Exchange Looking for Nonexistant User
Results 1 to 7 of 7

Thread: Exchange Looking for Nonexistant User

  1. #1

    Question Exchange Looking for Nonexistant User

    Well, I'm getting my first introduction to Exchange servers, and this is the first problem I've encountered.

    One of our client's Exchance servers is receiving multiple, repetitive Event Log entries regarding Exchange looking for a user who no longer exists. Further investigation revealed that the user was removed from Active Directory, but evidently Exchange is looking for that user anyway as an "unknown user".

    How can one go about cleaning up Exchange so that it no longer looks for users that have been removed from Active Directory?

    Here are the Event Log entries:

    An error occurred while upgrading the ACL on folder [Public Folders]/eAlumni/Web Clients/I-Q/Linfield College/Contacts located on database "First Storage Group\Public Folder Store (EXCHANGE01)".
    The Information Store was unable to convert the security for /O=PCI/OU=PUBCON/CN=RECIPIENTS/CN=BMORIN into a Windows 2000 Security Identifier.
    It is possible that this is caused by latency in the Active Directory Service, if so, wait until the user record is replicated to the Active Directory and attempt to access the folder (it will be upgraded in place). If the specified object does NOT get replicated to the Active Directory, use the Microsoft Exchange System Manager or the Exchange Client to update the ACL on the folder manually.
    The access rights in the ACE for this DN were 0x7fb.

    For more information, click http://www.microsoft.com/contentredirect.asp.

    Disabled user /o=PCI/ou=PUBCON/cn=Recipients/cn=AAli does not have a master account SID. Please use Active Directory MMC to set an active account as this user's master account.

    For more information, click http://www.microsoft.com/contentredirect.asp.


    BTW, sorry I haven't been around latley. I just moved to Texas and haven't had much Internet access at all. Just got a new job (on my second day here!), looking to get a new apartment soon, and then I should be back to my usual online escapades.

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Off the top of my head you need to "purge the "dead" users" or words to that effect in exchange system manager.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Welcome back AngelicKnight and good luck to your new job

  4. #4
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Excahnge purges the users every night so something is not right when active directory updates. Could be exchange could be the AD connector on the box with exchange. Try going into recipient update services and refreshing the connector. You MUST have an understanding of FISMO rules to know that the exchange connector uses the master browser for mailbox management and exchang is NOT good and finding the master browser IF it has moved from one AD domain controller to another of the course of normal operations. That probably didn't clear anything up did it? You can also perform mail box maintenance on the store but that almost never works in these cases.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    That probably didn't clear anything up did it?
    Well it sure fuzzyed the waters for me...

    I don't know about your policy Angelic but mine is to disable the user for a period when they leave. This allows them to still receive mail to their address so that their supervisor can access the mail in case anything important comes in. Now, IIRC, (my staff do this now), when you want to delete them you have a menu option to remove them from Exchange. If you don't do this it is possible for the mailbox to remain. Now, this may be related to Road's post but it is something you may need to take into account.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    I was trying to say that exchange parses the AD for users every few minutes and it runs a cleanup operation every night. There is no way to remove users or add them to exchange. That is done solely through active directory without going in with MS tools and actually manipulating the database. So exchange looks for changes and when a new account is added and marked for exchange through active directory users and computers exchange sees the account and adds it according to seetings establsished in Recipiant Update Services or the Recipient Update Policy depending on the context. And when the box is removed it does this in reverse. With the cleanup happening that night. When operators have to go in a purge an email account that means it has been altered from the default state of automatic purge. I do the same thing tiger but I just delete them from AD after a few weeks. All a purge does (i think) is clean out an acount that has been marked for deletion by active directory. And exchage has to be able to detect this change. The mailboxed should be removed as soon as the connectors are all operating correctly and the key may be to look around RUS and make sure the master browser is the server it's pointing too.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  7. #7
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    I am here putzing around on a mail server. If you right click on the server in ESM the go to properties the Mailbox management tab could be disabled or set to never run. That could be a problem. I have seen people set that to never run and an admin runs it periodically. Not efficient but so be it.

    Now if you look under recpient update services and your main master browser isn't listed. The easiest thing is to power down the domain controllers then exchange and then power up the master browser, wait... power up the domain controllers.... wait then exchange. Hassle? Hell yes but it works to get it all back up. You can force change the roles but this works better. Trust me.

    Now after that go back into RUS and force a database rebuild. Right click the domain controller and "rebuild" Then run mailbox management or set the Mail Box management to run Saturday at Midnight since its the weekend. Go home forget about exchange have a beer and check it on Monday.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •