Exchange 2010 Mailbox Account Auditing : Options?
I work for a school district that has not audited mailbox accounts in years. I would like to do a search/audit on our mailserver for accounts that have not been accessed in X number of days, and then have the flexibility to disable/delete accounts based on this information. What are my options for this? Thank you very much in advance!
May 10th, 2012 2:30pm

Hi Jon, "Get-MailboxStatistics" should have the information that you are looking for (ie: Last Logon Time). You could run a query similar to the following to see all mailboxes that have not been logged onto since Jan 31, 2012: Get-MailboxStatistics | where {$_.LastLogonTime -lt "01/31/2012 12:00:00 AM"} | ft displayname, last* -Matt
Free Windows Admin Tool Kit Click here and download it now
May 10th, 2012 4:14pm

Hi Jon, "Get-MailboxStatistics" should have the information that you are looking for (ie: Last Logon Time). You could run a query similar to the following to see all mailboxes that have not been logged onto since Jan 31, 2012: Get-MailboxStatistics | where {$_.LastLogonTime -lt "01/31/2012 12:00:00 AM"} | ft displayname, last* -Matt
May 10th, 2012 4:14pm

LastLogon cannot really be relied up, because shared mailboxes will provide false information. The best option is to go after the actual AD accounts, you will need to query all domain controllers. Use oldcmp to look for old accounts. http://www.joeware.net/freetools/tools/oldcmp/ Simon. Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
Free Windows Admin Tool Kit Click here and download it now
May 10th, 2012 5:48pm

LastLogon cannot really be relied up, because shared mailboxes will provide false information. The best option is to go after the actual AD accounts, you will need to query all domain controllers. Use oldcmp to look for old accounts. http://www.joeware.net/freetools/tools/oldcmp/ Simon. Simon Butler, Exchange MVP Blog | Exchange Resources | In the UK? Hire Me.
May 10th, 2012 5:48pm

Hi Jon, You can also try to use the powershell in the following blog to find the Inactive Active Directory Users: Use PowerShell to Find and Remove Inactive Active Directory Users http://blogs.technet.com/b/heyscriptingguy/archive/2011/11/30/use-powershell-to-find-and-remove-inactive-active-directory-users.aspxFrank Wang TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
May 11th, 2012 4:43am

Hi Jon, You can also try to use the powershell in the following blog to find the Inactive Active Directory Users: Use PowerShell to Find and Remove Inactive Active Directory Users http://blogs.technet.com/b/heyscriptingguy/archive/2011/11/30/use-powershell-to-find-and-remove-inactive-active-directory-users.aspxFrank Wang TechNet Community Support
May 11th, 2012 4:43am

Hi Jon, Any updates?Frank Wang TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
May 15th, 2012 10:11pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics