Solved

Query Accounts with Automatically update email addresses based on recipient policy Unchecked

Posted on 2007-03-30
1
1,675 Views
Last Modified: 2008-05-30
Is there a way I can query accounts that do not have the following attribute checked on a computer with Active Directory and Exchange?

“Automatically update email addresses based on recipient policy” found in an account’s properties E-mail addresses tab.

I want to get a list of users that do not have that option checked.
0
Comment
Question by:CecilAdmin
1 Comment
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
ID: 18824843
Use adfind from joeware (command-line tool from www.joeware.net) to query on the msExchPoliciesExcluded attribute. Under normal circumstances, this attribute is <Not Set>, so you just need to query for any user object that has a value set for that attribute. (You'll also want to query on any user that has proxyAddresses set to exclude objects that aren't mail-enabled to begin with.)

For example, you can query your whole domain as follows:

adfind -default -f "(&(objectcategory=person)(objectclass=user)(proxyAddresses=*)(msExchPoliciesExcluded=*))"

If you want, you can pipe these results into admod (also from www.joeware.net) to clear the msExch... attribute if that is your end goal. I'm doing this off the top of my head, but the syntax will look something like this: (both adfind and admod have extensive help screens to assist you in producing the syntax you need.)

adfind -default -f "(&(objectcategory=person)(objectclass=user)(proxyAddresses=*)(msExchPoliciesExcluded=*))" -dsq | admod msExchPolicies:-

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking
0

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now