How to delete Active Directory user with privilege issue

There may be a number of reasons you can’t delete some users from Active Directory, one of them could be domain admin or enterprise admin privileges. Another could be some objects are still in use or not sync up with an exchange, they both have some many references, so can’t delete active directory user with exchange ActiveSync

I had come across one after migration to Office 365, some user account that may have old Exchange attributes that cannot be deleted and you will have to manually give your self full access. here is how to delete those account that has privilege issues.

First you need to change the view to: use the “view -> users, Contacts, Groups, and Computers as containers”

Then go to the user you are having issue deleting, give you self full permission to object then you should be able to delete it

Increase allowed maximum attachment size

On exchange 2010 or may be applied to other versions of on-premise exchange. You have maximum attachment size setting to allow people to send to other users and there are many causes based on settings of, database, mailbox, email spam system, firewall, etc… Also, there is one more on Active sync, which is by default is 10 MB, so it does not matter, if you have allowed bigger attachment. When using the smartphone you will see the server rejected message when your attachment is larger than 10 MB.

You can Open the web.config settings of the Microsoft Active Sync

Then edit the httpRuntime maxRequestLength to whatever you like

After the change is been made, you will need to restart the IIS service to take effect of your new settings. Then you should be able to send bigger attachments from your smartphone. Some other things to be noted, if your mail server allowing bigger attachment that does not mean other mail server will accept bigger attachment. Most spam system scanner inside your attachments and can block if something inside attachment have strange type of content.

Recover Deleted mailbox on exchange 2010

In case you have deleted mailbox my mistake, you may still be able to recover if your backup has not run yet.  You can recover mailbox as the same user or attach to a new user. If you have deleted the Active Directory account when you had delete Mailbox, you need to re-create it first then you will be able to attach the disconnected mailbox to a user. If you don’t see anything under Disconnected mailbox, then you will not be able to reconnect without restoring from your backup first. If you want to remove mailbox check post How to remove Mailbox only on exchange 2010

Reconnect disconnected Mailbox

Open Exchange Management Console
Expand Recipient Configuration>Disconnected Mailbox
On the right side select user mailbox, you want to reconnect.

You will need to choose mailbox type, if it’s User Mailbox, Room Mailbox, Equipment Mailbox or Linked Mailbox, based on your selection you will see different options to choose from, here I am selecting User Mailbox

You will have option to choose Matching user or Existing User

  • Matching: you will not get option to select user, it will automatically connect Matching user
  • Existing user: Then you will get option to search same or another user, if user does not exist, create it first then try reconnecting.

How to Remove Mailbox via Power shell

Open Exchange Management Shell

Remove-Mailbox –Identity “NameOfUser”

Then it will give you message “Are you sure you want to perform this action?” once you are sure type y and press Enter

If you don’t want to get confirmation:

Remove-Mailbox –Identity “NameOfUser” -Confirm:$false

How to remove Mailbox only on exchange 2010

Exchange 2010 is very old and its extended supports ends in 2020, so you should have already migrated over to a newer version of Exchange or to cloud Microsoft office 365.  In case you have not and wanting to do clean up, before your migration, there are cases that mailbox no longer needed but Windows login needed.  Here is how to remove mailbox only, without removing Active Directory login for the user. You can see Microsft Lifecycle at

How to Disable Mailbox

  • Open Exchange Management Console
  • Expand Recipient Configuration>Mailbox
  • On the right side select the user mailbox you want to remove
  • Right Click on the user and select Disable

You will get a message to confirm, that you want to Disable, which will remove the Exchange properties from the Windows user object and mark the mailbox in the database for removal. Select Yes

Then that mailbox goes in Disconnected Mailbox and will be kept based on setting set for settings under:

  • Organization Configuration>Database Management>
  • Look at properties of mailbox then click on Limits tab
  • You will see “Deletion settings
  • Keep deleted items for (days): x
  • Keep deleted mailboxes for (days): x

Also, if you have checked the box “Don’t permanently delete items until the database has been backed up.” then it will not delete until it’s been backed up. This way if you deleted by mistake wrong user mailbox you can re-connected.

How to Disable Mailbox via Power shell

Open Exchange Management Shell:
Disable-Mailbox –Identity “NameOfUser”
Then it will give you message “Are you sure you want to perform this action?” once you are sure type y and press Enter


If you don’t want to get confirmation:
Disable-Mailbox –Identity “NameOfUser” -Confirm:$false

That’s it, if the name does not match it will give you error

As you can see Exchange 2010 Service Pack 3 is ending it’s extended support by 1/14/2020

Exchange 2010 Kerberos authentication failed

Exchange 2010 is about 8 years old, but many organizations still using it.  System admin like us needs to support, as much as we can, while keeping up with today’s technologies.  There will be times when you might get a message like this in Exchange 2010 Kerberos authentication failed.  There are many blogs, who have found a solution, I would just like to have for myself and maybe others will find useful too.   Here is the screenshot of the error, I saw, when trying to access the Exchange 2010 management console:

You may also get something like this too:

You might want to back up your registry just in case, one of the settings called “NodeStructureSettings”

Then run this command it fixed for me: by resetting the IIS via CMD command

Here is how you like it to be always, working without error 24/7

Hope you will never have to do the fix, but you never know