Avatar of DrDamnit
DrDamnitFlag for United States of America

asked on 

Reply Field has OU and CN and Other AD as the address

Just did an upgrade of SBS 2008 to Exchange 2010 under Server 2012. The mailboxes were migrated using the various powershell scripts to import and export them to PST files.

After the upgrade was complete, some users are reporting bounce messages (people sending to the user from outside the organization are forwarding bounces, which then get forwarded to me) indicating the that active directory addresses not the regular email addresses are being send in the reply to field.

I found this article, which details a problem and solutionk:

THe question is: is there a simplier way to do it using powershell scripts?

Exchange is 2010 with all the current service packs and roll ups.

Avatar of undefined
Last Comment
Avatar of tigermatt
Flag of United Kingdom of Great Britain and Northern Ireland image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of DrDamnit
Flag of United States of America image


I don't understand what line 2 is doing.

Here's the batch from csv that I am working with:

import-csv theUsers.csv | foreach {
    $name = $_.Name
    $user = $_.SamAccountName
    $first = $_.First
    $last = $_.Last
    $org = $_.Org 
    $path = $_.Path 
    $enabled = $_.Enabled 

    $user = Get-Mailbox $name
    Set-Mailbox $name -EmailAddresses $user.EmailAddresses

Open in new window

Avatar of tigermatt
Flag of United Kingdom of Great Britain and Northern Ireland image

$user.EmailAddresses is the array of email addresses retrieved from the user's Active Directory account settings.

+= is the Powershell operator to append. Just like saying $user.EmailAddresses = $user.EmailAddresses + "new address", as in PHP, Java, et al.

But I am sure you worked that bit out.

I suspect the part you don't understand is the actual value being added.

In Powershell terms, an email address has two parts:

1. The type. This is the "X500" in line 2. If you were to look at the contents of the EmailAddresses array for a user, you would see most of the addresses are of type smtp.

<a colon to separate the two>

2. The actual address.

While there is a CSV for all the users, it does not necessarily follow that the legacyExchangeDN attached to their mailbox on the old system followed a consistent format. If the old system is still available, the best approach would almost certainly be to run Get-Mailbox | fl name,legacyexchangedn at the Exchange Shell on the 2008 box. This will give you the definitive list of addresses which can just be bulk added as X500 addresses to the new system.

If the old system is no longer available, then it will be a process of trial and error. I left the "..." in the address in line 2 to indicate this needs to be filled in with system specific details. The addresses are probably something of the form

X500:/O=First Organization/OU=Exchange Administrative Group (FYDIBOHF23SPDLT)/CN=Recipients/CN=User's Primary Email address

but the latter part could very well not be the user's address, but just their alias, which could just be the part before the @domain.com in their address, but might not be. Similarly, I don't think it is the case here, but had the users on SBS 2008 been upgraded from 2003, their legacyExchangeDNs would not have been upgraded in the process. Pre-Exchange 2007 had the concept of administrative groups, so those users would not be part of the Exchange Administrative Group which is the one and only admin group in 2007 and higher (they got rid of the concept here). But users made after the upgrade would have received the admin group shown above... the Exchange internals are all very complicated when you involve backwards compatibility.

Trivia: FYDIBOHF23SPDLT in the name of the 2007 and higher admin group is the ciphertext output of a Caesar cipher with key 1, in case you hadn't realised.

As x500 addresses needs to be modified, it needs to be scripted or use ADMODIFY.  Line 2 sets  $user to the SAM Account name but then it sets it to the mailbox.  I don't believe you need line 2.
Avatar of DrDamnit
Flag of United States of America image


I am, perhaps, making this more complicated in my head that it is in real life.

The old system is available, so I can run the get-mailbox command on it and produce the list as desired.

I am just not seeing the connection between establishing these addresses and telling exchange "Don't use these as the reply address. Ever."

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo