Solved

Active Directory extension attributes

Posted on 2014-02-06
8
548 Views
Last Modified: 2014-02-28
Hi,

I have come across an Active Directory account with a mailbox that has an extension attribute with an external email address defined in it.

What would be the purpose of this?
0
Comment
Question by:cmatchett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39839112
This is most likely a Mail User. A Mail User is a user that has access to login to your domain and also has a mailbox as well. The difference is this user uses an External email address instead of your company.com mailing address.

You can use powershell to view all of the Mail Users in your environment.
get-mailuser | ft 

Open in new window


Will.
0
 

Author Comment

by:cmatchett
ID: 39839124
Hi Will,

Yes, this person called joe bloggs has an email account with an email address in this organisation of joe.bloggs@exchangeorg.com but the extension attribute is for joe.soap@anothercompany.com
0
 

Author Comment

by:cmatchett
ID: 39839135
i should note that i came across this when using ADSI edit
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39839169
Sorry i read this too fast! If it is an Extension Attribute this really doesn't mean anything unless you have filters tied to them, like and Address List. You can use Extension Attributes for example "HR" which you can then use that in an Address List query to build your address lists. So all users that have Extension Attribute1 set as "HR" will be part of this Address List.

That is basically all it is used for.

Will.
0
 

Author Comment

by:cmatchett
ID: 39839244
well the other thing is that one account is an administrative account and the extension attribute seems to be for the personal email address of another one of the administrators.  On this account only
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39839341
The Extension Attribute is only there as a place holder. You can enter anything in there that you like its "arbitrary". As stated those extensions are used if you want to add have specific words to group users together when creating address list or when doing some sort of query.

Your guess is as good as mine why that administrator put that value in there if it is his own Email Address.

Will.
0
 

Author Comment

by:cmatchett
ID: 39841243
I could query AD to see how many other users have this attribute defined?
0
 

Expert Comment

by:ajay_902
ID: 39896741
As per knowledge is concern basicaly custom/extension attribute used for the add the record of user.

Here extention attributes keep user external email id and as i know u can create a custom attribute as per the company requirment. like phone no, home address other field.


http://social.technet.microsoft.com/wiki/contents/articles/20319.how-to-create-a-custom-attribute-in-active-directory.aspx
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question