Exchange 2010 - The right way to add John Doe Jr

Why did Microsoft automatically add a '2' to my primary SMTP address? What is this called and where is it documented? Even after I fixed the problem why did OWA have temporary permissions problems on the mailbox:

"The Active Directory resource couldn't be accessed. This may be because the Active Directory object doesn't exist or the object has become corrupted, or because you don't have the correct permissions."?

I created my own fix, but I'd like to throw this out for the experts.

John Doe has been working for Acme Consulting for several years.  He has a domain account on acme.local and a mailbox in Exchange 2010. John's son, John Doe Jr., does some contract work and eventually earns full employment. On John Doe Jr's first day as a full-time employee I get a request to provide him with an Exchange mailbox.

I right-click the existing John Doe and rename to "John Doe Sr." I also change the full name field.  I do not change first or last.

I right-click John Doe Sr and copy the account permissions to a new account. The new AD account is acme\jdoejr. The new first name is John, and the new last name is Doe, just like his dad, but the full name is different than dad, "John Doe Jr".

At this point I satisfied all of my needs, but I will trigger some artificial intelligence from Microsoft. When I add the mailbox, the Exchange 2010 wizard fails to tell me that my primary SMTP address is jdoejr2@acme.local instead of jdoejr@acme.local.  I start using the OWA account to send test messages.

The test messages reveal this very unattractive primary SMTP address. Okay, okay, okay, this needs to be fixed. I delete the mailbox from Exchange, which also kills the AD object.  Junior is now out of the system, but his mailbox is orphaned.

In my next attempt I  reduce the first name to "J".  Now I don't have to worry about Microsoft artificial intelligence adding an extra '2' to my primary SMTP address.

My new J Doe Jr looks good in AD. I switch to the Exchange Management Console and I attached the orphaned mailbox. The wizard claims success.

Unfortunately when I use jdoejr@acme.local authenticate with OWA I get this message, "The Active Directory resource couldn't be accessed. This may be because the Active Directory object doesn't exist or
the object has become corrupted, or because you don't have the correct permissions."  After 15 minutes there was no change.

I had more important things to do for a few hours. When I returned the AD permissions had somehow propagated correctly and everything was fine. AD is running on the Exchange server and one other DC.

In summary....
Can I turn off the automatic '2' on the SMTP address?
Why did OWA have to wait to get the proper permissions?

Thanks in advance!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I think the "2" due to the existing of jdoejr@acme.local. You may check the older Joh  Doe, what is the email addressess assign to him (primary/scondary SMTP).

The reason why OWA need wait because Exchange is depending on Active Directory. Normally, Exchange will refresh the cache permission (Active Directory permission) every 2 hours.
Premkumar YogeswaranAnalyst II - System AdministratorCommented:
As suriyaehnop said, this would happen if any other user having the same smtp address in primary or secondary addresses.

Use any of the below commands to find the user having the smtp address.

Get-Mailbox jdoejr@acme.local

Open in new window

Get-Mailbox –Filter {Emailaddresses –Like "jdoejr@acme.local"} | Select Name, Emailaddresses

Open in new window

Simon Butler (Sembee)ConsultantCommented:
The Exchange wizard doesn't tell you anything about email addresses. The email address is applied later via the email address policy.
Exchange caches permissions - therefore it can take two hours or more for a change to be fully seen by the internet.
You can't stop the 2 from being applied if the email address clashes. The mistake was setting the same surname - you should have put the Jr bit in there and Exchange would have done the rest.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

kengregAuthor Commented:
Suriyaehnop and Premkumar,
I looked for the existence of jdoejr on the father's mailbox.  He was simply jdoe@acme.local.

I'm convinced that Exchange added the 2 based only on first & last, and not because there was a conflicting SMTP address.

My solution was alter the first name. Simon's solution is alter the last name. I think it's one or the other.

I'm still looking around.
Simon Butler (Sembee)ConsultantCommented:
"I'm convinced that Exchange added the 2 based only on first & last, and not because there was a conflicting SMTP address."

That is what Exchange works on for building the email address. The display name is just that - a display name. Therefore if you put the same first and surname in, then Exchange would treat that as a conflict and add the 2 to the address. That behaviour cannot be changed, other than by ensuring you don't conflict.

kengregAuthor Commented:
Exchange considers the first name and last name fields when looking for conflicts.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.