Sooner or later as an Exchange admin, you want to disable a mailbox-enabled user account in Active Directory while keeping the associated mailbox intact. Up until now, this caused problems, because as soon as the account was disabled, any mail sent to that alias (or any DL containing that alias) would generate an NDR and a 9548 event ID.
Fatal? No. Pain in the butt? Definitely. In some cases it could cause performance issues, the NDRs were annoying and confusing for non-technical users, and the constant nagging in the event log irritated admins left and right.
In fact, it was a widespread enough problem that Alex Seigler of Microsoft wrote the NoMAS tool, which is available from Microsoft PSS. This tool automatically populates the msExchMasterAccountSid attribute on disabled user accounts.
With this new hotfix, Exchange’s internal logic has been changed to automatically act as if the msExchMasterAccountSid attribute on a disabled account contains the SELF well-known SID if account doesn’t have the attribute already defined.
Note: this hotfix is currently available only for Exchange 2003 SP1; you can’t apply this to systems that are already running SP2. A SP2 version is expected soon.
Alex has written a blog article on the MS Exchange team blog about this if you want more detail. Note that the original article doesn’t state that this hotfix is for SP1 only; you have to read down in the comments to see that. I also don’t see any indication that this hotfix will be available for Exchange 2000…and I’m not holding my breath. Still, this is a welcome hotfix, and it’s a simple no-charge call in to PSS to get it.