Pro-Exchange,Lync & Office 365
Belgian Microsoft Unified Communications Professionals
Microsoft Exchange Server, Microsoft Lync Server & Office 365
Working with Disconnected Mailboxes in Exchange Server 2010, Office 365 and Hybrid–Part 1

Introduction

In this article, I will try to explain what Disconnected mailboxes are. How a mailbox becomes disconnected and how you can identify and work with disconnected mailboxes in Exchange Server 2010 on-premise, Exchange Online and in a combination of both (Hybrid).

First, to understand what disconnected mailboxes are we need to take a (quick) look at what ‘mailbox’ actually is. The object that you see when running Get-Mailbox or through the Exchange Management Console is actually called a user-mailbox. In fact, that name literally states what it represents: a user and a mailbox. A user mailbox is thus a “combination” of an AD User Account and an Exchange Mailbox:

image

All information on the user’s Exchange mailbox is stored in the user’s AD-attributes whereas the data itself is stored within the mailbox in Exchange. Using either ADSIEdit or PowerShell, you can view these attributes. The following list shows a common set of attributes for a user with an Exchange mailbox. Note that all Exchange-related attributes start with “msExch*”:

msExchAddressBookFlags                : 1
msExchArchiveQuota                    : 52428800
msExchArchiveWarnQuota                : 47185920
msExchBypassAudit                     : False
msExchDumpsterQuota                   : 31457280
msExchDumpsterWarningQuota            : 20971520
msExchHomeServerName                  : /o=Exchange/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=E14-EX10-01
msExchMailboxAuditEnable              : False
msExchMailboxAuditLogAgeLimit         : 7776000
msExchMailboxGuid                     : {70, 147, 162, 91...}
msExchMailboxSecurityDescriptor       : System.DirectoryServices.ActiveDirectorySecurity
msExchMDBRulesQuota                   : 64
msExchModerationFlags                 : 6
msExchPoliciesIncluded                : {1429c9fb-4d64-45c2-84f5-fa61dfa1a19c, {26491cfc-9e50-4857-861b-0cb8df22b5d7}}
msExchProvisioningFlags               : 0
msExchRBACPolicyLink                  : CN=Default Role Assignment Policy,CN=Policies,CN=RBAC,CN=Exchange,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=EXCH14,DC=local
msExchRecipientDisplayType            : 1073741824
msExchRecipientTypeDetails            : 1
msExchTextMessagingState              : {302120705, 16842751}
msExchTransportRecipientSettingsFlags : 0
msExchUMDtmfMap                       : {emailAddress:6484, lastNameFirstName:64242358264673623325, firstNameLastName:64242358264673623325}
msExchUMEnabledFlags2                 : -1
msExchUserAccountControl              : 0
msExchVersion                         : 44220983382016
msExchWhenMailboxCreated              : 29/04/2012 11:34:09

The above list is what you see under normal circumstances. However, it is possible that a user’s mailbox gets “disconnected” from the user’s object. This means that the User Object and the Exchange Mailbox are no longer ‘linked’ together. There are two ways this can happen:

  1. When you disable a user’s mailbox, the Exchange mailbox itself does not get deleted immediately. The mailboxes are retained in the environment for the duration of the deleted mailbox retention period (by default 30 days) unless you permanently delete the mailbox deliberately.
  2. Whenever a soft-delete occurs. This is usually the case where a user’s mailbox is moved from one database to another. After the move, Exchange will not delete the source mailbox from the source database. Instead, it will mark the source mailbox as “soft-deleted”. Just as with disabled mailboxes, they are kept within the database for the duration of the deleted mailbox retention period unless deleted permanently on purpose.

Whenever a user’s mailbox is disconnected the user account attributes also change. For example: disabling a user’s mailbox might result in only the following attributes still having a value:

msExchAddressBookFlags   : 1
msExchBypassAudit        : False
msExchProvisioningFlags  : 0
msExchUMDtmfMap          : {emailAddress:6484, lastNameFirstName:64242358264673623325, firstNameLastName:64242358264673623325}
msExchWhenMailboxCreated : 29/04/2012 11:34:09

As you can see neither msExchangeHomeServerName or msExchangeMailboxGuid are present. These attributes represent the user’s mailbox and the Exchange server where the mailbox is located. They are unique to a mail-enabled account. But because it’s disabled, the values are now empty.

Note   to retrieve these attributes using PowerShell, you can e.g. run the following command:

Get-ADUser <username> –properties *  | Select-Object MSExch*

Retrieving Disconnected Mailboxes

Disconnected mailboxes show up in the Disconnected Mailboxes container under Recipient Management in the Exchange Management Console:

image

Although this is the easiest way to identify any existing disconnected mailboxes, the Management Console is limited in the actions that you can perform on these mailboxes. For the remainder of this article, I’ll continue showing how you can work with disconnected mailboxes from the Exchange Management Shell.

To retrieve a list of disconnected mailboxes using PowerShell, you must run the following command. This command will only return mailboxes that have been disabled.

