Remove Exchange 2010 Manually. Force Removal when cannot do from Add / Remove

if you wanna be good at something, you gotta start somewhere
•    HOME
•    Administration
•    Programming
o    64-bit/Multicore
o    ActiveX/COM
o    ASP.NET MVC
o    C#
o    C/C++
o    Delphi
o    DirectX
o    Software Design
o    Tools
o    Web
o    Windows/.NET
•    Uncategorized
•    HOME
•    Infrastructure
•    Removing an Exchange 2010 Server that no longer exists
Removing an Exchange 2010 Server that no longer exists

X
Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on this topic.
If you removed an Exchange 2010 server from your network without properly uninstalling it, either because you experimented with it on a test box or on a virtual machine, or because the computer got hit by a meteor strike, or simply because you didn’t know better, you may notice that the server continues to exist in the network’s Active Directory and shows up in the Exchange Management Console. This article describes how to clean up the left over artifacts in your domain controller without having to reinstall your entire infrastructure.
Words of Warning
The recommended way to remove an Exchange server from your network is to properly uninstall it using the Exchange Server 2010 setup file. If the installation no longer exists, then there is also the option of installing a new server with the same name and restoring the original Exchange configuration. However, I have not explored this path as it appears to be much more time consuming.
Removing AD Configuration
The list of Exchange servers on the domain is stored in the Active Directory configuration. Perform the following steps to remove the offending server:
1.    Log on to the network’s domain controller
2.    From the Start menu select Run… and enter adsiedit.msc to launch the ADSI Edit tool
3.    In the tool, right-click ADSI Edit and select Connect To…
4.    In the Connection Settings dialog under Select a well known Naming Context select Configuration and click OK
5.    Navigate to CN=Configuration [domain] → CN=Services → CN=Microsoft Exchange → CN=[organization] → CN=Administrative Groups → CN=Servers
6.    Right-click and Delete the container for the offending Exchange server.
Removing Mailboxes
The Active Directory also stores information about the mailboxes that were located on the lost server. To remove these, perform the following steps in the ADSI Edit tool:
1.    Navigate to CN=Configuration [domain] → CN=Services → CN=Microsoft Exchange → CN=[organization] → CN=Administrative Groups → CN=Databases
2.    Identify the Mailbox Database containers that belonged to the lost server and Delete them.
If there are multiple Exchange servers on the network, the Mailbox Database folders to delete can easily be identified by clicking on the folder and checking the Name field of the first entry, which should contain the name of the lost computer. Do not delete references to databases belonging to other Exchange servers!
Removing Security Settings
Now that the server is removed, some other settings need to be cleaned up as well. Perform the following additional steps on the domain controller:
1.    Launch Server Manager
2.    Navigate to Roles → Active Directory Domain Services → Active Directory Users and Computers [domain] → [domain] → Microsoft Exchange Security Groups
3.    Remove the computer from the members list of Exchange Servers
4.    Remove the computer from the members list of Exchange Trusted Subsystem.
If the computer was removed from the network altogether, you may also want to remove it from the Active Directory’s list of computers, as well as the DNS Server’s Forward Lookup Zones.

Every have problems with OWA not work correctly? Many times it can be a problem in IIS .

The easiest way to fix it when that is the problem is to reinstalled OWARe-Install OWA. After I fixed this several times throughout the years. This time around I decided to save a guide on that process.   I found this guide to help with each step.

This is something from

http://support.microsoft.com/kb/941201

 

To resolve this problem,follow these step for your version of Exchange Server. After each step, determine whether the problem is resolved. If the problem persists, continue to the next step.

