Clean legacy public folder ACL

Share on twitter
Share on linkedin
Share on facebook
Share on stumbleupon
Share on xing
Share on email
Share on print
Last updated: 2020-12-15

 

Exchange Server 2007Exchange Server 2010Description

This script removes or updates users in legacy public folder ACLs. This reduces the likelihood of legacy public folder migration errors due to corrupted ACLs.

When you perform a migration from legacy public folders to modern public folders, you might see the following error as part of the migration reports.

A corrupted item was encountered: Folder ACL

Corrupted items count towards the bad item limit and will not be migrated.

When you take a closer look at the public folder ACLs, you'll see that there will be orphaned users and even users that have not been properly converted during past legacy replications.

In preparation for a modern public folder migration, you should clean up the public folder ACLs from so-called zombie users.

Tasks performed by the script:

  • Remove orphaned users listed with SIDs, e.g. NT User:S-1-*
  • Identify ACL user/group with notation NT User:DOMAIN\samAccountName
    • Remove user/group, if the object cannot be found in Active Directory
    • Replace user/group, if the object can be found in Active Directory

 

Examples

# EXAMPLE 1# Validate ACLs on public folder \MYPF and all of it's child public folders on Exchange server EX2010.\Clean-PublicFolderACL.ps1 -RootPublicFolder "\MYPF" -PublicFolderServer EX2010 -ValidateOnly -Recurse# EXAMPLE 2# Clean ACLs on public folder \MYPF and all of it's child public folders on Exchange server EX200701.\Clean-PublicFolderACL.ps1 -RootPublicFolder "\MYPF" -PublicFolderServer EX200701 -Recurse

 

Version History

  • 1.0, Initial community release
  • 1.1, Fixed group replacement logic
  • 1.2, Script optimization
  • 1.3, Updated public folder handling

 

Links

 

Follow

 

%d Bloggern gefällt das: