Email field in AD General tab does not always match email address.
We're having a bit of a strange issue. We have been creating user accounts using a user's first initial and first 7 letters of their last name, for an 8 character username. I know that by default, Exchange will create the primary email address as the username@domain.com. However, a past admin removed this email address from the recipient policy and only added firstinitiallastname@domain.com. I've since corrected the policy to include both if necessary, but occasionally I still see this issue crop up, mostly with users created before I updated the policy (I think).
The problem is that the email address that is listed in the email field on the user's properties general tab does not match the email address that is set as the primary under the Email Addresses tab. I noticed that if I go into the email address tab, double-click on the primary and then hit cancel, it will update the general tab correctly.
Is there a way that I can automatically scan all user accounts and make sure that the general tab matches their primary email address? This mismatch is causing issues with some of our other network apps that use the email address as user verification.
Thanks.
June 26th, 2007 9:13pm
The Email Addresses tab shows the values within the proxyAddresses attribute, while the email address on the General tab contains the value of the mail attribute. As you suggest, the email address on the General tab generally corresponds to the primary SMTP address.
There are a few ways in which you can approach this. One way that I suspect will work is to run Apply Now on the recipient policy. I recommend you test this in a lab environment before running it in produciton just to be sure.
Another option would be to query AD for the mail and proxyAddresses of your mailbox-enabled users and look for the differences. You can then use a tool such as ADModify.NET to bulk update the required changes to the non-conforming users.
http://www.activedir.org/article.aspx?aid=130
Here's an example of how to run the required query using the ADFIND tool from www.joeware.net:
adfind -csv -default -f "(&(samAccountType=805306368)(homeMDB=*))" mail proxyAddresses
Tony
Free Windows Admin Tool Kit Click here and download it now
June 27th, 2007 2:37am
Tony,
I tried the ADModify.NET application and while it technically did seem to work, do you know what the variables are that I can use, or how to use variables in this program? I tried the standard Exchange variable for first initial last name as I have it in my recipient policy, %1g%s@domain.com, but when I run ADModify, it actually tries to add %1g%s@domain.com as an email address. It doesn't recognize it as a variable.
Thanks.
Jason
July 6th, 2007 2:48pm
The %1g% part doesn't look right to me. Are you trying to add a 1 in front of the given name? If that is the case then try 1%g%.%s%@domain.com.
Tony
Free Windows Admin Tool Kit Click here and download it now
July 9th, 2007 1:48am
I was trying to use "%1g%s" to get first initial last name. For example, in my case it would be jwilliams@domain.com.
%1g%s works correctly in my exchange recipient policy, but when I tried to use this in ADModify, it actually gave people the email address of %1g%s@domain.cominstead of jwilliams@domain.com.
Thanks.
July 9th, 2007 4:33pm
Sorry, the info above was incorrect. ADModify works with the LDAP display names when using variables. So to get jwilliams@domain.com you use:
%1'givenName'%%'sn'%@domain.com
Tony
Free Windows Admin Tool Kit Click here and download it now
July 10th, 2007 12:44am
Tony,
That did it.
Thank you for all of your help.
Jason
July 10th, 2007 4:02pm