Before you begin, we recommend that you run the following command in the Exchange Management shell:

Get-OwaVirtualDirectory |fl >Owavdir.txt
This provides an output file that can be used as a reference when you re-create the OWA virtual directories
For Exchange Server 2007

 

Step 1: Delete and then re-create the Outlook Web Access-related virtual directories

To delete the Outlook Web Access-related virtual directories, follow these steps:

  1. Start the Exchange Management Shell.
  2. Type the following commands. Press ENTER after you type each command.
    Note These commands are case-sensitive.
    • Remove-OwaVirtualDirectory “exchange (default web site)”
    • Remove-OwaVirtualDirectory “public (default web site)”
    • Remove-OwaVirtualDirectory “exchweb (default web site)”
    • Remove-OwaVirtualDirectory “owa (default web site)”

To re-create the Outlook Web Access-related virtual directories, type the following commands at the Exchange Management Shell. Press ENTER after you type each command:

  • New-OwaVirtualDirectory “exchange” -OwaVersion Exchange2003or2000 -VirtualDirectoryType Mailboxes -WebSiteName “Default Web Site”
  • New-OwaVirtualDirectory “public” -OwaVersion Exchange2003or2000 -VirtualDirectoryType PublicFolders -WebSiteName “Default Web Site”
  • New-OwaVirtualDirectory “exchweb” -OwaVersion Exchange2003or2000 -VirtualDirectoryType Exchweb -WebSiteName “Default Web Site”
  • New-OwaVirtualDirectory -name “owa” -OwaVersion Exchange2007 -WebSiteName “Default Web Site” –InternalURL https://internalURL/owa -ExternalURL https://externalURL/owa

For Exchange Server 2010

 

Step 1: Delete and then re-create the Outlook Web Access-related virtual directories

To delete the Outlook Web Access-related virtual directories, follow these steps:

  1. Start the Exchange Management Shell.
  2. Type the following commands. Press ENTER after you type each command.
    Note These commands are case-sensitive
    • Remove-OwaVirtualDirectory “owa (default web site)”
    • Remove-ecpVirtualDirectory “ecp (default web site)”

To re-create the Outlook Web Access-related virtual directories, type the following commands at the Exchange Management Shell. Press ENTER after you type each command:

    • New-OwaVirtualDirectory -name “owa” -WebSiteName “Default Web Site” –InternalURL https://internalURL/owa -ExternalURL https://externalURL/owa
    • New-EcpVirtualDirectory -name “ECP” -WebSiteName “Default Web Site”

Note Where the “internalURL” signifies the internal Fully Qualified Domain Name of your Client Access Server (such as CAS1.contoso.com), and the “externalURL” signifies the external URL that your users connect to in order to access OWA (such as mail.consoso.com).

 

Step 2: Re-synchronize the passwords

Re-synchronize the passwords in the metabase and in the Active Directory directory service for the following accounts:

  • IUSR_ComputerName
  • IWAM_ComputerName

To do this, follow these steps:

  1. Start a command prompt, and then use the cd command to change to the following directory:

c:\inetpub\adminscripts

  1. Type the following command, and then press ENTER:

notepad adsutil.vbs

  1. Locate the following code.
  1. If (Attribute = True) then
  2. IsSecureProperty = True
  3. Else
  4. IsSecureProperty = False

End If

  1. In this code, change the value for IsSecureProperty from Trueto False, and then save the changes to the file.Important After you follow steps 1 through 4 to re-synchronize the passwords, you must change the first IsSecureProperty value back to True and then save the changes to the file.
  2. At the command prompt, type the following command, and then press ENTER:

cscript adsutil.vbs get w3svc1\anonymoususerpass

Results that resemble the following are returned:

Microsoft (R) Windows Script Host Version 5.6

Copyright (C) Microsoft corporation 1996-2001. All rights reserved.

 

anonymoususerpass               : (STRING) “HtV9o2w.18)@SY”

Note You may receive error code -2147024893 when you run this command. This issue occurs if the Anonymoususerpass property is set at the w3svc level for all Web sites and not at the particular Web site level (w3svc1). In this scenario, modify the get command to specify the w3svc level. To do this, type the following command, and then press ENTER:

cscript adsutil.vbs get w3svc\anonymoususerpass

  1. Copy the password that is displayed between the quotation marks in the returned results, and then use this password to reset the password for the IUSR_ComputerName account.
  2. At the command prompt, type the following command, and then press ENTER:

cscript adsutil.vbs get w3svc1\wamuserpass

Results that resemble the following are returned:

Microsoft (R) Windows Script Host Version 5.6

Copyright (C) Microsoft corporation 1996-2001. All rights reserved.

