DOCUMENT:Q249831 06-AUG-2002 [exchange] TITLE :XADM: How to Delete Windows 2000 User Accounts Stored in LDF PRODUCT :Microsoft Exchange PROD/VER::5.5 OPER/SYS: KEYWORDS:exc55 ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft Exchange Server, version 5.5 - the operating system: Microsoft Windows 2000 ------------------------------------------------------------------------------- SUMMARY ======= When you set up a new Microsoft Exchange Active Directory Connector (ADC) Connection Agreement, the default is to allow deletions to happen automatically across the agreement. It is also possible to supress the automatic deletions and have them placed into a LDF formatted file. You then have to manually use a utility to commit such deletions and remove the entries (user accounts) from the Microsoft Windows 2000 directory. You may want to choose to have deletions be placed in the LDF file to prevent the accidental deletion of user accounts when their mailboxes have been deleted or moved from one Exchange Server computer, this gives you another chance to review the delete actions before you commit them. Choosing the option to place deletions into an LDF formatted file for the Windows side and into a CSV formatted file for the Exchange side can be a good option when setting up a new Connection Agreement. Doing so allows you to monitor the deletions that the ADC would have made automatically and import them if you choose. Once the ADC is in place, and all your major configuration and user changes have been done you can set the ADC to replicate deletions automatically. MORE INFORMATION ================ The ADC writes individual LDF files for each Connection Agreement and places them in the Program Files\Msdac\Msadc\\Win2000.ldf file. Changes are appended to the same LDF files and not written to new files. To delete accounts that are no longer needed you must use the Windows 2000-provided Bulk import and Export utility, Ldifde.exe, that is located in the Windows 2000 System32 folder. To use the command successfully, you must have the proper permissions to delete users from Windows 2000 Active Directory. The following example illustrates a simple import of the current domain. If you are logged on with proper credentials to the domain, and run the following command on a domain controller, all of the content of the specified LDF file will be imported to Active Directory, which commits all deletions. "Ldifde -i -f win2000.ldf" (without the quotation marks) This example uses your current logged on credentials and specifies the import action and the import file that contains the deleted users. For additional information on how to use the Ldifde.exe command, please consult Windows 2000 Help. Additional query words: ====================================================================== Keywords : exc55 Technology : kbOSWin2000 kbOSWinSearch kbExchangeSearch kbExchange550 kbZNotKeyword2 Version : :5.5 Issue type : kbhowto ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 2002.