If you remove from AD directly that way, it would be fine, however I would test to ensure it cleans things up.
I have done this many times (removing that entry directly) and it works.
Is it OK to remove Exchange activeSync devices from AD users with ldap queries instead of powershell Exchange snapin remove-mobiledevices ?
Hi there,
- in our University, AD users are fed by an external classical ldap connector (python script with ldapadd/modify/delete queries).
- We have echange On Premise 2016 and an o365 tenant synced by AADC but my question is related to on premise exchange 2016 mailboxes.
- The external python script and is now able to remove mobileDevices Users' children objects with ldap queries since the service account running the python script is member of the exchange "helpdesk" role that can manage ActiveSyncs mobileDevices.
I would just like to know if it's considered OK to do it this way instead of using the exchange management cmdlet remove-mobileDevice ? I understand it wouldn't be best practice ... but are we going to get orphans objects somewhere in our Directory doing this with ldap queries ?
Thanks a lot
Regards,
-
Andy David - MVP 141.6K Reputation points MVP
2021-10-27T11:48:41.86+00:00
1 additional answer
Sort by: Most helpful
-
Limitless Technology 39,356 Reputation points
2021-10-29T12:53:08.91+00:00 Hello @Frederic Dussurget ,
Thank you for your question and for getting in touch. My name is Samuel and I would be more than happy to help you with your query.
I find it interesting that you take a calm look at this article below for you to understand the correct way to do this removal, using the "Remove-ActiveSyncDevice":
----------
--If the answer is helpful, please vote positively and accept as an answer--