I've read and followed the instructions at this URL:
I've got some questions and hoped someone here might be kind enough to assist me :)
I've typed a lot and apologise if these have been asked before. My head is over flowing with questions that I need to ask in order to fully understand.
1. It asks to create a Universal Security Group which I've done. However does it really need an email address? I'm assuming that the reason to have the group is to allow the recipient policy to know which accounts to append the correct email domain? I realise it's also handy to have this group so employees can email everyone but just want to fully understand the process behind it. Currently I've set to only allow email from authenticated users.
2. When creating a recipient policy the instructions give a Custom LDAP rule. I've copied this and altered it to suit our needs. I kind of understand the rule apart from all the '&' and '(' symbols. I was wondering though, could I not create the same rule but use the GUI? I've seen a few 'Member Of' statements. The reason I ask is as I'm unable to create my own LDAP rule I may want to alter it and I'd need to rely on the GUI wizard. Can the wizard create the same filter that the tutorial mentions?
3. In the recipient policy I've specified the email address as ' %email@example.com '. This is 'firstname.lastname@example.org
m'. Is this OK to use?
4. The tutorial mentions that a 'bogus' SMTP address will appear and needs to be present in the recipient policy. It's basically the network domain after the @ sign. It never appeared when I set the policy up. In fact, when I've added users in the past I've always removed the network domain email address from all users. The tutorial states OWA requires this but we've never had a problem? Am I missing something or has something changed within Exchange which no longer requires this?
5. Again, setting up the address book requires an LDAP rule. The tutorial has a custom rule but could this be created using the GUI wizard? If so, how? I've tried using the wizard but it always creates rules which look really long? These custom ones are so tidy.
6. I've create a UPN suffix and this works well. I noticed it only works for accounts you create directly under the OU you've edited. If you create an account under a Sub OU of the OU you edited then you don't get the option to change domain. Is this correct? What is the purpose of the UPN suffix? Is it simply used for this reason?
7. I want users to login using their full email address via OWA. I take it I must ensure to set their username to be 'first.lastname' and then select the correct domain name from the list? This again appears to work. I've noticed that the user can also type in 'Domain\username'. Is this method of two different logins standard?
8. If I remove a user from the Universal group will the email recipient policy update that users email address? (i.e. remove it?) OR would I need to reapply the policy manually?
Thank you very much for reading and I hope someone can help :)