Let me guess, the errors were 9548's for disabling accounts that still had active mailboxes?
The MS "proper" way of correcting this is documented here. It is something you can do programmatically. http://support.microsoft.com/Default.aspx?kbid=278966 Basically the issue is an Exchange issue where the Exchange Dev folks figured that the only reason someone would have a live mailbox on a disabled ID would be for a resource mailbox, so they make all sorts of assumptions around disabled user ids that are mailbox enabled. This blows up in their face because if the account is really just a user you no longer want to be able to log on but you don't want to delete the mailbox [1] for many many good reasons you wouldn't normally think to set MSEMAS so it dorks Exchange up and if you get enough of this you start experience Store hangs. This is a huge problem in companies with large Exchange deployments. Hopefully one day MS Exchange Dev will correct this design flaw. I expect Exchange 12 will correct all the current flaws due to bad assumptions and spawn a whole new set based on other bad assumptions to deal with. :o) joe [1] Yes I understand retention store but I also understand that MS didn't give a realistic programmatic reconnect method and doesn't allow disconnected mailboxes to be moved if needed. The reconnect is a half-ass WMI mechanism that I see no reason why they did it the way they did it. Works great in a small environment but reconnects in a small environment isn't usually that great of an issue in the first place. Makes me want to say that the Exchange developers shouldn't be allowed to develop on anything but large 100+ Exchange Server labs and are forced to do support inside of MS on a monthly basis (say 1 week a month) to see how the environments are really managed. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Wednesday, August 10, 2005 4:05 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Effectively Disable Accounts I've written a script that we use instead of disabling accounts when people leave. It prevents the account from being used, but also eliminates some errors we had with Exchange when we had a bunch of mailboxes tied to disabled accounts. Here it is, if anyone's interested. Thoughts? List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
