I wanted to bring to light a specific issue that may occur during mailbox moves in complex environments with multiple Active Directory Sites and multiple Exchange servers. There are several other settings which must be in place in order for this issue to present itself.

First, here are the settings which need to be in place:

1. On both the Source and Target mailbox stores, set Deleted Mailbox Retention to 0 days.

2. Note what the Online Maintenance schedule is set to on both stores. The moves need to be scheduled to coincide with Online Maintenance on the Target mailbox store.

*Note - for the purposes of my testing, I set Online Maintenance to run Always for my databases.

3. There must be multiple Active Directory Sites so as to introduce AD replication latency (Inter-Site connectors can only replicate every 15 minutes), and there need to be Exchange servers in these different AD sites (or Exchange must be configured to statically point to the GC of the other site).

4. Enable Diagnostics Logging under MSExchangeIS\Mailbox, and set the category General to Maximum (only minimum is necessary though). This is necessary in order to log Online Maintenance events.

Some background here: one of the tasks performed by Online Maintenance is to identify mailboxes that are past the retention date and to delete them. As part of this task, it will also run the Cleanup Agent, which is the task that identifies orphaned/reconnected mailboxes. If you recall, in Exchange 2000 and 2003, if you delete a mailbox, it is not immediately deleted, nor is it marked as disconnected. If a mailbox is orphaned (no user connected to it), it gets marked as disconnected; if it is disconnected and past the retention date, it gets deleted.

For more information on the tasks run during Online maintenance, please see the following link:

http://technet.microsoft.com/en-us/library/aa996226(EXCHG.65).aspx

During a mailbox move, the destination mailbox will be created so that data can be copied to it. This destination mailbox is not yet associated with a user account though. This process of associating with the user account does not happen until the very end of the mailbox move and all content has been copied to the destination mailbox. During the final step of the move, the user attributes are updated to point to the new server (if applicable) and new database. This process of updating attributes is what associates the destination mailbox with the user account.

If you manually run the Cleanup Agent on the destination mailbox store during a move, you will find that the destination mailbox will show up as a disconnected mailbox. If you then run the Cleanup Agent again right after the move completes, you will find that in some cases the destination mailbox will also be purged. This can cause problems, because when a move is successful, the source mailbox is removed as well. If the Cleanup Agent is run from another Exchange server that is pointing at a different Active Directory Site, and the Exchange attributes (homeMDB, homeMTA, msExchHomeServerName) have not yet been updated, the Cleanup Agent will detect that this mailbox is not attached to a user account, and that it is past the retention date; and therefore, the mailbox will be deleted. You should see the following events indicating that this is occurring:

Event 9533
The user account for "user" does not exist in the directory or is not enabled for Exchange mail. This mailbox will be removed from the mailbox store "database" in 0 days.

Following that, you will see:

Event 9535
Cleanup of deleted mailboxes that are past the retention date is finished on database "database"

The first time I saw this event, the mailbox was not deleted. Then we have round 2, a few minutes later:

Event 9531
Starting cleanup of deleted mailboxes that are past the retention date on database "database"

Event 9535
Cleanup of deleted mailboxes that are past the retention date is finished on database "database"
1 deleted mailboxes have been removed

Event 9532
The user account "user" does not exist in the directory or is not enabled for Exchange mail. This mailbox has been removed from the mailbox store "database"

There are two ways to prevent this from happening:

  1. Make sure that Deleted Mailbox Retention is set to a non-zero value.
  2. Configure the Online Maintenance interval so that it does not overlap with your scheduled mailbox moves. Alternatively, set Online Maintenance to not run on days when you will be scheduling moves.

If you have encountered a situation similar to this, we want to hear from you! Please post a comment.

- Ben Winzenz

Share this post :