Insane PowerShell One-Liner to Return the Name of Users with Quarantined Mailboxes in Exchange 2010

Have you ever had any mailboxes on your Exchange 2010 server marked as being quarantined? According to this TechNet article, Exchange will isolate or quarantine any mailboxes that it detects as being poisoned. That TechNet article goes on to tell you how you can drill down in the registry on the Exchange Server to locate the GUID of the quarantined mailboxes. I don’t know about you but using the GUI to dig around in the registry is not what I call fun so I decided to use PowerShell to accomplish that task.

If you’re not running this from the Exchange Management Shell, you’ll first need to load the Exchange 2010 PowerShell Snapin:

Here’s an insane PowerShell one liner that will do that dirty work for you and translate the GUID’s that are contained in the registry to the actual name of the user’s mailbox:


As the previously referenced TechNet article states, these mailboxes are quarantined for a certain amount of time so these registry keys will only contain a value for a specific amount of time (six hours by default or whatever MailboxQuarantineDurationInSeconds is set to).

If the one liner is too insane for you, here’s a PowerShell script that does the same thing except it sends an email to you with the results if there are any:

Depending on how many mailboxes are quarantined, this method could end up being a water balloon. Water balloon? What are you talking about? If you don’t know, you should watch the video from the November Mississippi PowerShell User Group meeting.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: