Link to home
Start Free TrialLog in
Avatar of wokwon
wokwonFlag for Australia

asked on

Exchange 2007 Linked mailboxes created by import-csv do not have Email Address Policy properley applied

Brand new Exchange 2007 CCR cluster (mailbox) with a seperate Hub Transport/CAS.

Mailboxes are 'linked' mailboxes from a different forest with an external trust both ways.

There is one email address policy (EAP) that creates 4 email addresses:
(Conditions: "Policy conains: All recipent types")
%m@newforest.loc
%g.%s@newforest.loc(set as reply-to)
$g.%s@oldforest.com.au
@oldforest.com.au

When linked mailboxes are created using the Exchange Management Console, the policy applies correctly as soon as the mailbox is created and the users get all 4 addresses.

When the command import-csv is used, the mailboxes only get SMTP addresses from newforest.loc; the two addresses (including the reply to) from the old forest do not get created in the mailboxes.

Manually applying the EAP then assigns the missing addresses and sets the reply-to.

The script to create the linked mailboxes is shown in a snippet below.

I added the following line to the PS1 file to attempt to force an update but the addresses do not get created:
Start-Sleep s 2
update-EmailAddressPolicy -Identity 'Default Policy'

I need this to work from the import-csv due to the way the migrations from the old email system to the new will be conducted (and restrictions on access for the users performing the migrations).

Can anyone suggest why the EAP does not apply from the Cmd Line?

(When the EAP is manually run, everything works fine)

$credential = Get-Credential
 
 
Import-CSV .\users.csv | foreach { New-Mailbox -Name $_.Name -Alias $_.samaccountname -OrganizationalUnit $_.OrganizationalUnit -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.SamAccountName -FirstName $_.FirstName -Initials $_.Initials -LastName $_.LastName -Database $_.Database -LinkedMasterAccount $_.LinkedMasterAccount -LinkedCredential $credential -LinkedDomainController 'rch-win-dc-3.rch.unimelb.edu.au'}
 
Start-Sleep s 2
update-EmailAddressPolicy -Identity 'Default Policy'
--------------
Sample users.csv:
 
Name,samaccountname,OrganizationalUnit,displayname,description,UserPrincipalName,GivenName,Initials,sn,Database,LinkedMasterAccount,company,employeeid,department,title,telephonenumber
John Doe,JonD,newforest.loc/company/site/Linked Mailboxes,John Doe,Helpdesk Hack ,John.Doe@newforest.loc,John,,Doe,D Database,newforest\Jond,CompanyName,12345,ICT,Helpdesk Hack,1234

Open in new window

Avatar of LegendZM
LegendZM
Flag of United States of America image
Import-CSV .\users.csv | foreach { New-Mailbox -Name $_.Name -Alias $_.samaccountname -OrganizationalUnit $_.OrganizationalUnit -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.SamAccountName -FirstName $_.FirstName -Initials $_.Initials -LastName $_.LastName -Database $_.Database -LinkedMasterAccount $_.LinkedMasterAccount -LinkedCredential $credential -LinkedDomainController 'rch-win-dc-3.rch.unimelb.edu.au'}

could you pipe  | update-EmailAddressPolicy -Identity 'Default Policy'   on to the end of the script?
You could set a Refresh interval on the email address policy within EMC.

Avatar of wokwon
wokwon
Flag of Australia image

ASKER

Hi LegendZM,
Thanks for your suggestion.  I already put update-EmailAddressPolicy -Identity 'Default Policy'
in the script after a 2 second delay and it didn't help.  It shows the update running (a status bar appears in the powershell).  I am thinking that the two second delay is too short as the mailboxes might not be fully created by then.

It doesn't appear that I can schedule the update-EmailAddressPolicy from powershell (other than using a schedule task - which defeats the purpose - EAP is supposed to be synchronous)
Avatar of wokwon
wokwon
Flag of Australia image

ASKER

LegendZM,
Sorry I misread your post.  It is my understanding that you cannot set a refresh interval on the email address policy in Exchange 2007 as it is synchronous - unlike exchange 2003 where it ran every interval.

Where do you set the refresh interval in 2007?
Avatar of LegendZM
LegendZM
Flag of United States of America image
What if you did the import, followed by a | update-EmailAddressPolicy - Identity 'Default Policy' without the 2 second delay

Import-CSV .\users.csv | foreach { New-Mailbox -Name $_.Name -Alias $_.samaccountname -OrganizationalUnit $_.OrganizationalUnit -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.SamAccountName -FirstName $_.FirstName -Initials $_.Initials -LastName $_.LastName -Database $_.Database -LinkedMasterAccount $_.LinkedMasterAccount -LinkedCredential $credential -LinkedDomainController 'rch-win-dc-3.rch.unimelb.edu.au'} | update-EmailAddressPolicy -Identity 'Default Policy'
Avatar of wokwon
wokwon
Flag of Australia image

ASKER

I have found the problem but I am not sure how to resolve it.

The script uses the parameters -FirstName and -Lastname to specify the users firstname and lastname.

Despite that, the firstname and lastname fields in the user object in Exchange System manager remain blank (The 'name' field is populated, the displayname field is also blank")

I am attempting to figure out why these fields aren't populated.

If I populate them manually using the management console the EAP updates the email addresses immediatley.
ASKER CERTIFIED SOLUTION
Avatar of wokwon
wokwon
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of LegendZM
LegendZM
Flag of United States of America image
Would you mind going into more detail on your script?
Thanks. :)
Avatar of LegendZM
LegendZM
Flag of United States of America image
1. Open Internet Service Manager or Internet Information Services (IIS) Manager.
2. If necessary, expand the Web server that you want, and then expand Web Sites.
3. Right-click the Web site that you want to change.
4. Click Properties.
5. Click the Web Site tab.
6. Change the TCP Port Number in the TCP Port edit box (or click Advanced for multiple Port settings).
7. Click OK to save the changes.

Avatar of wokwon
wokwon
Flag of Australia image

ASKER

Hi LegendZM,
The script is copied from here:
http://www.wisesoft.co.uk/Scripts/display_script.aspx?id=178

I didn't write it and it is extremely easy to use.

The setup section to read in my CSV file is below:
' *************************************************
' * Setup
' *************************************************
 
' The Active Directory attribute that is to be used to match rows in the CSV file to
' Active Directory user accounts.  It is recommended to use unique attributes.
' e.g. sAMAccountName (Pre Windows 2000 Login) or userPrincipalName
' Other attributes can be used but are not guaranteed to be unique.  If multiple user 
' accounts are found, an error is returned and no update is performed.
strSearchAttribute = "sAMAccountName" 'User Name (Pre Windows 2000)
 
' Change the CSV header to match your CSV file
' See http://www.wisesoft.co.uk/Scripts/activedirectoryschema.aspx for attribute names
' The searchAttribute specified above must appear in the list.
' You can enter "null" for columns in the csv that are not to be included in the update
strCSVHeader = "cn,null,null,null,sAMAccountName,null,null,displayName,givenName,initials,sn,description,company,employeeId,department,title,telephoneNumber"
 
' Folder where CSV file is located 
strCSVFolder = "C:\Usercreation\"
' Name of the CSV File
strCSVFile = "users.csv"
' Does the CSV text file have a header row?  Options: "Yes", "No"
csvHasHDR = "Yes"

Open in new window