03-25-2015 07:55 AM
Hi all,
I have some doubts about how to correctly remove a mailbox that has been archived and that I don't need to keep anymore (like when a user leaves the Company). We ussually export all his archived mailbox to the original exchange mailbox, then we generates a PST and we can remove its archive. But, what is the correct way for doing this last step? I can go throught the EV console (Archives/Exchange Mailbox) and delete the mailbox (right button). But there's still an entry in the ExchangeMailboxEntry table. I can manually remove that row opening the table, but I wonder if there is a better and more secure way to do this (instead od editing the database table).
Thanks in advanced and best regards.
//Juan A.
Solved! Go to Solution.
04-17-2015 07:34 AM
referring back to what was posted in the link i shared with you, "the user will be removed from provisioning i think after 7 failed attempts and the user no longer exists in Active Directory"
something else to check might be to see if you have the registry key set to 0 for EV to archive disabled accounts. if it's set, change it to 1 if you arent able to delete AD accounts that are no longer needed.
Article:TECH76587 | | | Created: 2009-01-09 | | | Updated: 2014-01-02 | | | Article URL http://www.symantec.com/docs/TECH76587 |
03-25-2015 08:04 AM
all you really need to do in EV in the end is delete the archive from the console. you could go one step further and disable them first, then remove them from the provisioning group if you're keeping their AD account and Exchange mailbox around.
03-25-2015 08:14 AM
I disable the mailbox from being archive in EV before deleting the archive. We also removes the Exchange mailbox. The AD accopunt is finally disable too. But I still have the entry in the table database.
03-25-2015 08:25 AM
have a look at this thread. i think it will answer your remaining question.
https://www-secure.symantec.com/connect/forums/exchangemailboxentry-table-status
03-25-2015 08:49 AM
I'm a bit curious... Why do you export the mailbox to a PST? If you need to keep the data for some reason EV is efficient, reliable and makes the data availble when you need it. If you don't need to keep the data, why the PST?
03-25-2015 09:58 PM
Hi JuanAntonio,
I agree with WiTSend. Also about exporting to pst when user leaves company, even through EV Console you can export the PST of a particular item.
About the entry in the ExchangeMailboxEntry table I would suggest if you disable the archive the archiving should stop for the mailbox as the state changes in the ExchangeMailboxEntry table which infact is efficient so that the archiving does not start for that mailbox again.
03-26-2015 04:22 AM
We don't need the mailbox of a person leaving the Company to be available on line. We only generates a PST (just in case) ante then removes the Exchange account and disable the AD account.
We generate the PST exporting the data in the archive to the original mailbox first. I know I can archive the whole mailbox f(using a 0 day archiving policy) an then generates the PST from the EV console.The reasons why we don't use that second choice are these (like I read in an old post):
The problem is that, when I delete the archive, the ExchangeMailboxEntry table is not updated and the user (the account) still exists there. Why doesn't it removes that row if the user doesn't exists anymore? No exchange account, no AD account and no EV archive account. This table is supposed to be updated when you run the provisioning task.
When I run the provisioning task in report mode I get this in the log:
"Mailboxes on Exchange Server [SVR-EML-06] that have entries in the Enterprise Vault database but which are not in any provisioning group:"
And I can see the list of all the users whose mailboxes have been deleted. Even if I remove its EV archives, they remain in the list. Until I manually removes the entry in the ExchangeMailboxEntry table. But I would like not to do this manually.
03-26-2015 07:56 AM
have a look at this thread. i think it will answer your remaining question.
03-26-2015 08:49 AM
Thanks AndrewB. I've already read the thread and I understand the meaning of all the values, specially the ADMbxFlags field, that I think is the most important in this case.
I thought that if you delete an Exchange mailbox and the corresponding EV archive, the related information in this table should be deleted too, as the the account no longer exists. But maube the key why they are there, in my case, is that de AD account already exists, although they are disable.
Maybe I must try with a complete deletion of an AD account.
03-26-2015 01:53 PM
i dont get what difference it makes if there's an entry in a sql table or not as long as the data is gone. however, in the post i referenced, the point i thought would be of most interest to you is where JesusWept3 states "the user will be removed from provisioning i think after 7 failed attempts and the user no longer exists in Active Directory"
04-06-2015 03:33 AM
The users have been removed from provisioning and their mailboxes are not being archived. But when I run the provisioning task I got the following error (EventID=41133):
"The Exchange mailbox provisioning task found enabled mailboxes that are not part of a provisioning group. These mailboxes cannot be archived. If you do not want these mailboxes to be archived, use the Administration Console to disable them. See the provisioning task report for further details (full reports only)."
If I run the Provisioning Task in Report Mode and take a look at the log, I can see a list of "Mailboxes on Exchange Server [SVR-EML-06] that have entries in the Enterprise Vault database but which are not in any provisioning group".
The only way of clear tha list is to edit manually the EV table and manually delete the entries there. This is what I woulf like to avoid.
04-06-2015 04:40 AM
do the AD accounts still exist?
04-15-2015 07:09 AM
Yes, the AD accounts does exist, but they are disabled.
04-15-2015 03:49 PM
once you get rid of the AD accounts, EV will eventually remove them automatically per JesusWept's post.
04-17-2015 12:26 AM
What do you mean by "rid of de AD accounts"? Have them deleted them completely? Or have them disabled should be enough?
04-17-2015 07:34 AM
referring back to what was posted in the link i shared with you, "the user will be removed from provisioning i think after 7 failed attempts and the user no longer exists in Active Directory"
something else to check might be to see if you have the registry key set to 0 for EV to archive disabled accounts. if it's set, change it to 1 if you arent able to delete AD accounts that are no longer needed.
Article:TECH76587 | | | Created: 2009-01-09 | | | Updated: 2014-01-02 | | | Article URL http://www.symantec.com/docs/TECH76587 |
04-17-2015 08:02 AM
Thanks AndrewB. Let me check.