You don't WANT to just delete the object and by default deleting from a GC isn't allowed. You want to find out why your replication isn't working. You could have much worse issues going on than a duplicate SMTP address.
If we get to the point, and you honestly may already be there, of having lingering objects outside of the tombstone period you will get to start digging through the various lingering objects KBs. But right now, your first priority needs to be fix your replication. joe -----Original Message----- From: Harding, Devon [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 16, 2005 3:33 PM To: ActiveDir@mail.activedir.org; joe Subject: RE: [ActiveDir] Remove orphaned account This is killing me. I am able to search through adsiedit and find the account in GC mode (3268) but cannot delete. When I switch to ldap mode (389), I cannot find the object. HELP!! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Wednesday, February 16, 2005 9:25 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account Well the break seems to from that specific child domain. When I run an ADfind against all other GC's the object exists; when I run it against that one child domain GC, the object is not found. -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, February 15, 2005 9:08 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account You need to figure out where the break is. Look at the GC that you expect it at and chase back through the replication connections to determine how the change should get there from the domain. There has to be a break somewhere. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 5:07 PM To: ActiveDir@mail.activedir.org; joe Subject: RE: [ActiveDir] Remove orphaned account This has been since last week. (about 5 days). Is there anyway to force the delete to the other GC's? -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, February 15, 2005 4:51 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account How long ago was this account deleted? If it has been longer than the tombstone period, you have a lingering object and you need to start worrying about what other bad things are going on. If it has been recently, you need to chase your replication and determine where the update stopped at. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 4:36 PM To: ActiveDir@mail.activedir.org; joe Subject: RE: [ActiveDir] Remove orphaned account That's exactly the case, except its not in the child domain (child1.domain.com) but it exists everywhere else, (domain.com, child2.domain.com, child3.domain.com) When I try the admod command, it tries to contact the child domain (child1.domain.com) that is the owner of the account, but does not find it there. Some how, it seems that the deletion did not replication to all other GC's in the forest. -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, February 15, 2005 4:26 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account That means your default GC has the object in its database but your default DC for that domain doesn't see it. You can tell which DCs are involved by doing this adfind -gc -b -s base dnshostname adfind -h domain.com -b -s base dnshostname If the object is in your default domain you can shorten the second command to adfind -b -s base dnshostname joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 4:13 PM To: joe; ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account When I try to remove the object, I get this: C:\> Adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | admod -del AdMod V01.00.00cpp Joe Richards ([EMAIL PROTECTED]) July 2004 DN Count: 1 Using server: server.domain.com Deleting specified objects... DN: cn=doe\, john,cn=users,dc=domain,dc=com...: [server.domain .com] Error 0x20 (32) - No Such Object ERROR: Too many errors encountered, terminating... The command did not complete successfully -----Original Message----- From: joe [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 15, 2005 3:55 PM To: ActiveDir@mail.activedir.org Cc: Harding, Devon Subject: RE: [ActiveDir] Remove orphaned account <Resend and Update, list blocked because I responded from wrong account> Almost, -del or -rm would delete the entire user object... But you need to use -dsq on adfind to output the quoted DN. adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | admod -del Also if you want to just remove that address you could do adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | admod "proxyaddresses:-:smtp:[EMAIL PROTECTED]" Note that if that address is the primary SMTP Exchange may get grumpy if you don't set another address as primary. [UPDATE} Looking at Hunters Response, he makes sense. Instead of deleting the object or the attribute, consider clearing the Exchange attributes. adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" -dsq | exchmbx -clear joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 3:35 PM To: ActiveDir@mail.activedir.org Cc: joe Subject: RE: [ActiveDir] Remove orphaned account Ok, now I'm getting somewhere. Correct me if I'm wrong. Would this be the correct command to find and remove that account that the SMTP address is associated with? Adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]" | admod -del -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 3:26 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account Ok, I found the address using adfind -gc -b -f "proxyaddresses=smtp:[EMAIL PROTECTED]", but now how do I remove it from AD? -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 3:21 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account About 10mins. When I do a normal AD search for that SMTP address, it does not return any results. That adfind command didn't find any results either. -Devon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter Sent: Tuesday, February 15, 2005 3:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remove orphaned account How quickly did you try to reuse that SMTP address? I've seen that when I delete a mailbox or contact and immediately try to apply the address to another object. Might be worth verifying that the address is gone: Adfind -gc -b dc=domain,dc=com -s subtree -f "proxyaddresses=*youraddress*" name -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, February 15, 2005 12:52 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Remove orphaned account I have a user account that I deleted in AD. When I try to add another user with that same SMTP address, it stated that the address already exists. When I do a search for that address in AD, I get no results. How can I remove this SMTP address from AD? Devon Harding Windows Systems Engineer Southern Wine & Spirits - GSD 954-602-2469 List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