 

wamsuserpass                     : (STRING) “Tl&b9^1n9`7g*9″

Note If you receive error code -2147024893 when you run this command, type the following command, and then press ENTER:

cscript adsutil.vbs get w3svc\wamuserpass

  1. Copy the password that is displayed between the quotation marks in the results, and then use this password to reset the password for the IWAM_ComputerName account.
  2. Follow steps 1 through 3 to view the IsSecureProperty entry in the adsutil.vbs file. Revert the value of the first IsSecureProperty entry to True, and then save the changes to the file.

 

Step 3: Remove the Anonymoususerpass property from the ROOT container in the metabase

To remove the Anonymoususerpass property from the ROOT container in the metabase, follow these steps:

  1. Start a command prompt, and then use the cd command to change to the following directory:

c:\inetpub\adminscripts

  1. Type the following command, and then press ENTER:

cscript adsutil.vbs find w3svc/anonymoususerpass

Results that resemble the following are returned:

Microsoft (R) Windows Script Host Version 5.6

Copyright (C) Microsoft corporation 1996-2001. All rights reserved.

 

Property anonymoususerpass found at:

w3svc

  1. If the Anonymoususerpass property is set at w3svc and at w3svc/1/ROOT, remove the property from the ROOT level. To do this, type the following command, and then press ENTER:

cscript adsutil.vbs delete w3svc/1/ROOT/anonymoususerpass

  1. Reset IIS. To do this, type iisreset, and then press ENTER.Note You may also have to restart the Client Access Server (CAS).

Back to the top

Step 4: Verify that Anonymous authentication is enabled for the controls virtual directory and for the auth virtual directory

Verify that Anonymous authentication is enabled for the controls virtual directory under the owa virtual directory in IIS. Also, verify that Anonymous authentication is enabled for the auth virtual directory under the owa virtual directory in IIS. To do this, follow these steps:

  1. Start the Internet Information Services (IIS) Manager Microsoft Management Console (MMC) snap-in.
  2. Expand the server name, expand Web Sites, expand Default Web Site, and then expand owa.
  3. Under owa, right-click 8.0.685.24, and then click Properties.Note The 8.0.685.24 virtual directory may have a different version number for a name. This depends on the version of Exchange 2007 that is installed.
  4. Click the Directory Security tab, and then click Edit under Authentication and access control.
  5. Click to select the Enable Anonymous access check box, and then click to clear all the check boxes under Authenticated access.
  6. Click OK two times.
  7. Under owa, right-click auth, and then click Properties.
  8. Follow steps 4 through 6 to enable anonymous authentication and to disable other authentication methods for the auth virtual directory.

Step 5: Verify the IUSR_ComputerName account properties

If a domain account is used for anonymous access, examine the account properties of the IUSR_ComputerName account to verify that this account is permitted to connect to the CAS server. To do this, follow these steps:

Note To determine the account that is used for anonymous access, follow the steps in “Step 4: Verify that Anonymous authentication is enabled for the controls virtual directory and the Auth virtual directory” to view the contents of the Authentication Methods dialog box.

  1. Start the Active Directory Users and Computers tool.
  2. Locate and right-click the IUSR_ComputerName account, and then click Properties.
  3. Click the Account tab, and then click Log On To.
  4. If the All computers option is selected, click Cancel, and then click OK to exit the IUSR_ComputerName Properties dialog box.
  5. If the The following computers option is selected, follow these steps:
    1. Verify that the CAS server appears in the Computer name list. If the CAS server does not appear in this list, you must add it.
    2. Click OK two times to save the changes and to exit the IUSR_ComputerName Properties dialog box.
    3. Start a command prompt on the CAS server.
    4. Type iisreset /noforce, and then press ENTER.