Remove MailboxDatabase operation fails to clean up health mailboxes
Original KB number: 3046530
Symptoms
When you try to remove a mailbox database from Exchange Server 2016 or Exchange Server 2013, you receive these warnings:
EMS:
EAC:
Cause
This attempt to remove the mailbox database fails to remove the AD User accounts of health mailboxes in the database, and this triggers the warning messages.
The AD user accounts cannot be removed in this case because the Exchange Servers security group inherits explicit deny permissions for deleting objects in the Monitoring Mailboxes container.
Workaround
To work around this issue, follow these steps to add an explicit allow permission to the Exchange Servers group on the Monitoring Mailboxes container. To do this, follow these steps:
Open Active Directory Users and Computers.
Select View, and then make sure that Advanced Features is selected. If it is not, select it.
Navigate to the following container:
Right-click Monitoring Mailboxes, select Properties, and then select the Security tab.
Select Advanced on the Security tab. You now see this dialog box:
Select Add, type Exchange Servers, select Check Names, and then select OK.
Select the Allow check box for the Delete subtree permission.
Select OK in all the remaining windows.
Wait for AD replication.
If you have Exchange deployment in a multi-AD domain environment, follow the preceding steps on all the domains in which Exchange servers are deployed.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for