The Exchange 2007 Wiki

Menu

Getting Started
Programming Exchange
PowerShell Scripts

Organization Node
  - Mailbox
  - Client Access
  - Hub Transport
  - Unified Messaging
Server Node
  - Mailbox
  - Client Access
  - Hub Transport
  - Unified Messaging
Edge Transport
Recipient Management
Tips and Tricks
FAQs
  - Definitions
  - Ask a Question

Site Index
Home


Wall of Fame
Syndication
Feedback

The content on this site is provided "AS IS" with no warranties, and confers no rights.

Recipient Management FAQs

This FAQ page is devoted to Recipient Management related questions (primarily moved from Ask a Question page).

Q: How to set permissions on both address lists and OAB so specific users have access to their address lists only?
A: The typical scenario for this is around hosting multiple Exchange virtual organizations within the single overall organization provided by a forest boundary. While it is possible to do this with permissions, it's way too complex to explain in a short wiki answer! If you're looking for a proper solution to do hosted Exchange, you might want to have a look at the Hosted Exchange product: http://www.microsoft.com/serviceproviders/solutions/hostedmessagingexchange.mspx

The version of Exchange Hosted Messaging and Collaboration that will support Exchange 2007 will have either the guidance or the tools to accomplish this when it ships.

 -Thanks, thats dead on what I was looking for, but wasnt aware of the offering.  Thanks!

Q:  How would I go about granting an account send as receive as at the org level.  I could do this by allowing the security page at the org level with a registry change in 2000/2003 but I can't seem to figure out how to add this privlidge in 2007 at the org level.
A:  You can do this for a server like this:

Get-mailboxserver <servername> | add-adpermission –user <account> -accessrights GenericRead, GenericWrite -extendedrights Send-As

If you are trying to get BES to work you might want to read this.

Q: How do you create an Address List in Exchange 2007 that is based on the membership of an AD security group?  This was easy with LDAP syntax in Exchange 2003, but how is it done with OPATH?
A: You can use the "MemberOfGroup" filtering property to do this. See blog post at: http://blogs.technet.com/evand/archive/2007/02/13/using-memberof-with-recipientfilter.aspx

Q: How would I go about granting an account Full Mailbox permission, including send/receive, at the mailbox store or org level?
A: You can follow the steps outlined in http://technet.microsoft.com/en-us/library/aa996343.aspx to configure mailbox access. To configure "send as" capability, you can follow the steps outlined in http://technet.microsoft.com/en-us/library/aa998291.aspx.

Q: Is there a simple way to import a large number of email addresses that are not in the exchange organization to create a mass list?  We use to be able to do this with mDaemon, but with Exchange 2007 from what I have found I have to create individual contacts and then add them to a list. 
A: You'd need to associate the email address with a contact (which represents an email address external to the organization) if you want to add it into a distribution list.

Q: Is there a way in Exchange 2007 to audit discretionary mailbox ACLS assigned by users? The closest I've come is the Get-Mailbox |Get-adpermission command which doesn't seem to list Dacls..
A: Get-MailboxPermissions cmdlet will let you know what mailbox-related permissions are assigned.

Q: How do you get around the problem shown below:
Set-EmailAddressPolicy "Default Policy" -IncludedRecipients AllRecipients
Unable to validate the filter: 'The Exchange server address list service failed to respond. This could be because of an address list or email address policy configuration error.' At line:1 char:1
+ S <<<< et-EmailAddressPolicy "Default Policy" -IncludedRecipients AllRecipien
This happens when trying to upgrade the default policy.  I dont want to try and tackle the more complex Policies we have set up when we cant get the adress list service to respond
A: Most common reason I've seen for "Address List Service Failed to respond..." type errors is that the MSExchangeSA RPC interface which hosts this service is not functioning somehow (in at least one case, the MSExchangeSA service was simply stopped!). Try restarting MSExchange System Attendant service and see if that clears this up.

