[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Recipient Policy based on AD group membership

Posted on 2010-11-30
16
Medium Priority
?
1,191 Views
Last Modified: 2012-05-10
Ok so I've got an AD Distribution group with 8 members.  Those members need an additional email alias, so I create a new Recipient Policy of which I Filter to that specific Dist group.  Add a new SMTP address and that's all I modify.  Once I hit Ok I see it in the list with a Priority of 5 and physically listed below the default domain one with a Priority of Lowest.  I am unable to move up or move this down as both options are greyed out.  Which I dont understand why.

So that was last week.. this policy has been created now for 5 days and those user accounts still do not have the new address alias.  My Recipient Update Service (domain and enterprise) are set to Always Run.

I bumped up the logging level to Maximum and my entire Application Log is full of MSExchangeAL entries and I have found entries specifically concerning this policy however I'm unsure of what to look for to determine why its not been added to those accounts.

Any help?
0
Comment
Question by:Ben Hart
15 Comments
 
LVL 19

Accepted Solution

by:
Delphineous Silverwing earned 1000 total points
ID: 34248010
Make sure each of these users have the "Automatically update e-mail addresses based on e-mail address policy" enabled (checked).

What version of Exchange are you using?
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 34248628
It's Exchange 2003 and yes all the user involved.. well all users in my domain really have that checked by default.
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 34248694
Is this an address list or security group? It needs to be a security group, not a distro list. Also, set it to global to include your domain.

If this doesn't fix it, post up some of the errors you are getting.
0
Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

 
LVL 14

Author Comment

by:Ben Hart
ID: 34248876
OK I deleted and created a new Policy based off a security group containing the users in question.  Im not sure I understand the global part there...

And I never did get any actual errors.. the new email address alias's just never appeared on the specified domain accounts.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 34248884
Oh wait.. the security group to global?  Yes it is Global in scope.
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 34248915
Did you just create it? If so, right click on both RUS's and choose run/update now.
0
 
LVL 23

Expert Comment

by:Stacy Spear
ID: 34248931
Seems odd that you cannot change the order. I need to fire up a E2K3 box to check that out.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 34251910
I had "just" re-created that one.. which now has been alive for around 2 hours.  The previous Policy lived for almost 5 days.. and the accounts were never updated with the extra address.  The new policy from 2 hours still has'nt updated anything either.

As a test I created a test user.. the default recipient policy added the two aliases as it should.. but the new one adds nothing.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 34259760
Its been over 12 hours.. still not additional addresses on teh specified user accounts.
0
 
LVL 23

Assisted Solution

by:Stacy Spear
Stacy Spear earned 1000 total points
ID: 34260184
My highest and lowest policy won't move either. Only when I create multiple policies did I get that choice.

did you right click on the policy and choose apply now? If so, copy the filter rules, and put it in a new saved query in AD users and computers. In the query definition, change it to custom, then advanced, and paste it in. It should find that group. If it doesn't, your filter is the issue.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 34397154
Sorry it took so long to get back.  I did exactly as you said.  Created a new saved query, advanced, pasted in what my rec policy is using and it did return my global security group containing the user I want this policy to apply to.  However it's still not applying.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 35018619
Sorry for the neglect dematzer, if you will cancel the close request I will award points.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35018658
You can cancel the request yourself by clicking the accept answer button (I think) otherwise object and then it should appear.
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 35022187
No dice.. "This question already has an auto close request. You must cancel the previous request before creating another."
0
 
LVL 14

Author Comment

by:Ben Hart
ID: 35022193
Ahh Object appeared.  Thx.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today as you open your Outlook, you witness an error message: “Outlook is using an old copy of your Outlook Data File…”. Probably, Outlook is accessing an old OST file.
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question