Exchange 2013: How to completely remove all settings from Active Directory

Exchange 2013: How to completely remove all settings from Active Directory

If you want to completely wipe all traces of Exchange Server 2013 from your Active Directory then follow this simple instructions. This has worked thus far for me but perhaps I missed something so feel free to provide any feedback you may have.

Removing Exchange from AD is not something you might want to do carelessly. It should be obvious that wiping this information should be equivalent to starting your whole Exchange Infrastructure from scratch. This may result on losing mailboxes, emails, settings, email deliverability, etc. If you are familiar with the risks and understand what you are doing that’s fine, but if any of this sounds new to you then you should be most careful and seek professional help.

We are going to use the ADSIEdit tool which is used to edit Active Directory Metadata/Schema/etc. This is probably more delicate that messing with the Windows Registry so please proceed with extreme caution.

You’ll find this method is usually a last resort in some extreme cases like:

a) The uninstaller failed halfway and there is no power that can help you (or you were doing an initial enterprise installation and the installer failed halfway and now you have an unclean installation from which you can’t proceed)

or

b) You have a server that is kaput so you can’t run the uninstaller and remove it from AD (which in this case you might just want to remove some entries not entire subtrees like we’ll do here.)


I. Remove the entire Microsoft Exchange Configuration

 

First, open ADSIEdit (which you can find on your start menu. Once opened go to Action -> Connect to and there select Configuration like shown here:

Kx.CloudIngenium.com - Exchange 2013 How to completely remove all settings from Active Directory - ADSI Edit Connect Configuration Context

Navigate to this path to delete the following two Exchange Subtrees:

  • CN=Configuration,DC=DOMAIN,DC=LOCAL
    • CN=Services
      • CN=Microsoft Exchange (DELETE)
      • CN=Microsoft Exchange Autodiscover (DELETE)

Once you are done open the connection but this time to the “Default Naming Context” in order to delete the Exchange security groups and objects:

  • CN=Default naming context,DC=DOMAIN,DC=LOCAL
    • CN=Microsoft Exchange Security Groups (DELETE)
    • CN=Microsoft Exchange Security Objects (DELETE)

II. Remove automatically generated users / groups

There are a few Active Directory users that are generated automatically by Exchange. Some serve as Discovery services, others are used to monitor the health of the system. Regardless these will no longer be needed if you have permanently removed Exchange from your organization:

  • DiscoverySearch Mailbox{GUID}
  • Exchange Online-ApplicationAccount
  • FederatedEmail.GUID
  • Migration.GUID
  • *SystemMailbox{GUID}
  • *HealthMailboxGUID

III. Remove settings from a server

If you have access to your Exchange server you can delete a few things to leave it almost in pre-Exchange state. I strongly suggest you simply start from a fresh Windows Installation as it is hard to truly leave a server in a pre-exchange state.

Delete the location you installed Exchange server:

C:\Program Files\Microsoft\Exchange Server

Remove all IIS sites created by Exchange Server:

Launch the IIS-Manager and delete the front and back end web sites.

Registry keys:

Just to name a few well known ones:

    • HKLM\Software\Microsoft\ExchangeServer
    • HKLM\CurrentControlSet\Services\MSExchange*

 

Enhanced by Zemanta

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.