Q: I want to create a custom dynamic distribution group for all users in a storage group.
I can  get the user if I use: get-mailbox | where {$_.Database -like "*<SGName>*"}
BUT this doesn't work for a new DDG :
new-DynamicDistributionGroup -alias test1a -name test1a -recipientfilter {Database -like "*SG01-SUKMSDMBX03*"} -org exchorg.local
I get no members!   It will work on a per server basis, but this it no good for me.  Can you help?  Is this possible?
A: The problem is that the "Database" filter can't do partial string matches, because underneath this property is actually a distinguished name value in the AD (which can't do substring matching). Building an infrastructure that allows you to direct email to mailboxes on a storage group is defiinitely possible -- just not like this. Instead, you need to ensure you're using the full distinguished name for each database you want to compare against, and not using wildcards (ie, asterisk *)

There's an easy way to do this and a hard way. The hard way I'll just talk about, then I'll show you the easy way. The hard way would be to iterate through all of the MDBs in your selected storage group, concatenating a filter-parser string made up of their DNs... with appropriately placed "-or" operators between. Then pass this string into the New-DDG cmdlet as the RecipientFilter. Yuck.

The easy way is to create a DDG for each mailboxdatabase. Then create a DistributionGroup (doesn't have to be DDG) and add all of these per-MDB DDGs into the DG. Here's how that might look:

new-distributiongroup DG-MySg1 -Type Distribution -SamAccountName DG-MySg1
get-mailboxdatabase -StorageGroup MySG1 | % { New-DynamicDistributionGroup "DDG-$($_.Name)" -RecipientFilter "Database -eq '$($_.Identity.DistinguishedName)'"  } | % { Add-DistributionGroupMember DG-MySg1 -Member $_.Identity }

Q: Is it possible to  use custom Active Directory attributes in recipient filters? My company has added several attributes to AD, and we use these extensively in Exchange 2003 to filter objects.  For example, we have a "Location" attribute that is used on users, groups, contacts and resource to assign email addresses and to build address lists.  Is there any way we can continue to use this attribute to filter objects in Exchange 2007?
A: Only the properties listed here can be used for recipient filters. This is done so that the filter parser can do deterministic syntax checking of the OPATH filter, something that couldn't be done with the old LDAP filters. A side-effect of this feature is that it precludes constructing filters based on AD schema extensions you add yourself. 

Q: Exchange 2007 ignores SimpleDisplayName AD property by default. How to fix this? I find this name substitution very useful.
Followup-Q: What do you mean it "ignores" the property? All this property does is set the value in AD so it can be used (by Outlook, etc).
Comment: Exchange 2003 can be set up to use this AD property for outgoing e-mails, so that SimpleDisplayName is sent to remote servers instead of actual ones in AD. This is useful when AD names consists of national characters.

Q: How to create a new addresslist to display all shared mailboxes ?
A: You can do this by using the New-AddressList -RecipientFilter parameter. For more information, see http://www.theexchangewiki.com/AddressListsManagement .
A: This has to be done in the EMS as shared mailboxes are deprecated and are not displayed/managed in EMC.  The command to use is:  New-AddressList -Name "All Shared Mailboxes" -RecipientFilter {RecipientTypeDetails -eq 'SharedMailbox'}  
For more information, please see the following article: http://technet.microsoft.com/en-us/library/bb123718.aspx

Q: I have deleted the "All Rooms" address list, can I recreate it?  I accidentaly deleted the built-in "All Rooms" address list.  I have recreated it, but it does not appear in the Scheduling Assistant in Outlook 2007 or OWA as the default address list when I choose to book a room.  Is there any way to recreate this address list so that this functionality is restored?
A: There shouldn't be anything special about this address list. That said, one other option is to remove the "All Rooms" address list you've tried adding and just run "Setup /PrepareAD" again, as this will recreate any missing address lists in the original fashion.

Q: The display name in Office 2007 shows as the email address rather than the person's first and last name.  Can this be changed in bulk, rather than one contact at a time?
A: Absolutely, this is a great example of where PowerShell in Exchange 2007 can help you out. Since you indicate "Contacts", you can 'Get-MailContact" all of the objects you want to modify (using -Filter or other parameters to guide the criteria on your selection) and then pipe that to "Set-MailContact" with the DisplayName parameter. Now, you'll need the First/Last name you want to update it with to be available (and I don't know where you currently have that data), so that'll drive the design of your one-liner. If you had this data in a CSV file, for instance, your one-liner might look something like this:
    Import-CSV ContactsToUpdate.csv | % { Get-MailContact $_.EmailAddress | Set-MailContact -DisplayName "$($_.FirstName) $($_.LastName)" }

