Exchange 2010 - The right way to add John Doe Jr
Posted on 2014-08-07
Why did Microsoft automatically add a '2' to my primary SMTP address? What is this called and where is it documented? Even after I fixed the problem why did OWA have temporary permissions problems on the mailbox:
"The Active Directory resource couldn't be accessed. This may be because the Active Directory object doesn't exist or the object has become corrupted, or because you don't have the correct permissions."?
I created my own fix, but I'd like to throw this out for the experts.
John Doe has been working for Acme Consulting for several years. He has a domain account on acme.local and a mailbox in Exchange 2010. John's son, John Doe Jr., does some contract work and eventually earns full employment. On John Doe Jr's first day as a full-time employee I get a request to provide him with an Exchange mailbox.
I right-click the existing John Doe and rename to "John Doe Sr." I also change the full name field. I do not change first or last.
I right-click John Doe Sr and copy the account permissions to a new account. The new AD account is acme\jdoejr. The new first name is John, and the new last name is Doe, just like his dad, but the full name is different than dad, "John Doe Jr".
At this point I satisfied all of my needs, but I will trigger some artificial intelligence from Microsoft. When I add the mailbox, the Exchange 2010 wizard fails to tell me that my primary SMTP address is email@example.com instead of firstname.lastname@example.org. I start using the OWA account to send test messages.
The test messages reveal this very unattractive primary SMTP address. Okay, okay, okay, this needs to be fixed. I delete the mailbox from Exchange, which also kills the AD object. Junior is now out of the system, but his mailbox is orphaned.
In my next attempt I reduce the first name to "J". Now I don't have to worry about Microsoft artificial intelligence adding an extra '2' to my primary SMTP address.
My new J Doe Jr looks good in AD. I switch to the Exchange Management Console and I attached the orphaned mailbox. The wizard claims success.
Unfortunately when I use email@example.com authenticate with OWA I get this message, "The Active Directory resource couldn't be accessed. This may be because the Active Directory object doesn't exist or
the object has become corrupted, or because you don't have the correct permissions." After 15 minutes there was no change.
I had more important things to do for a few hours. When I returned the AD permissions had somehow propagated correctly and everything was fine. AD is running on the Exchange server and one other DC.
Can I turn off the automatic '2' on the SMTP address?
Why did OWA have to wait to get the proper permissions?
Thanks in advance!