You can perform Exchange-related tasks (for example, creating or deleting email addresses) on Active Directory (AD) user accounts with the Active Roles Console.
To perform Exchange tasks on a user account
-
In the Console tree, locate and select the folder that contains the user account you want to perform Exchange tasks on.
-
In the details pane, right-click the user account and click Exchange Tasks to start the Exchange Task Wizard.
-
On the Available Tasks page of the wizard, select the task you want to perform.
The following tasks are available, depending on the selected group:
-
Create User Mailbox, Establish E-mail Addresses: The account is enabled, and does not have a mailbox or external email address.
-
Create User Mailbox, Create Room Mailbox, Create Equipment Mailbox, Create Linked Mailbox, Create Shared Mailbox, Establish E-mail Addresses: The account is disabled, and does not have a mailbox or external email address.
-
Move Mailbox, Disable Mailbox: The account has a mailbox.
-
Delete E-mail Addresses: The account has an external email address.
-
Enable Archive: The account has a user mailbox without an archive.
-
Disable Archive: The account has a user mailbox with an archive.
- On the next page of the wizard, do one of the following, depending on the selected task:
-
Mailbox Settings: Specify the alias and mailbox database. You can select a retention policy, Exchange ActiveSync mailbox policy, or address book policy for the mailbox.
-
Enable Archive: (Optional) Specify the mailbox database for the archive.
-
Resource Information: Configure the resource capacity and custom properties for the room or equipment mailbox.
-
Master Account: Select the master account for the linked mailbox.
-
Mailbox Sharing: Specify the users who you want to have access to the mailbox.
-
Establish E-mail Addresses: Specify the user alias and external email address.
-
Move Mailbox: Select the database to which you want to move the mailbox. If the mailbox has an archive enabled, specify whether to move only the mailbox, only the archive, or both the mailbox and the archive.
-
Disable Mailbox, Disable Archive, Delete E-mail Addresses: Confirm the operation.
-
On the completion page of the wizard, review the results of the task. To view the progress report, click Back. To close the wizard, click Finish.
NOTE: Consider the following when performing Exchange tasks:
-
You can perform Exchange tasks on multiple objects at a time. To do so, start the Exchange Task Wizard by selecting the objects, right-clicking the selection, and clicking Exchange Tasks.
-
To locate the objects on which you want to perform Exchange tasks, use the Find function of Active Roles. Once you found the objects, start the Exchange Task Wizard by selecting the objects in the list of search results, right-clicking the selection, and clicking Exchange Tasks.
You can move user accounts from one Active Directory container to another with the Active Roles Console.
To move a user account
-
In the Console tree, locate and select the folder that contains the user account you want to move.
-
In the details pane, right-click the user account and click Move to display the Move dialog.
-
In the Move dialog, select the folder to which you want to move the user account, then click OK.
NOTE: Consider the following when moving an object:
-
With Active Roles, directory objects can only be moved within the same domain. This means that the folder to which you want to move the object must belong to the same domain as the object.
-
You can move multiple objects at a time with the Move dialog. To open the dialog, select the objects, right-click the selection, and click Move. To select multiple objects, press and hold Ctrl, then click each object.
-
To locate the object that you want to move, use the Find function of Active Roles. Once you found the accounts, open the Move dialog by right-clicking the object, and clicking Move.
-
The Console provides the drag-and-drop function for moving objects. To move objects, you can drag the selection from the details pane to a destination container in the Console tree.
With the Active Roles Console, you can export user accounts to an XML file and then import them from that file to populate a container in a different domain. The export and import operations provide a way to relocate user accounts between domains.
To export user accounts, select them, right-click the selection, and select All Tasks > Export. In the Export Objects dialog, specify the file where you want to save the data, and click Save.
To import user accounts, right-click the container where you want to place the accounts, and then click Import. In the Import Directory Objects dialog, select the file to which the user accounts were exported, and click Open.
You can delete Active Directory user accounts with the Active Roles Console.
To delete a user account
-
In the Console tree, locate and select the folder that contains the user account you want to delete.
-
In the details pane, right-click the user account, then click Delete.
NOTE: Consider the following when deleting a user account:
-
Deleting an account is a destructive operation that cannot be undone. Once an account is deleted, the permissions and memberships associated with that account are also permanently deleted. Because the security ID (SID) for each account is unique, a new account with the same name as the previously deleted account does not automatically receive the permissions and memberships that the previously deleted account had. To duplicate a deleted account, you must recreate all permissions and memberships manually.
-
You can delete multiple objects at the same time by selecting the objects, right-clicking the selection, and clicking Delete. To select multiple objects, press and hold Ctrl, then click each object. If you select multiple objects, clicking Delete displays a dialog. To delete all the selected objects, select the Apply to all items check box, then click Yes.
-
Instead of deleting user accounts, you can also deprovision them by selecting the accounts, right-clicking the selection, then clicking Deprovision.
-
To locate user accounts for deletion or deprovisioning, use the Find function of Active Roles. Once you found the users, delete or deprovision them by selecting the accounts in the list of search results, right-clicking the selection, and clicking Delete or Deprovision.
-
When attempting to delete an object, you may receive an error message that access is denied to the object. This can typically occur if the object is protected from deletion. To remove this protection, navigate to the Properties > Object tab of the object you want to delete, then clear the Protect object from accidental deletion check box. After that, try deleting the object again.