farfo
asked on
Old recipient policy works. Getting LDAP error with new ones.
We currently have a recipient policy that gives any new accounts a
"username@company.com" address.
We are also in the process of setting up exchange accounts for
each of our remote sites- each of which has a separate OU according
to location.
What I'm trying to do is set up a recipient policy for each location / OU, so that
when accounts are created within an OU, they get given a "username@location1.compan y.com"
email address. Location1, location2 etc correspond to the name of each OU.
This is failing to occur- each account within an OU is receiving an email address- but in the
original format i.e. without the "location". It looks like the only recipient policy being applied is the
original.
I have tried moving the new recipient policies up the priority list but this doesn't fix
the problem.
The only event of note in the exchange server's Application log is the following:
=========================
Source: MSExchangeAL
Category: LDAP Operations
Event ID: 8270
Description:
LDAP returned the error [41] Object Class Violation when importing the transaction
dn: <GUID=D5C596F7E29149489074 A3C6F82939 84>
changetype: Modify
mail:s517280@location1.com pany.com
textEncodedORAddress:c=US; a= ;p=XXXXXXX;o=YYYYYYYY;s=x5 17280;
proxyAddresses:X400:c=US;a = ;p=XXXXXXX; o=YYYYYYYY;s=x517280;
: SMTP:s517280@location1.com pany.com
msExchPoliciesIncluded:add :{2FCA45D0 -BE49-4D02 -B781-E2F1 DD7BF14C}, {26491CFC- 9E50-4857- 861B-0CB8D F22B5D7}
objectGUID:D5C596F7E291494 89074A3C6F 8293984
-
DC=ZZZZZZ,DC=ZZZZZZ
=========================
...the addresses provided in the error i.e. "@location1..." correspond to what I'm trying to set in the
recipient policies that aren't working. Note: Selecting "Apply this policy now" for whatever policy doesn't
work.
Our environment is:
- Windows server 2003
- Exchange server 2003 SP1.
I have searched on this error without too much luck. Any help appreciated.
"username@company.com" address.
We are also in the process of setting up exchange accounts for
each of our remote sites- each of which has a separate OU according
to location.
What I'm trying to do is set up a recipient policy for each location / OU, so that
when accounts are created within an OU, they get given a "username@location1.compan
email address. Location1, location2 etc correspond to the name of each OU.
This is failing to occur- each account within an OU is receiving an email address- but in the
original format i.e. without the "location". It looks like the only recipient policy being applied is the
original.
I have tried moving the new recipient policies up the priority list but this doesn't fix
the problem.
The only event of note in the exchange server's Application log is the following:
=========================
Source: MSExchangeAL
Category: LDAP Operations
Event ID: 8270
Description:
LDAP returned the error [41] Object Class Violation when importing the transaction
dn: <GUID=D5C596F7E29149489074
changetype: Modify
mail:s517280@location1.com
textEncodedORAddress:c=US;
proxyAddresses:X400:c=US;a
: SMTP:s517280@location1.com
msExchPoliciesIncluded:add
objectGUID:D5C596F7E291494
-
DC=ZZZZZZ,DC=ZZZZZZ
=========================
...the addresses provided in the error i.e. "@location1..." correspond to what I'm trying to set in the
recipient policies that aren't working. Note: Selecting "Apply this policy now" for whatever policy doesn't
work.
Our environment is:
- Windows server 2003
- Exchange server 2003 SP1.
I have searched on this error without too much luck. Any help appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You have a good plan, you can also use tools like Ldifde or ADmodify or some scripts to update one particular attributie like Office as you said and populate it with the location and then you can use this attribute to identify all users from a particular location and apply recipient policies.
similarly, Recipient policies doesnt work on Group Membership or anyother attribute that the RUS is responsible for. Just for your info, here is the related KB ->
The address list or the recipient policy filter is not applied when it is based on group membership or an attribute that the Recipient Update Service is responsible for.
http://support.microsoft.com/kb/304516
Thanks,
Amit Aggarwal.
similarly, Recipient policies doesnt work on Group Membership or anyother attribute that the RUS is responsible for. Just for your info, here is the related KB ->
The address list or the recipient policy filter is not applied when it is based on group membership or an attribute that the Recipient Update Service is responsible for.
http://support.microsoft.com/kb/304516
Thanks,
Amit Aggarwal.
ASKER
on the OU in which an account is created- I thought OUs would have been a prime candidate for this sort of thing.
What I'll most likely do now is create a template within each OU that has the name of the town in the
Office attribute, and work the recipient policies around that. It won't be saving me too much work though-
as I could probably add @townname.company.com to the template to get a similar result.
Ah well- if you've got any other suggestions I'd be happy to hear them.
Thanks again.