Removing Microsoft Exchange from Active Directory can be a complex process and should only be performed by someone who is familiar with the Exchange server architecture and Active Directory. Before proceeding with the removal process, it’s important to understand the potential impact on your organization and to plan accordingly.
Here are the general steps to remove Exchange from Active Directory:
- Verify that all mailboxes have been moved: Before removing Exchange, all mailboxes should be moved to another email system or archived. This ensures that no email data is lost during the removal process. You can use the Exchange Management Console or Exchange Admin Center to check the mailbox status and move them to a different server.
- Uninstall Exchange: To uninstall Exchange, log on to the Exchange server with an account that has administrative privileges. Open the Control Panel and select Programs and Features. From the list of installed programs, select Microsoft Exchange and click Uninstall. Follow the prompts to complete the uninstallation process.
- Remove Exchange Server objects from Active Directory: Once Exchange is uninstalled, you need to remove the Exchange Server objects from Active Directory. This can be done using the ADSI Edit tool. Open the tool and navigate to the Configuration container in Active Directory. Expand the Services container and delete the Microsoft Exchange container. You may also need to delete other Exchange-related objects, such as address lists and connectors.
- Remove Exchange-related attributes from Active Directory user accounts: Exchange-related attributes may be attached to user accounts in Active Directory. These attributes need to be removed in order to complete the removal process. You can use the Active Directory Users and Computers console or PowerShell to remove these attributes.
5. Here is how to remove Exchange Server with ADSI Edit
a. Sign in to the Domain Controller and navigate to the Start menu. Open Administrative Tools and start ADSI Edit.
b. Remove Exchange Server attributes
Once opened, right-click ADSI Edit and click Connect to…
c. Select Configuration and click OK.
d. Expand CN=Configuration, DC=xxxx, DC=com and expand CN=Services. Right-click on CN=Microsoft Exchange and click delete. A warning will show if you are sure to delete this object, confirm with Yes. Do the same with CN=Microsoft Exchange Autodiscover, right-click and click delete.
e. After removing both the objects in ADSI Edit. The screen will look like the following.
6. Remove Exchange Server security groups and system objects attributes
a. Start Active Directory Users and Computers (ADUC).
b. Expand the domain and verify that the Organizational Unit (OU) Microsoft Exchange Security Groups and Microsoft Exchange System Objects are present. We can remove it from here or from ADSI Edit. We are going to use ADSI Edit.
c. Right click on Microsoft Exchange Security Groups, and then Delete.
d. Confirm it.
e. Click Yes to confirm to delete Object Microsoft Exchange Security Groups…
7. Delete OU=Microsoft Exchange Security Groups using ADSI Edit
a. Right-click ADSI Edit and click Connect to…
b. Select Default naming context and click OK.
c. Expand DC=xxxx, DC=com. Right-click on OU=Microsoft Exchange Security Groups and click delete. A warning will show if you are sure to delete this object, confirm with Yes. Do the same with CN=Microsoft Exchange System Object, right-click and click delete.
d. We can confirm in ADUC that both the OUs are deleted.
8. Remove Exchange from Active Directory
Remove the Exchange Server if it’s showing in Active Directory Users and Computers (ADUC). Right-click the Exchange Server and click Delete.
9. Remove automatically generated Exchange user accounts
There are a few Active Directory users that are generated automatically by Exchange. Some serve as Discovery services, others are used to monitor the health of the Exchange system. These will no longer be needed if you have permanently removed Exchange from your organization.
Go to Active Directory Users and Computers and open the Users container. Right-click the following users and click delete.
- DiscoverySearch Mailbox{GUID}
- Exchange Online-ApplicationAccount
- FederatedEmail.GUID
- Migration.GUID
- SystemMailbox{GUID}
