[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Autodiscover and Linked Mailboxes

Published on
6,223 Points
1 Endorsement
Last Modified:
For different reasons (security, control, business process, merge and so on) some companies use a two Active Directory forest model: one for users and a second for the Exchange service.

There are many good articles regarding configuring Autodiscover for a Cross-Forest implementation, so I will not repeat that here, but here are some examples:
But for automatic work of the Autodiscover service to function (Outlook's automatic configuration with one click) it is necessary to satisfy one condition: attribute «mail» of user account should have an email address. In the case of Linked Mailboxes and two AD forests this attribute does not set when creating the mailbox.

In the case of a bigger organization (more than 500 users) it would be impractical to set the email address for each person manually. The Powershell script below resolves this issue.

The script takes all linked mailboxes, reads the «Linked Master Account» and «PrimarySmtpAddress» and then writes the email address into the appropriate account in the user Active Directory domain.

  • You will need to change the default values of variables (IP address of Domain Controller, Distinguished Name of OU with users, short name of the user AD domain and path to a log file) to yours.
  • You should enter the administrator’s credential twice: first for access to Exchange by Powershell (the script needs only access to the «get-mailbox» cmdlet) and second for Active Directory in the user forest (for change «mail» attribute).
  • The script should be run from the Exchange AD forest.
  • The script checks the previous value of the attribute «mail» and writes a new one if it’s not equal.
  • The script writes all changes into the log file.
  • If you plan to run the script from the Exchange Management Shell you need to hide the «Connect-ExchangeServer -auto» cmdlet.
User AD forest/domain: «user.com».
Exchange AD forest/domain: «exchange.com».

The script:
# Connect to AD and Exchange
if (-not(Get-Module -name "activedirectory")) { Import-Module ActiveDirectory | out-null }
Connect-ExchangeServer -auto

# Variables
$TargetDC = "" #IP address of user AD Domain Controller
$TargetDCOU = "OU=Company,DC=user,DC=com" #Distinguished name of OU with users
$ShortDomainName = "USER\" #Short name of user AD
$LogFile = "C:\Script\Mail_Attribute\log.txt" #Path to the log file

# Get information from AD to hash tables
$arrSourceAD = @{}
$arrTargetAD = @{}

# Get Exchange Forest credential
$credentials_Mail = Get-Credential
Get-Mailbox -Credential $credentials_Mail -RecipientTypeDetails LinkedMailbox | ForEach-Object {$arrSourceAD.Add($_.LinkedMasterAccount,$_.PrimarySmtpAddress)}
# Get User Forest credential
$credentials = Get-Credential
Get-ADUser -Credential $credentials -Filter * -SearchBase $TargetDCOU -Server $TargetDC -Properties mail | ForEach-Object {$arrTargetAD.Add($_.SamAccountName,$_.mail)}

# Main
$date = (Get-Date).ToString()
$date | Out-File $LogFile -Append

ForEach ($TargetUser in $arrTargetAD.Keys){
    $TargetUser1 = $ShortDomainName + $TargetUser
    if ($arrSourceAD.ContainsKey($TargetUser1) -eq "True"){
        if ($arrTargetAD.$TargetUser -ne $arrSourceAD.$TargetUser1){
            $SourceUserEmail = $arrSourceAD.$TargetUser1
            $TargetUserEmail = $arrTargetAD.$TargetUser
            $TargetUserName = $TargetUser
            $LogText = "$date. Account '$TargetUserName'. Attribute 'mail' has been changed from '$TargetUserEmail' to '$SourceUserEmail'."
            Write-Output $LogText
            # Write to the log file
            $LogText | Out-File $LogFile -Append
            # Write changes into the user account
            Set-ADUser -Credential $credentials $TargetUserName -Server $TargetDC -Replace @{mail="$SourceUserEmail"}

Open in new window

I hope that Microsoft engineers will pay attention to this little issue and fix it in the next cumulative update or in the next generation of Exchange Server.

Good luck.

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Other articles by this author

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month