Description
This script removes or updates users in legacy public folder ACLs. This reduces the likelihood of legacy public folder migration errors due to corrupted ACLs.
When you migrate from legacy public folders to modern public folders, you might see the following error as part of the migration reports.
A corrupted item was encountered: Folder ACL
Corrupted items count towards the bad item limit and will not be migrated.
When you look closer at the public folder ACLs, you’ll see that there will be orphaned users and even users that have not been appropriately converted during past legacy replications.
In preparation for a modern public folder migration, you should clean up the public folder ACLs from so-called zombie users.
Tasks performed by the script:
- Remove orphaned users listed with SIDs, e.g., NT User:S-1-*
- Identify ACL user/group with notation NT User:DOMAIN\samAccountName
- Remove user/group, if the object cannot be found in Active Directory
- Replace user/group, if the object can be found in Active Directory
Examples
# EXAMPLE 1 # Validate ACLs on public folder \MYPF and all of it's child public folders on Exchange server EX2010 .\Clean-PublicFolderACL.ps1 -RootPublicFolder "\MYPF" -PublicFolderServer EX2010 -ValidateOnly -Recurse # EXAMPLE 2 # Clean ACLs on public folder \MYPF and all of it's child public folders on Exchange server EX200701 .\Clean-PublicFolderACL.ps1 -RootPublicFolder "\MYPF" -PublicFolderServer EX200701 -Recurse
Version History
- 1.0, Initial community release
- 1.1, Fixed group replacement logic
- 1.2, Script optimization
- 1.3, Updated public folder handling
Links
- Download and follow at Github: https://github.com/Apoc70/Clean-PublicFolderACL
Follow
- Twitter @stensitzki
Sie sehen gerade einen Platzhalterinhalt von Facebook. Um auf den eigentlichen Inhalt zuzugreifen, klicken Sie auf die Schaltfläche unten. Bitte beachten Sie, dass dabei Daten an Drittanbieter weitergegeben werden.
Mehr Informationen
