Reply Field has OU and CN and Other AD as the address

Just did an upgrade of SBS 2008 to Exchange 2010 under Server 2012. The mailboxes were migrated using the various powershell scripts to import and export them to PST files.

After the upgrade was complete, some users are reporting bounce messages (people sending to the user from outside the organization are forwarding bounces, which then get forwarded to me) indicating the that active directory addresses not the regular email addresses are being send in the reply to field.

I found this article, which details a problem and solutionk:

THe question is: is there a simplier way to do it using powershell scripts?

Exchange is 2010 with all the current service packs and roll ups.
LVL 32
Who is Participating?
tigermattConnect With a Mentor Commented:
Yes, this is the old X.500 address issue alright. Outlook doesn't use SMTP addresses internally, which is why this happens when you created the new domain and Exchange organisation and users get stamped with different internal names.

The additional address you need to add to replicate the user's legacyExchangeDN on the previous domain is just another type of email address on the user's account. The PowerShell syntax is as follows:
$user = Get-Mailbox <Username or Alias>
Set-Mailbox <Username or Alias> -EmailAddresses $user.EmailAddresses

Open in new window

Batch for each user from a CSV or similar as appropriate.

DrDamnitAuthor Commented:
I don't understand what line 2 is doing.

Here's the batch from csv that I am working with:

import-csv theUsers.csv | foreach {
    $name = $_.Name
    $user = $_.SamAccountName
    $first = $_.First
    $last = $_.Last
    $org = $_.Org 
    $path = $_.Path 
    $enabled = $_.Enabled 

    $user = Get-Mailbox $name
    Set-Mailbox $name -EmailAddresses $user.EmailAddresses

Open in new window

$user.EmailAddresses is the array of email addresses retrieved from the user's Active Directory account settings.

+= is the Powershell operator to append. Just like saying $user.EmailAddresses = $user.EmailAddresses + "new address", as in PHP, Java, et al.

But I am sure you worked that bit out.

I suspect the part you don't understand is the actual value being added.

In Powershell terms, an email address has two parts:

1. The type. This is the "X500" in line 2. If you were to look at the contents of the EmailAddresses array for a user, you would see most of the addresses are of type smtp.

<a colon to separate the two>

2. The actual address.

While there is a CSV for all the users, it does not necessarily follow that the legacyExchangeDN attached to their mailbox on the old system followed a consistent format. If the old system is still available, the best approach would almost certainly be to run Get-Mailbox | fl name,legacyexchangedn at the Exchange Shell on the 2008 box. This will give you the definitive list of addresses which can just be bulk added as X500 addresses to the new system.

If the old system is no longer available, then it will be a process of trial and error. I left the "..." in the address in line 2 to indicate this needs to be filled in with system specific details. The addresses are probably something of the form

X500:/O=First Organization/OU=Exchange Administrative Group (FYDIBOHF23SPDLT)/CN=Recipients/CN=User's Primary Email address

but the latter part could very well not be the user's address, but just their alias, which could just be the part before the in their address, but might not be. Similarly, I don't think it is the case here, but had the users on SBS 2008 been upgraded from 2003, their legacyExchangeDNs would not have been upgraded in the process. Pre-Exchange 2007 had the concept of administrative groups, so those users would not be part of the Exchange Administrative Group which is the one and only admin group in 2007 and higher (they got rid of the concept here). But users made after the upgrade would have received the admin group shown above... the Exchange internals are all very complicated when you involve backwards compatibility.

Trivia: FYDIBOHF23SPDLT in the name of the 2007 and higher admin group is the ciphertext output of a Caesar cipher with key 1, in case you hadn't realised.

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
As x500 addresses needs to be modified, it needs to be scripted or use ADMODIFY.  Line 2 sets  $user to the SAM Account name but then it sets it to the mailbox.  I don't believe you need line 2.
DrDamnitAuthor Commented:
I am, perhaps, making this more complicated in my head that it is in real life.

The old system is available, so I can run the get-mailbox command on it and produce the list as desired.

I am just not seeing the connection between establishing these addresses and telling exchange "Don't use these as the reply address. Ever."
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.