Solved

Programmatically Provision AD User Accounts and Exchange 2007 mailboxes

Posted on 2013-11-21
3
423 Views
Last Modified: 2014-02-21
Hello,

We have an Active Directory 2003 domain running a mixed environment and an Exchange 2007 environment running native 2007.  Our Exchange environment consists of a DB and a CAS server.  We have a HRIS system that we are trying to get to create new users and mailboxes in our AD/Exchange environment automatically.  The system is creating AD accounts correctly but not the associated exchange mailbox.  It ends up creating a mail-enabled user account, not a mailbox user account, so no email mailbox is being generated for the user.  We are currently populating and pushing the following attributes:

cn
department
displayName
extensionAttribute1
extensionAttribute2
givenName
homeMDB
homeMTA
mail
mailNickname
name
-PunicodePwd
sAMAccountName
sn
targetAddress&proxyAddresses
telephoneNumber
title
userAccountControl
userPrincipalName

We are at the point where is it creating a mail-enabled user account but again is not creating an actual mailbox on the server.  Any help pointing us in the right direction would be greatly appreciated.

Thank you,
Paul C.
0
Comment
Question by:adlertech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 39667705
There are many vbscript, powershell scripting examples to fulfill your needs.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39669952
Ideally you just want to disable the mail user using Disable-MailUser and create mailbox for the user using Enable-Mailbox.

The problem you may face will be with the email address.  When you enable mailbox the alias of the account will be same as sAMAccountName. And email address stamped will be based on your email address policy (You can find it under Exchange Management console > Organization Configuration > HUB transport email address policies.).  If you didn't change anything specific on email address policy then email address will be stamped as "<alias>@domain.com".
So If you are sure that your account’s email address are in same format (<alias>@domain.com)then you can use the following code to enable mailbox for users.

To disable users.. create a text file contains the UPN’s of the users which you want to disable.. And use the following code..
GC C:\Users.txt | % {
Disable-MailUser $_ -Confirm:$false
}

Open in new window

C:\Users.txt format
UserA@domain.com
UserB@domain.com
UserC@domain.com
UserD@domain.com

Open in new window

You can use the same input file to enable the mailbox. Use the following code to enable mailbox..
GC C:\User.txt | % {
Enable-Mailbox $_ -Database "Server\Storage Group\DB001"
}

Open in new window

If you have a different email for mat other than (<alias>@domain.com). Then you need to update the correct email address along with the mailbox creation.

Run all the codes from Exchange Management Shell. And also don;t forget to test the code in your test server before you run it against production servers.
0
 
LVL 4

Accepted Solution

by:
aa-denver earned 500 total points
ID: 39669973
This is normal with Exchange 2007.  When a user account is mail enabled all the settings are made in Active Directory but the mailbox is not actually created on the server until the user logs onto the mailbox either with OWA or Outlook or until the user is sent an email.  So program your script to send an email to the new user right after mailbox creation.

A related issue that puzzles people but makes sense after you understand the above is that if you mail enable an account and then mail disable delete that account without connecting to the mailbox or sending mail to the new mailbox, there will be no disconnected mailbox visible on the Exchange server.

This article recaps the situation as well.  http://www.sysadmin-network.com/profiles/blogs/exchange-2007-powershell-1
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question