Q: How should I approach moving existing mailboxes from one Exchange 2007 server to another Exchange 2007 server in a different forest?
Here is the scenario:
I have a client who is parting ways with the parent company and requested that I deploy and host a separate Exchange 2007 server at a different physical location. Currently, the parent company is hosting their new mail domain...after I am done setting up the new Exchange 2007 server--what is the most feasible and cost effective method to migrate/move/transfer eleven mailboxes from the parent company's Exchange 2007 server to the new Exchange 2007 server that I will be hosting? I am reading that there are some limitations with the Ex-merge tool on Exchange 2007 server and it is my understanding that the Export-Mailbox tool will only work with servers in the same forest. Which tool or approach will work best in the above scenario?
A: Please see the following technet article: http://technet.microsoft.com/en-us/library/aa997145.aspx

Q: My company is merging with another company, how do I change everyones email address from ex. joe@company.com to joe@company1.com?  We have over 2000 mailboxes.
A: Email Address Policy can help you with this by applying new email addresses (and changing the primary SMTP address) to everyone automatically.

Q: I have 10.000 users i need to migrate to Exchange 2007. The 2 clusters have a total of 70 storage groups each with one database. Does anybody know how to evenly distribute the users on the stores via Powershell so the number of users on each store is equal ? Thanks.
A:(Get-MailboxServer| Get-Mailbox -ResultSize:Unlimited | Group-Object -Property:Database | Sort-Object -Property:Count)[0].Name
This gives the name of the database with the least user in it. This does however not return empty databases.

Q: I am trying to write a custom filter for a DDG. I am trying to perform a wildcard match on DistinguishedName, but it does not appear to be working. When I create a filter with DistinguishedName -like '*' it returns all the results obviously. When I change that to be DistinguishedName -eq '<exact DN>' it works. But, when I try to match DistinguishedName -like '*Student*', it does not match, even though the DN contains OU=Student Workers. Any ideas?
A: Unfortunately, it's not possible to do "partial match" (ie - wildcard matches) against distinguished name properties in the AD. You'll need to find some other characteristic of the object to use for constructing this filter. Most common method here is to put in a custom attribute value you can fillter against. Note that you CAN statically populate the custom attribute value based on OU position with syntax like: "Get-Mailbox -OrganizationalUnit blah | Set-Mailbox -CustomAttribute11 OU1". You could probably even be crafty and put the DistinguishedName.ToString() into the custom attribute, at which point you'd be able to do a partial match against the string.

Q: According to this article, http://support.microsoft.com/kb/886616 , i am able to customize the rule size limit for my organization (dealing with Outlook client rules). I have searched high and low but cannot find any information on how to adjust the size limit to 256K as stated in the microsot support article. Anyone have any more info on this?
A: Use the following command:  
  Get-Mailbox | Set-Mailbox -RulesQuota 256KB For more information, see http://technet.microsoft.com/en-us/library/bb123981.aspx  

Q: I need a report of all Inbox sizes (incl. subfolders) and how many items there are in each inbox. I need this information at it seems that we have problems with Blackberry syncronisation if the inbox size or amount of items in the inbox reaches a certain number.
A: How about a one-liner like this? get-mailbox | % { Get-MailboxFolderStatistics $_ } | where { $_.Name -eq "Inbox" } | ft identity,itemsinfolder,foldersize  

Q: We need to get the users list from PowerShell sorting by database , mailboxsize & lastlogontime ( those who have not been logged on their mails for 60 days). I hope there should be merged these two comlets "get-mailbox "and "get-mailboxstatistics". The output should be as follows: Alias,DisplayName,Mailboxsize,Lastlogontime,Database
A: The question is answered at Using Get-MailboxStatistics (External Link)  

Q: Why does my dynamic distribution group (DDG) fail to expand to any recipients during message processing, yet the PowerShell commands that expand the DDG return the appropriate recipients? My environment is Exchange Server 2007 x64 Standard Edition running on Windows Server 2003 R2 x64 Standard Edition with SP2. The Active Directory forest and domain are running in Windows Server 2003 native mode. I create a dynamic distribution group (DDG) as follows: 
  
  New-DynamicDistributionGroup -Name 'All Supervisors' -OrganizationalUnit 'corp.mycompany.com/My Company/Users/Internal/Store' -Alias 'AllSupervisors' -RecipientContainer 'corp.mycompany.com/My Company/Users/Internal/Store' -RecipientFilter {(Title -eq 'Supervisor') -and (RecipientType -eq 'UserMailbox')}  
   
  Then I view the members of this DDG using the instructions found on TechNet under the title "How to View Members of a Dynamic Distribution Group":  
   
  $AllSupervisors = Get-DynamicDistributionGroup -Identity "All Supervisors"
  C:\>Get-Recipient -Filter $AllSupervisors.RecipientFilter  
   
 The second command displays all of the UserMailboxes that it should, indicating to me that the DDG is expanding as I want it to. When I send an e-mail message to this DDG, however, the message is not delivered to any of the intended recipients. I use the Microsoft Exchange Troubleshooting Assistant to track the messages I have sent recently, and it reveals that the DDG has zero members during the expansion process. To learn this, I take the following steps.  

In Exchange Management Console, click Toolbox, then double-click Message Tracking. Criteria (all other criteria besides the following are turned off):  
 Sender: [my e-mail address] Start: [ten minutes ago] End: [the current time]  

As I am writing this, the generated command is:  
   
Get-MessageTrackingLog -Sender "[my e-mail address]" -Start "9/13/2007 10:47:00 AM" -End "9/13/2007 10:57:00 AM"  
   
When the results come back, the message that I sent shows up with three events: RECEIVE, EXPAND, SUBMIT. The EXPAND event shows that zero recipients were found for the DDG. No events related to this are logged in the Application or System logs, as far as I can tell, and the sender does not receive any message notifying him/her that the message went to zero recipients.  I have a number of other DDGs that are set up similarly that all work fine; I believe it is only this one group that is not functioning (although, since it appears that I cannot trust the Exchange Management Shell commands, I cannot be sure; I do know that SOME of the other DDGs work). Does anyone have a suggestion as to what is going on? How can I make my DDG work properly?  
A: The preview does not consider the Recipient Container.  Are you sure there are objects that meet your filter that are in the OU you specified?
----Thank you!  That the Get-DynamicDistributionGroup command ignores the RecipientContainer argument is very misleading!  Once I realized that command could be lying to me, I realized that I had, in fact, pointed the DDG to the incorrect OU--a stupid mistake, but one that was masked by the unexpected behavior of Get-DynamicDistributionGroup.

Q: I have a problem regarding getting multiple languages in a mailbox. The problem is that the mailbox is a resource mailbox and only linked to a master mailbox. We don't want to enable the AD-account for the resource mailbox if we don't really have to. Is there a way to, via Powershell, reset the language on a mailbox?  
A: Try the Set-mailbox cmdlet.  The Languages parameter specifies the language preferences for this mailbox, in order of preference. Several Exchange components display information to a mailbox user in the preferred language, if that language is supported. Some of those components include quota messages, non-delivery reports (NDRs), Microsoft Outlook Web Access user interface, and Unified Messaging (UM) voice prompts.

Q: How do I loop through a .csv file to add Email Addresses to an account?

Scenario: Add a new e-mail address to a mailbox
Shell one-liner:
$mbx = get-Mailbox testmbx;
$mbx.EmailAddresses += "newaddr@example.com";
$mbx | set-Mailbox

I am trying to write a script to automate the shell command above with input from a csv file

Alias                    SMTP
david                   david@woodchuck.com
rambo                  rambo@woodchuck.com

A: Use the import-csv cmdlet to loop through a .csv file as follows:
[PS] C:\temp>type emails.csv
alias,smtp
david,david@woodchuck.com
rambo,rambo@woodchuck.com

[PS] C:\temp>type updateemail.ps1
param([string] $file = $(throw "Please specify a CSV file."))
$users = import-csv $file -erroraction stop
foreach ($user in $users) {
    $mbx = get-Mailbox $user.alias
    $mbx.EmailAddresses += "$user.smtp"
    $mbx | set-Mailbox
        write-host $user.alias updated
}

[PS] C:\temp>. C:\temp\updateemail.ps1 emails.csv

Site

Changes
Index
Search

 

User

 

Log In
Register

 
 

Last Modified 5/23/08 11:01 AM