[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Exchange - Mail Enabled Group with Non-Mail Enabled User Accounts Appear in GAL

Posted on 2012-04-11
5
Medium Priority
?
941 Views
Last Modified: 2012-04-16
Hello Experts,
I'm sure the answer to this question is all around ~ I just cant find the right way to search for it correctly. Here's what I got:

Background:
We use a mail-enabled security group in active directory to e-mail the group AND for access to a file share. This group has a few user accounts which are not mail enabled, but they still need access to the file shares.

Problem:
In Outlook, when an email is sent to the group, NDR's are sent back because some of the accounts are without mailboxes.

Why? These non-mail-enabled accounts don't appear in the GAL by themselves, so I'm curious why they still appear in the GAL under the group? I peeked around ADSI, but couldnt see a specific setting for this. ShowInAddressBook is clear.

Thanks for your help!
0
Comment
Question by:ottobock
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 44

Expert Comment

by:Amit
ID: 37834824
Can you post the screeshot, what you are seeing GAL
Also read this
http://blog.imanami.com/blog/bid/62565/Distribution-group-or-mail-enabled-security-group
0
 
LVL 7

Author Comment

by:ottobock
ID: 37834877
I dont really want to post a screenshot and it will include user information, but here's another attempt:

Security Group (mail-enabled): Office_Group
Generic User Account without a mailbox added.

When I open Outlook > GAL > I can't find user with no Mailbox. (as should be)

But in the GAL, I find Office_Group, and if I send an email to that group, I get a bounceback for the user without a mailbox.

Make sense? Again, the group is for e-mail AND for access to local file shares. That is why there are a couple users with no mailbox, but still need access to the share.

But one would figure the users without mailboxes (without exchange attributes) would not appear in the GAL in anyway...
0
 
LVL 44

Expert Comment

by:Amit
ID: 37837359
A) If user doesn't have mailbox and is part of security group, email bounce back is normal.
B) User with mailbox only will show up in the GAL.
0
 
LVL 7

Author Comment

by:ottobock
ID: 37837413
OK - but why its it normal? It shouldn't be normal.
Is there a way to prevent the users without mailboxes to appear when I send an email to the group?

Of course, I could make a new distribution group just for the email, and separate the security group from the dirstribution group, but it just sounds dumb that Outlook/Exchange should even be attempting to send email to users without email within the same organization...
0
 
LVL 44

Accepted Solution

by:
Amit earned 2000 total points
ID: 37837447
Outlook is sending email to a DL in this case, then Exchange expands the DL and sends the email, Exchange will not check if user have a mailbox or not, that is why security groups are not recommended for emails, better to use Distribution groups.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question