Solved

Query Accounts with Automatically update email addresses based on recipient policy Unchecked

Posted on 2007-03-30
1
1,734 Views
Last Modified: 2008-05-30
Is there a way I can query accounts that do not have the following attribute checked on a computer with Active Directory and Exchange?

“Automatically update email addresses based on recipient policy” found in an account’s properties E-mail addresses tab.

I want to get a list of users that do not have that option checked.
0
Comment
Question by:CecilAdmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
ID: 18824843
Use adfind from joeware (command-line tool from www.joeware.net) to query on the msExchPoliciesExcluded attribute. Under normal circumstances, this attribute is <Not Set>, so you just need to query for any user object that has a value set for that attribute. (You'll also want to query on any user that has proxyAddresses set to exclude objects that aren't mail-enabled to begin with.)

For example, you can query your whole domain as follows:

adfind -default -f "(&(objectcategory=person)(objectclass=user)(proxyAddresses=*)(msExchPoliciesExcluded=*))"

If you want, you can pipe these results into admod (also from www.joeware.net) to clear the msExch... attribute if that is your end goal. I'm doing this off the top of my head, but the syntax will look something like this: (both adfind and admod have extensive help screens to assist you in producing the syntax you need.)

adfind -default -f "(&(objectcategory=person)(objectclass=user)(proxyAddresses=*)(msExchPoliciesExcluded=*))" -dsq | admod msExchPolicies:-

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question