To deploy the EX2010 in the single domain environment, such as aaa.com: EX2010 has been created more than one authoritative domain, such as bbb.com, ccc.com and ddd.com, and it has already set up the E-mail address pllicies for these domain . The problem is more than one email domain (authoritative domain) have the same email account username, such as admin@aaa.com and admin@bbb.com etc. (I have already added SMTP e-mail address for admin for bbb.com, ccc.com and ddd.com ) thus, if user log in via windows ID admin successfully, now the user(admin) also can see and receive the email of admin@bbb.com , admin@bbb.com , admin@ccc.com and admin@ddd.com. And now, the aim is to partition them: for example, admin@aaa.com just can see own email, and it can not see the admin@bbb.com, addmin@ccc.com, and admin@ddd.coms emails. The means that they just can see themselves email each other. Could we execute it in this environment? Maybe can do via the policy? Could we create DNS zone etc. to achieve it in the DC? Are there any alternative methods to achieve it in EX2010? Do you have any methods?

It sounds like you have an E-mail address policy(ies) that are applying @aaa.com, @bbb.com, etc to all mailboxes. I also assume you have three admins that each want their own @aaa.com, @bbb.com, & @ccc.com e-mail addresses for their own mailboxes. If you want admin A to only have the admin@aaa.com address you need to disable (uncheck) the "Automatically update e-mail addresses based on e-mail address policy" box on that user's mailbox. Then remove the other addresses. Once they are removed you can add them to other mailboxes. Notes: Member of AD special groups (Domain Admins, Administrators, Account Operators, etc) should NOT have an Exchange mailbox. Admins should have a normal account that they use for normal user that does have a mailboxes. ActiveSync, Exchange Web Services, and other things will break due to permissions issues for mailboxes that are a member of special groups. The UPN and e-mail address are not linked in anyway, so if you change a user's e-mail address their UPN login isn't affected. Exchange doesn't create additional authoritative domains, only the AD domain for the forest it is installed is is created automatically. So a admin must have created the additional domains.If this post helps to resolve your issue, please click the "Propose as Answer" If you find it helpful , mark it as helpful by clicking on "Vote as Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster. If you need an expert migration consultant to assist your organization feel free to contact me directly. Jason Sherry | Blog | Hire Me | Twitter: @JasonSherry Microsoft Infrastructure Architect, MCSE: M, MCTIP, Microsoft Exchange MVP

HI,thank you IN My EX2010 environment (the EX2010 in the single domain environment, such as aaa.com), A UPN login ID is admin. it have email address admin@aaa.com and admin@bbb.com. I want to admin@aaa.com just can see own email, and it can not see emails of admin@bbb.com. admin@bbb.com can see emails of admin@bbb.com only, if cannt see emails of admin@aaa.com. maybe this is impossible? because admin@aaa.com and admin@bbb.com have the same login id admin. Could we execute it in this environment? Maybe can do via the policy? Could we create DNS zone etc. to achieve it in the DC? Are there any alternative methods to achieve it in EX2010? Do you have any methods?this is impossible?

Hi ioeliao, Please refer to below: Understanding Address Book Policies You could use address list segmenation to make a try. Regards!Gavin TechNet Community Support

See my answer above. You just need to create two mailboxes and either turn off EAP on these mailboxes and manually give on admin@aaa.com and the other admin@bbb.com addresses or configure EAPs to only apply the desired e-mail addresses based on AD attributes.If this post helps to resolve your issue, please click the "Propose as Answer" If you find it helpful , mark it as helpful by clicking on "Vote as Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster. If you need an expert migration consultant to assist your organization feel free to contact me directly. Jason Sherry | Blog | Hire Me | Twitter: @JasonSherry Microsoft Infrastructure Architect, MCSE: M, MCTIP, Microsoft Exchange MVP