Solved

Recipient Policy based on AD group membership

Posted on 2010-11-30
16
1,178 Views
Last Modified: 2012-05-10
Ok so I've got an AD Distribution group with 8 members.  Those members need an additional email alias, so I create a new Recipient Policy of which I Filter to that specific Dist group.  Add a new SMTP address and that's all I modify.  Once I hit Ok I see it in the list with a Priority of 5 and physically listed below the default domain one with a Priority of Lowest.  I am unable to move up or move this down as both options are greyed out.  Which I dont understand why.

So that was last week.. this policy has been created now for 5 days and those user accounts still do not have the new address alias.  My Recipient Update Service (domain and enterprise) are set to Always Run.

I bumped up the logging level to Maximum and my entire Application Log is full of MSExchangeAL entries and I have found entries specifically concerning this policy however I'm unsure of what to look for to determine why its not been added to those accounts.

Any help?
0
Comment
Question by:Ben Hart
16 Comments
 
LVL 19

Accepted Solution

by:
Delphineous Silverwing earned 250 total points
Comment Utility
Make sure each of these users have the "Automatically update e-mail addresses based on e-mail address policy" enabled (checked).

What version of Exchange are you using?
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
It's Exchange 2003 and yes all the user involved.. well all users in my domain really have that checked by default.
0
 
LVL 23

Expert Comment

by:Stacy Spear
Comment Utility
Is this an address list or security group? It needs to be a security group, not a distro list. Also, set it to global to include your domain.

If this doesn't fix it, post up some of the errors you are getting.
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
OK I deleted and created a new Policy based off a security group containing the users in question.  Im not sure I understand the global part there...

And I never did get any actual errors.. the new email address alias's just never appeared on the specified domain accounts.
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
Oh wait.. the security group to global?  Yes it is Global in scope.
0
 
LVL 23

Expert Comment

by:Stacy Spear
Comment Utility
Did you just create it? If so, right click on both RUS's and choose run/update now.
0
 
LVL 23

Expert Comment

by:Stacy Spear
Comment Utility
Seems odd that you cannot change the order. I need to fire up a E2K3 box to check that out.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
I had "just" re-created that one.. which now has been alive for around 2 hours.  The previous Policy lived for almost 5 days.. and the accounts were never updated with the extra address.  The new policy from 2 hours still has'nt updated anything either.

As a test I created a test user.. the default recipient policy added the two aliases as it should.. but the new one adds nothing.
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
Its been over 12 hours.. still not additional addresses on teh specified user accounts.
0
 
LVL 23

Assisted Solution

by:Stacy Spear
Stacy Spear earned 250 total points
Comment Utility
My highest and lowest policy won't move either. Only when I create multiple policies did I get that choice.

did you right click on the policy and choose apply now? If so, copy the filter rules, and put it in a new saved query in AD users and computers. In the query definition, change it to custom, then advanced, and paste it in. It should find that group. If it doesn't, your filter is the issue.
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
Sorry it took so long to get back.  I did exactly as you said.  Created a new saved query, advanced, pasted in what my rec policy is using and it did return my global security group containing the user I want this policy to apply to.  However it's still not applying.
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
Sorry for the neglect dematzer, if you will cancel the close request I will award points.
0
 
LVL 74

Expert Comment

by:Glen Knight
Comment Utility
You can cancel the request yourself by clicking the accept answer button (I think) otherwise object and then it should appear.
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
No dice.. "This question already has an auto close request. You must cancel the previous request before creating another."
0
 
LVL 14

Author Comment

by:Ben Hart
Comment Utility
Ahh Object appeared.  Thx.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now