locked
Create new AD user accounts for all users, keep old mailbox/email address. RRS feed

  • Question

  • Due to many circumstances I need to create all of my users new AD accounts, I would like to keep their old email address, Is this possible? is there a way to script this?
    Wednesday, April 10, 2013 4:56 PM

Answers

  • ok, you can do this.

    1. Create all new 1800 AD accounts

    2. Disconnect all the mailboxes from current AD accounts

    3. Connect with new AD accounts.

    Note: Existing permissions will be gone if users have permission to others mailbox, you have to plan for this.


    Kottees : My Blog : Please mark it as an answer if it really helps you.

    Wednesday, April 10, 2013 7:32 PM
  • Disconnect and then reconnect the mailboxes to the new AD accounts will work. To disconnect a mailbox, we may use remove or disable mailbox cmdlet:

    • Disable will remove the Exchange attributes for the user account but leave the user account in Active Directory.  The mailbox is then also left in the Exchange mailbox database until the retention period has lapsed, then it is removed permanently.
    • Remove will remove both the Exchange mailbox and the user account from Active Directory

    For Scripts releated issue, it is recommended to post the question in Exchange development forum below. Your understanding would be appreciated.

    http://social.technet.microsoft.com/Forums/en-US/exchangesvrdevelopment/threads


    Fiona Liao
    TechNet Community Support

    Thursday, April 11, 2013 3:13 AM
    Moderator
  • I apologize for the long absence, I had forgotten I posted the questions. Below is an update on what has occurred.

    The company I work for utilizes VMWare SRM for disaster recovery, we utilized this technology to create an isolated working copy of production that we could spin up and take down to refresh at any point in time. Using this environment I was able to fully test my method of migrating all users to a new ID, while maintaining email, groups, etc.

    I created a set of powershell scripts that accomplished my goals, setting all AD attributes to match, mirroring all groups, removing old ID from groups, Disabling, and enabling the mailbox on the new account, setting any permissions for shared mailboxes, dist list, etc that they had before. I renamed all home and RDP profiles folders to new convention, while at the same time pointing to new DFS namespace.

    Of our 1800ish employees, I have converted approx 500 without any real issue.

    • Marked as answer by JETJR Monday, September 30, 2013 7:22 PM
    Monday, September 30, 2013 7:22 PM

All replies

  • Perhaps you can explain a bit more of whats going on in your environment so that we have a better understanding of the issue at hand? 

    Also what version of Exchange are you on?


    Troy Werelius
    www.Lucid8.com
    Search, Recover, & Extract Mailboxes, Folders, & Email Items from Offline EDB's and Live Exchange Servers or Import/Migrate direct from Offline EDB to Any Production Exchange Server, even cross version i.e. 2003 --> 2007 --> 2010 with Lucid8's DigiScope

    Wednesday, April 10, 2013 7:19 PM
  • Hi,

    AD/Mailbox cannot be duplicated.

    You can add 1 into the old mailboxes/AD accounts at the end of it (i.e: james --> james1)

    Then you can create a new mailbox for all the users (i.e: james)


    Kottees : My Blog : Please mark it as an answer if it really helps you.

    Wednesday, April 10, 2013 7:25 PM
  • Due to some direction beyond my control I need to move all users to a new logon name convention. I have approx 1800 users. Each user has an exchange 2007 email account and mailbox. We would like to have the current email associate with the new user ID. So userA with an email of userA@company.com would become user123 with an email of userA@company.com and all their mail/calendar/etc would still be there.

    Id like to automate as much as I can given some time constraints but if its better or only possible to do this manually that works as well.

    Wednesday, April 10, 2013 7:29 PM
  • ok, you can do this.

    1. Create all new 1800 AD accounts

    2. Disconnect all the mailboxes from current AD accounts

    3. Connect with new AD accounts.

    Note: Existing permissions will be gone if users have permission to others mailbox, you have to plan for this.


    Kottees : My Blog : Please mark it as an answer if it really helps you.

    Wednesday, April 10, 2013 7:32 PM
  • Disconnect and then reconnect the mailboxes to the new AD accounts will work. To disconnect a mailbox, we may use remove or disable mailbox cmdlet:

    • Disable will remove the Exchange attributes for the user account but leave the user account in Active Directory.  The mailbox is then also left in the Exchange mailbox database until the retention period has lapsed, then it is removed permanently.
    • Remove will remove both the Exchange mailbox and the user account from Active Directory

    For Scripts releated issue, it is recommended to post the question in Exchange development forum below. Your understanding would be appreciated.

    http://social.technet.microsoft.com/Forums/en-US/exchangesvrdevelopment/threads


    Fiona Liao
    TechNet Community Support

    Thursday, April 11, 2013 3:13 AM
    Moderator
  • On Wed, 10 Apr 2013 19:29:18 +0000, JETJR wrote:
     
    >Due to some direction beyond my control I need to move all users to a new logon name convention. I have approx 1800 users. Each user has an exchange 2007 email account and mailbox. We would like to have the current email associate with the new user ID. So userA with an email of userA@company.com would become user123 with an email of userA@company.com and all their mail/calendar/etc would still be there.
    >
    >Id like to automate as much as I can given some time constraints but if its better or only possible to do this manually that works as well.
     
    Why not just change the account name and UPN on the current AD users?
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Friday, April 12, 2013 3:14 AM
  • Hi,

    Is there any update? It would be nice to mark it accordly if the issue is resolved.

    If you have any feedback on our support, please click here


    Fiona Liao
    TechNet Community Support

    Friday, April 12, 2013 6:44 AM
    Moderator
  • I apologize for the long absence, I had forgotten I posted the questions. Below is an update on what has occurred.

    The company I work for utilizes VMWare SRM for disaster recovery, we utilized this technology to create an isolated working copy of production that we could spin up and take down to refresh at any point in time. Using this environment I was able to fully test my method of migrating all users to a new ID, while maintaining email, groups, etc.

    I created a set of powershell scripts that accomplished my goals, setting all AD attributes to match, mirroring all groups, removing old ID from groups, Disabling, and enabling the mailbox on the new account, setting any permissions for shared mailboxes, dist list, etc that they had before. I renamed all home and RDP profiles folders to new convention, while at the same time pointing to new DFS namespace.

    Of our 1800ish employees, I have converted approx 500 without any real issue.

    • Marked as answer by JETJR Monday, September 30, 2013 7:22 PM
    Monday, September 30, 2013 7:22 PM
  • Can you share your script

    Search, Recover, & Extract Mailboxes, Folders, & Email Items from Offline Exchange Mailbox and Public Folder EDB's and Live Exchange Servers or Import/Migrate direct from Offline EDB to Any Production Exchange Server, even cross version i.e. 2003 --> 2007 --> 2010 --> 2013 with Lucid8's DigiScope

    Monday, September 30, 2013 8:28 PM