Get-Mailbox | Get-MailboxStatistics | ? {$_.DisconnectReason –eq “Disabled”}

Retrieving a list of all disconnected mailboxes is a bit more “tricky”. You could either combine to conditions:

Get-Mailbox | Get-MailboxStatistics | ? {($_.DisconnectReason –eq “Disabled”) –or ($_.DisconnectReason –eq “SoftDeleted”)}

Additional Info   MVP Mike Pfeiffer created a script that uses a slightly different approach: instead of looking at DisconnectReason, it will rather look at the “DisconnectDate” attribute. If the attribute contains a value, the mailbox is considered in a disconnected state (no matter how it got disconnected).

Note   It is entirely possible that not all disconnected mailboxes show up when running the commands above: if you disabled the mailbox only recently, it might be possible that the mailbox isn’t marked as disconnected in the Exchange store yet. To “force” the detection of disconnected mailboxes, you would then use the Clean-Mailboxdatabase command:

Clean-MailboxDatabase –Identity <mailboxdatabase>

Working with Disconnected mailboxes

In case of a disabled mailbox, there are three actions that you can perform:

  • Connect it to an existing user account in Active Directory
  • Restore it to a new or existing user account in Active Directory
  • Permanently delete it from the Exchange mailbox database

On mailboxes that are in a soft-deleted state, you can only perform the following two actions:

  • Restore the mailbox
  • Permanently delete it from the Exchange mailbox database

Reconnecting disconnected mailboxes

By default, when running the Connect-Mailbox command, the disconnected mailbox will be reconnected to the matching user account. Alternatively, you can also use the New-MailboxRestoreRequest command which is only available through the EMS. The latter will leverage the Mailbox Replication Service (MRS) to recover mailbox data from the mailbox into an existing, connected, mailbox.

Note   you can only reconnect a mailbox using Connect-Mailbox to a user account that has currently no mailbox connected.

To reconnect a mailbox, run the following command:

Connect-Mailbox –Identity <identity> –Database <database> –user <user>

image

Restoring disconnected mailboxes

Restoring a disconnected mailbox is different from reconnecting one. Instead of reconnecting the mailbox to a user accounts that does not have a mailbox it will use MRS to copy contents from the disconnected mailbox into a target mailbox. Note that this is also your only option in case of a soft-deleted mailbox. They cannot be reconnected using the connect-mailbox command.

You will need to have the correct permissions (Recipient Provisioning Permissions) in order to run this command. For more information, please have a look here: http://technet.microsoft.com/en-us/library/dd638132.aspx

New-MailboxRestoreRequest –SourceDatabase <database> –SourceStoreMailbox <disconnectedmailbox> –TargetMailbox <targetmailbox>

image

Note   if you are restoring to an alternate user account, the command will throw an error (see screenshot for more details). In that case, you will need to add the –AllowLegacyDNMismatch parameter in order to complete the command successfully. The check whether or not the LegacyDN matches on both source and target mailbox is performed is to prevent you to accidentally restore the mailbox to the wrong target mailbox.

Optionally, you can also restore a disconnected mailbox to an archive mailbox:

New-MailboxRestoreRequest –SourceDatabase <database> –SourceStoreMailbox <mailboxGuid> –TargetMailbox <targetmailbox> –TargetIsArchive

As you can see from this command, the parameter “-TargetIsArchive” is used to determine that we’re restoring an archive.

From an end-user perspective, he (or she) will see the contents from the disconnected mailbox merged into the existing mailbox. Using different switches with the New-MailboxRestoreRequest command, you can control what and where mails are restored. For more information, please visit: http://technet.microsoft.com/en-us/library/ff829875.aspx

Permanently Deleting a Disconnected Mailbox

To permanently remove a disconnected mailbox, you use either the Remove-Mailbox or Remove-StoreMailbox command:

To remove both the mailbox and user account immediately, run the following command:

Remove-Mailbox –Identity <mailbox> –Permanent $true

Alternatively, you can remove a previously disconnected mailbox using the following command:

Remove-StoreMailbox –Database <database> –Identity <name> –MailboxState <SoftDeleted/Disabled>

Note   the identity of the mailbox to be deleted can either be the mailbox's name or GUID.

Personal Archives

Personal Archives behave quite similar to regular mailboxes. When an archive is disabled, it also becomes disconnected and it will also remain in the database until the deleted mailbox retention period has elapsed. The process of reconnecting a personal archive is also pretty similar to reconnecting a regular disconnected mailbox:

Connect-Mailbox –Identity <name or Guid> –Archive –User <user> –Database <database>

Note the –Archive switch. Adding this parameter ‘tells’ the command that you’re reconnecting an archive.

Note   you cannot reconnect an archive to another user. It must be reconnected to the user it was previously connected to.

Conclusion

This concludes the first part of this article in which we covered the most important actions regarding Disconnected Mailboxes. In the next part of this article we are going to have a look at what you can do with Disconnected Mailboxes in Office 365 and/or a hybrid deployment.

For more information on Disconnected Mailboxes, have a look at the following TechNet-article: http://technet.microsoft.com/en-us/library/bb232039.aspx

Cheers!

Michael


Posted 04-29-2012 11:29 by Michael Van Horenbeeck

Comments

Exchange 2010 wrote Working with Disconnected Mailboxes in Exchange Server 2010, Office 365 and Hybrid–Part 2
on 05-13-2012 11:23

Introduction In the previous part of this article, we covered some of the basics about what disconnected