean-up of the Active Directory Schema after the Exchange Server has been uninstalled.

Why do you need to clean-up?

Theoretically, after the server has been uninstalled correctly and decommissioned, you will still need to perform the clean-up from the residue that the installation had in the Active Directory Schema. You could have issues with auto discovery after migration to Microsoft 365. Due to this, local users may not be able to connect to their Exchange Online mailboxes and services.

You may also need to clean up the Active Directory Schema for any future installation of Exchange Server. If you install a new Exchange Server, you would end up with issues from the residue of the previous installation. Also, you might not be allowed to install or have repercussions in the setup.

The Exchange Server integrates fully with the Active Directory Schema. So, if you remove the Exchange Server from Active Directory, the schema extensions changes and additional attributes will still remain part of the schema.

Finding the Attributes

To find the attributes and update or clean them, you need to access the Active Directory. To view the attributes of a particular user, you need to do the following from your Active Directory Server.

– Click on Start.

– Click on Administrative Tools.

– Open Active Directory Users and Computers.

– Click on View.

– Click on Advanced Features.

– Open the user.

– Click on the Attribute Editor tab.

This will show all the attributes of the user and their value.

All the attributes, which are related to Exchange Server, will start with the msExch prefix. Although there could be a good number of attributes that start with the msExch prefix, not all are set or used.

To clear the attributes

– Highlight the attribute.

– Click on Edit.

– Click on Clear.

This will mark the attribute as <not set>, which means that the value of the attribute is null.

Although this will remove the attribute value, the attribute cannot be removed. Once an Exchange Server is installed, the changes to the Schema are forever.

Alternatively, you use the Active Directory Services Interfaces (ADSI) Edit utility to view and update the attribute. Here are the steps:

– Click on Start.

– Click on Administrative Tools.

– Open ADSI Edit.

– Right-click on ADSI Edit and click on Connect to.

– Click OK.

– Expand Default naming context.

– Expand the domain name.

– Expand the Organizational Unit (OU) that the user is into.

Right-click on the user and click on Properties.

This will open the attribute editor window as in the Active Directory Users and Computers.

Can you remove the attribute from the schema?

The attributes, if empty, do not affect any processing, Active Directory functionality, or the ability to re-install another Exchange Server in the same forest. You can open the ADSI Edit using the Schema as the Naming Context. You can delete the attribute from the schema but it’s not recommended. As discussed, if the attributes are set as <not set>, there is no harm in leaving them there.

There is no harm in changing the attributes to <not set> from the Active Directory Users and Computers. However, if you use ADSI Edit, there is no undo button and the repercussions can be catastrophic if anything goes wrong. You need to be careful when you create, modify, or delete items from the schema directly. This could break a lot of things in your forest and the risk is extremely high, especially if you are unfamiliar with the changes that you are making. You should use ADSI Edit as the last option. In case you use it, make sure that you have the right expertise.

Automating the clean-up process

You can use a PowerShell script to automate the clean-up process. For this, you need to use the Set-AdUser command and put a loop for the users you need to modify.

It’s always suggested to run the script with the WhatIf parameter. It will execute the script and not affect any changes. You should also run the command against a test user.

What if you need to extract data from the EDB files?

If you need to extract data from the databases after decommissioning the server or there is any corrupted databases, then you need to use a third-party tool such as Stellar Repair for Exchange. With this application, you can open multiple EDB files from any version of Exchange Server – be it healthy or in Dirty Shutdown state. You can browse the databases and granularly export to PST and other file formats. The application also features an option to directly export to a live Exchange Server database or Microsoft 365. It can easily export user mailboxes, archived mailboxes, disabled mailboxes, shared mailboxes, and public folders.

Click here for more IT Briefcase content!

Sorry, the comment form is closed at this time.