Exchange 5.5 Migrations and ADC Generated user accounts linking to the wrong user

February 5th, 2006
by Christopher Kusek (PKGuild)

Have you ever run into the following: You’ve loaded up the ADC in order to sync your AD accounts with your Exchange 5.5 Accounts. You’ve done all the footwork ahead of time to ensure that you have no user accounts which own more than one mailbox; and if you do, they’ve had NtdsNoMatch put into Custom Attribute 10.

You run the ADC tool which does checking for you as well to ensure that everything is on the up and up and all is cool. No duplicates found, you’re ready to sync.

It sync’s up all of your user accounts, and generates the regular disabled user accounts for the users with NtdsNoMatch set, but wait, it’s generated a few extra accounts as well. Apparently it does not take into account, mailboxes which have accounts which reside in trusted domains.

Now what are you going to do? Your user who has a valid AD account in your domain is not matched up with 5.5 Mailbox – This will cause quite a damper in your ability to migrate that users mailbox. What can you do in this circumstance?

To handle this is actually rather simple once you know the procedure.

First, go into the ADC – Disable “Deletion” and turn the schedule from “Always” to “Never”.

Secondly, delete the newly created Exchange account (The UserID should have a name like ADC-RandomCharactersAndNumbers)

Thirdly, go into the account in Exchange 5.5 and ensure it is setup to point to your AD account, ie: if it was FOREIGNDOMAIN\USERNAME make sure it is now ADDOMAIN\USERNAME. After this is done, open up the Exchange 5.5 admin in Raw mode (admin.exe /r) Open up the mailbox in question in raw properties mode – File – Raw Properties, go to ADC-Global-Names and delete the attributes contained for ADC-Global-Names.

And lastly, go back into the ADC and change the schedule from “Never” back to “Always”.

Shortly after replication occurs, the account will display itself correctly in AD with having the Exchange tabs as the account is now linked into it.

The below MS Articles addresses details on this procedure.

How to correct mismatched accounts after Active Directory Connector replication in Exchange 2000 Server
http://support.microsoft.com/kb/256862/EN-US/

XADM: How to Remove the ADC Global Names Attribute from Exchange 5.5 Server Recipients
http://support.microsoft.com/kb/319474/en-us

XADM: ADC Creates Duplicate Accounts in Exchange Server 5.5 and Active Directory
http://support.microsoft.com/kb/288578/en-us

XADM: Duplicate Object Created When Replicating Objects from Exchange Server 5.5 to Windows 2000 Active Directory
http://support.microsoft.com/kb/274480/EN-US/
~ Christopher Kusek

Posted in Exchange, Informational, Microsoft | Comments (0)

  • Archives