Email Address Polices in Exchange 2010

Hi,

I have been dumped with exchange 2010 environment that was managed by someone who left the business. They migrated from exchange 2003 to exchange 2010sp1.

2 exchange 2010 servers in a DAG.

I am faced with some legacy mailbox policies that were created on exchange 2003 and I am unable to open them in exchange 2010. (there are no exchange 2003 servers in the environment anymore).

I was reading this article, but there are some things that worry me a bit, especially about LDAP filtering.

https://www.simple-talk.com/sysadmin/exchange/upgrade-exchange-2003-to-exchange-2010---part-ii/

I run this command on one of the policy Get-EmailAddressPolicy -Identity policyname | fl  and I can see there are LDAP filter (see attached).

How do I go about updating these policies so I can open/edit them in exchange 2010 console without breaking them?

I also want to know the PowerShell command to use to check which users have which policy applied?

is there another command to run to check what's configured in email policies other than what I have already used?

its been awhile since I last touched exchange so am a bit nervous making any changes....

Thanks in advance!
LDAP.PNG
badabing1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
The person before you obviously did not complete the migration correctly. If you are still getting references from 2003 for Address Lists and Email Address Policies, what you can try is converting the LDAP Filters to OPATH (Exchange 2007/2010) See link below.
https://technet.microsoft.com/en-ca/library/cc164375(v=exchg.141).aspx

If you cannot force this then you might have to forcefully remove the Email Address Policies and re-create new ones from the Exchagne 2010 server.

Will.
badabing1Author Commented:
Thanks, can you advise on some power shell command to check policies as per my initial post please?
Will SzymkowskiSenior Solution ArchitectCommented:
In the initial link i had posted provides the powershell commands to upgrade from LDAP to OPATH.
https://technet.microsoft.com/en-ca/library/dd335105(v=exchg.141).aspx

Will.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

badabing1Author Commented:
Thanks Will, but can you please suggest a command for one policy upgrade at a time.

I want to try this on one policy at a time.

Email address policy command ?
Address policy command ?

Thanks
Will SzymkowskiSenior Solution ArchitectCommented:
Just so you know you cannot use the EMC to upgrade address lists or email address policies. Below is a powershell command for updating All Users Address list.

Set-AddressList "All Users" -IncludedRecipients MailboxUsers

Open in new window


Will.
badabing1Author Commented:
so am not able to run the command on one policy to see if that has worked but instead I have to run the above command to upgrade all ?

its a bit risky isn't it? we have several email address policies and address lists and I was hoping for a command that I can run to upgrade them one at a time?

if I go on the route of creating a new email policy in exchange 2010 is there a way I can check the existing policy configuration so I can copy that to the new bearing in mind that I cant open it because its a legacy? any command for that do you know of?

Thanks
Will SzymkowskiSenior Solution ArchitectCommented:
All Users is an individual address list so it only affects this address list. Don't get confused with all users.

Will.
badabing1Author Commented:
oh Ok, so I only need to use the policy name e.g "mobile company users" using the above command and that will only effect that policy ? if this is true then one step closer and what about the mailbox policy command?

what you mind explaining this command please?

Set-AddressList "Mobile company Users" -IncludedRecipients MailboxUsers

sorry for detailed questions just don't want to get it wrong.

much appreciated!
badabing1Author Commented:
can someone please help convert this into OPATH? I've followed the article below and used that script but for some reason its gives error when I click on preview (see attached)

https://gallery.technet.microsoft.com/scriptcenter/7c04b866-f83d-4b34-98ec-f944811dd48d

(&(mailNickname=*)(objectCategory=person)(objectClass=user)(objectClass=user)(objectCategory=person)(mailNickname=*)(msExchHomeServerName=*)(objectCategory=user)(company=Liftech*))

Thanks
error.PNG
Will SzymkowskiSenior Solution ArchitectCommented:
Sometimes if you have complex address list you should just manually create them in Exchange 2010 and then delete the one from Exchange 2003. All of the default Address Lists should convert without any issues.

Will.
badabing1Author Commented:
Thanks ill try the default address lists and report back.
badabing1Author Commented:
hi Will,

am struggling to convert the default email address policy- I know it can be set using powershell command below, but before I go ahead with this is there a command I can use to check the default email policy to check what email address SMTP it currently has?

Set-EmailAddressPolicy -Identity "Default Policy" -EnabledEmailAddressTemplates SMTP:@fourthcoffee.com,smtp:@contoso.com
Will SzymkowskiSenior Solution ArchitectCommented:
Run the following...
Get-EmailAddressPolicy | select Identity, ExchangeVersion

Open in new window


If you still have Exchange 2003 in your environment all of your mailboxes will get the policy from the 2003 EAP. This is true until you migrate it to the newer version of Exchange.

Will.
badabing1Author Commented:
there is no exchange 2003 server in our environment, all mailboxes are migrated to exchange 2010 as far as I know?
badabing1Author Commented:
also I've noticed there are four global address lists is this normal, should I delete others and leave the default global address list? how many default global address list should be in an exchange 2010 environment?  (I assume one)

I think the others have been migrated from exchange 2003.
Will SzymkowskiSenior Solution ArchitectCommented:
In order for you to run the email address policies migration script you will need to use the -Force option as you have stated the 2003 servers no longer exist.

There should only be 1 default Global Address List.

Will.
badabing1Author Commented:
Thanks Will, I will try this tomorrow and report back.
badabing1Author Commented:
Hi Will,
the -force did not help

i get this error:
Set-EmailAddressPolicy : The recipient policy "Default Policy" with mailbox man
ager settings cannot be managed by the current version of Exchange Management C
onsole. Please use a management console with the same version as the object.


I read this but how do I go about doing the below, do I have to install exchange 2003 console?  -

 this error message indicates that it's not just a recipient policy but that you also have mailbox manager policy settings on this object. Since Mailbox Manager policies no longer exist in Exchange 2007, you need to remove the mailbox manager policy settings from this recipient policy object using Exchange 2003 before you can upgrade the policy to Exchange 2007 version (you can create another mailbox manager policy that has no email address policy settings in Exchange 2003 if you want to keep the mailbox manager settings).

Thanks
badabing1Author Commented:
any more suggestions for this issue?
badabing1Author Commented:
followed this article which helped me to finish line.

http://www.petenetlive.com/KB/Article/0000547.htm
Will SzymkowskiSenior Solution ArchitectCommented:
Not a problem. Glad i could be some help!

Will.
badabing1Author Commented:
Thanks for all your help Will.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.