I had an issue where several users that no longer work here still had active sync devices in AD for whatever reason so I needed to get rid of them.
Quick Google Search found this Technet thread
The long and short of it are these two lines that gather all the active sync devices that haven't checked in within the past 30 days and then removes them.
For my purposes I changed it 90 days the first time through, however I now run this script once monthly.
-- Powershell Start --
$DevicesToRemove = Get-ActiveSyncDevice -result unlimited | Get-ActiveSyncDeviceStatistics | where {$_.LastSuccessSync -le (Get-Date).AddDays("-30")}
$DevicesToRemove | foreach-object {Remove-ActiveSyncDevice ([string]$_.Guid) -confirm:$false}
-- Powershell End --
Now let's say the user doesn't have a mailbox on Exchange anymore.
You first have to temporarily recreate the mailbox
-- Powershell Start --
Enable-Mailbox -Identity:'OU/User'
-- Powershell End --
Then rerun the above script.
If you don't create the mailbox you get a can't find recipient error.
Then after the active sync devices are gone simply run
-- Powershell Start --
Remove-Mailbox -Identity:'OU/User'
-- Powershell End --
If for some reason you still can't remove the Active Sync devices you can open ADSI Edit and look for
CN=ExchangeActiveSyncDevices container under the user object
Then simply remove that.
No comments:
Post a Comment