Поделиться через


Disconnected mailboxes. Are they true mailboxes or... what?

Let's imagine this scenario:

In an Exchange 2007 organization there is an email address policy that is defined for every Exchange recipient, and some precanned filtering conditions.

Everybody knows the theory... The RUS API is called for all the cmdlets that modify the recipients, and the proper matching policies should apply.

Now, let's consider an AD user account that is not mail enabled, but which has attributes that match our policy.

If we create a new mailbox for that account on an Exchange 2007 server using the graphic console or Power Shell, everything will behave as expected: The email addresses are set instantly as the policy dictates.

But:

If we have an existing disconnected mailbox and we try to connect it the the account that we were talking about, we will face a surprise: The email address will not be properly set according to the policy, although the resulted object match the policy.

Later, if we modify that object, or we generally update that policy at organization level, the email will be set up correctly.

What is happening:

The actual command is connect-mailbox. Its subject is the disconnected mailbox AD object, which is not treated as an Exchange mailbox. It is something else, and therefore the policy as we defined will not apply at this stage. Later, further cmdlets have an Exchange recipient as subject and the RUS API will apply the policy as expected.

What we can do:

We can simply change the policy by selecting all recipients, not only Exchange mailboxes. This way the policy will match even the disconnected mailbox and everybody should be happy.

If we are too scrupulous:

We can use a custom OPATH expression to filter the policy:

[PS] Get-EmailAddressPolicy strategieX | Set-EmailAddressPolicy -RecipientFilter { ( Company -eq 'valeurX' -and ObjectClass -eq 'Mailbox' -and ObjectCategory -eq 'Person' -and Alias -ne $null -and ServerLegacyDN -ne $null ) }

scopePolicy.JPG