Thursday, September 9, 2010

Email Address Policies and Mailbox Moves

Fact: Email Address Policies (EAPs) will apply during a mailbox move.  While everyone is currently planning on their Exchange migrations to Exchange 2010 :), you will want to take some time to look at your EAPs and users that are exceptions to the policies.  The last thing you want is that call right after the migration saying that my email address has changed.

So for this example, let’s suppose we are migrating users from Exchange 2003 to 2010.  Here is the current EAP (or recipient policy in 2003) defined, note that alias@lab.local is defined as the primary email address:

EAP-2003-before

Now let’s look at an Exchange 2003 user that has a non-standard primary SMTP address: Joe-Cool@lab.com

EAP-2003-user-before

If we migrate this user to Exchange 2010, the EAP is applied and the user’s primary SMTP address is automatically changed to jdoe@lab.local :

EAP-2003-user-after-2010view

The easy fix is to uncheck the “Automatically update e-mail addresses based on e-mail address policy” in the user’s profile settings before the mailbox is migrated.

EAP-2003-user-postscript-markup

So, I said “easy fix”, but what if you have 25,000 users and are supporting multiple SMTP domains.  We can use powershell to identify and disable the mailbox from having the EAP applied.  Below is a script that will list out all users who’s primary SMTP address does not match the EAP.

###########################################################
# Find users that have a primary smtp address that doesn't match EAP
# There is no warranty, use at your own risk
# Author: Tim Harrington 
http://HowDoUC.blogspot.com
# Note: This script must be run on an Exch 2007/2010 server
##########################################################

#Find all recipient mailbox users
$users = get-user -recipienttypedetails usermailbox,legacymailbox -resultsize unlimited

#Generate Default EAP address based on user information and compare to primarySMTPAddress
Foreach ($mbx in $users) {
$DefaultEAP = $mbx.SamAccountName +"@DefaultSMTPdomain.com"

# For firstname.lastname use:
# $DefaultEAP = $mbx.firstname + "." + $mbx.lastname +"@DefaultSMTPdomain.com"

$primarysmtp = $mbx.WindowsEmailAddress
If ($DefaultEAP -ne $primarysmtp) {

# if the values are different, write the mailbox to the screen and text file

write-host $mbx.samaccountname, $DefaultEAP, $primarysmtp
add-content -path EAPMisMatchusers.txt -value ("Name: " +$mbx.samaccountname), ("Def. Pol.: " +$DefaultEAP), ("Current: " +$primarysmtp),(" ")

#Optionally, to set emailaddresspolicy disabled, uncomment the next line.

#set-mailbox -identity $mbx.samaccountname -emailaddresspolicyenabled:$false
}
}

#############################################################

Running the powershell script produces the following output and can disable the EAP from applying:

EAP-script

Now any mailbox that is migrated will keep it’s current primary SMTP address configuration in place during the migration.

5 comments:

  1. Thanks for drawing our attention to this case. I think that an e-mail address policy (EAP) explains to the public how the government or an elected representative will manage any communication or correspondence via email.

    ReplyDelete
  2. Nice way of presentation. Your share this post in a nice manner. Thanks for sharing

    ReplyDelete
  3. Excellent. The scripts works pervectly. I only wish I had realized this was happening before I got through over 50% of my users!

    ReplyDelete