none
Disabled users' mail still forwarding via inbox rule RRS feed

  • Question

  • I've noticed that our Exchange 2010 environment still forwards mail to users that have inbox rules configured even though their AD account is disabled.  I would like to find these accounts and eventually remove the inbox rules.  I wrote a short script that I thought would do the trick but it is returning all mailboxes in the environment as opposed to only the ones belonging to disabled users.  I suspect this is because I cannot run the get-aduser and get-inboxrule through the same pipeline however I am not seeing any errors just not getting back the set I am expecting.  Maybe this is a quick fix or maybe someone can suggest a better way to approach this?  Thank you!!!

    Set-AdServerSettings -RecipientViewRoot "DC=x,DC=x,DC=com" | 
        Get-ADUser -Filter 'Enabled -eq $false'| 
            foreach {Get-InboxRule | Where {$_.ForwardTo -ne $null} | 
                    Select identity,isvalid, @{Name="ForwardTo";Expression={[string]::join(";",($_.ForwardTo))}}}


    ~Eric

    Tuesday, November 24, 2015 11:19 PM

Answers

  • I ended up approaching this differently and it works.  

    Get-User -DomainController 'xxxxxxx' -ResultSize unlimited -RecipientTypeDetails UserMailbox | where {$_.UseraccountControl -like “*accountdisabled*”} | Get-Mailbox | Get-InboxRule | Remove-InboxRule

    I am guessing that there are a ton of companies out there that are disabling user accounts and not immediately removing the mailbox and email is still forwarding to non-employees based on Inbox Rules....


    ~Eric

    • Marked as answer by EricJWeiner Wednesday, November 25, 2015 6:48 PM
    Wednesday, November 25, 2015 6:48 PM

All replies

  • Hi,

    Since you're not pointing at the rules in a particular mailbox, you're getting them all back. Use -Mailbox to specify which user's rules to look at.

    https://technet.microsoft.com/en-us/library/dd351062%28v=exchg.141%29.aspx


    Tuesday, November 24, 2015 11:27 PM
  • I thought by putting it in the same pipeline, I was getting the mailboxes back of the get-aduser part of the script?  Am I better off outputting that result to a variable?

    ~Eric

    Tuesday, November 24, 2015 11:29 PM
  • I ended up approaching this differently and it works.  

    Get-User -DomainController 'xxxxxxx' -ResultSize unlimited -RecipientTypeDetails UserMailbox | where {$_.UseraccountControl -like “*accountdisabled*”} | Get-Mailbox | Get-InboxRule | Remove-InboxRule

    I am guessing that there are a ton of companies out there that are disabling user accounts and not immediately removing the mailbox and email is still forwarding to non-employees based on Inbox Rules....


    ~Eric

    • Marked as answer by EricJWeiner Wednesday, November 25, 2015 6:48 PM
    Wednesday, November 25, 2015 6:48 PM