How can I clean up the Service attributes used by the DSA during the matching process (by default these are extensionAttribute14 and extensionAttribute15)?
If there was a mismatch between source and target user accounts during DSA matching and synchronization one may need to clean up the values of the service attributes used by the DSA for matching or other purposes in order to re-match and resynchronize these users.
You may also want to clean up service attribute values after your migration has been completed and you are decommissioning migration tools and legacy environment.
1. For a small number of Object Service Attributes, the ADSIedit snap-in, which is part of Windows Support Tools, can be used to clean up the objects manually.
2. For a large number of Object Service Attributes, this task can be accomplished in bulk using Active Directory Cleanup Utility for Migration Manager. The utility is available in the Migration Manager for Active Directory Resource Kit.
CAUTION: The Directory Synchronization Agent adds to the proxy address list of each synchronized target user an x500 address that is equal to the legacyExchangeDN attribute of the matching source user. Do not delete these x500 addresses unless you are certain they are no longer needed. The x500 addresses are used for the following purposes:
If you delete these x500 addresses from the proxy address list of the target mailbox later, the OST file associated with the mailbox will become inaccessible and other users will no longer be able to reply to old e-mail sent by users whose addresses have been deleted.
Therefore, you should never delete auxiliary x500 addresses added by the Directory Synchronization Agent unless you are absolutely sure that the ability to reply to the old e-mails is no longer needed and you want to rebuild the OST files.
