Setting legacyExchangeDN with Powershell

zozig
zozig used Ask the Experts™
on
Hi Everyone,

Can anyone tell me if it is possible to set the legacyExchangeDN attribute within powershell for Exchange 2007?  I've tried using set-User from the EMS (Exchange Management Shell) but that particular attribute does not appear to be available.  Is there another way to set that attribute? code samples would be greatly appreciated.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
You can do this with the Quest AD cmdlets

set-qaduser USERNAME -objectattributes @{legacyExchangeDN="DN_OF_EXCHANGE"}

Author

Commented:
I'm assuming that requires the installation of some Quest software.  I would prefer a more generic solution, but I guess if Quest went to all the trouble it probably doesn't exist.

Commented:
If you have windows 2008R2 DCs you can use the MS cmdlets. But the quest ones work great if you do not have 2008R2 DCs.

http://www.quest.com/powershell/activeroles-server.aspx
Learn SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
If you have Windows 2008 you can use the set-aduser command to do it. I'm looking at a way to do it in the Exchange Management Shell right now. Gimme a sec.

Commented:
acbrown2010 the AD cmdlets are only avalible in 2008R2. I would be interested to see if it can be done using the exchange cmdlets.
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
Well, it *could* be done with the set-mailbox cmdlet, but LegacyExchangeDN is a read-only attribute as far as EMS is concerned. It also appears to be read only in the MS AD cmdlets, which is odd. DSMOD can't do it either, since that's not a supported mod property. You're stuck with ADSI Edit or the Quest cmdlets, apparently.

Author

Commented:
The strange thing is I'm able to provision an Active Directory account that has the legacyExchangDN set and when I invoke Enable-Mailbox it over writes that value.  Do you know if its possible to suppress the changing of the value when Enable-Mailbox is invoked?  I'm wondering if it is a policy setting of some type.
PowerShell Developer
Top Expert 2010
Commented:

Why do you want to set the legacyExchangeDN? It's normally managed by the system.

There are generic methods available, like this (which will work in any version of PowerShell):

$User = [ADSI]"LDAP://CN=User,OU=somewhere,DC=domain,DC=com"
$User.Put("legacyExchangeDN", "TheValue")
$User.SetInfo()

But... I would still be reluctant to set that manually.

Chris

Author

Commented:
Hi Chris,

Thanks for the code for setting the legacyExchangeDN, it works like a charm.  I know its a bit of a strange requirement, my understanding is that this legacyExchangeDN is set to a unique value across the enterprise so that when users leave the company and come back or when they leave and someone else shows up with the same name that they can avoid having issues with mailbox conflicts.  In any case, the requirement was defined to set this value during mailbox provisioning so I needed to have a solution that would allow me to do that.  Thanks for everyone's help.

Author

Commented:
Solution was provided that met the specified requirement.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial