Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Exchange 2010 old user returned
Hello,
We are running Small Business Server 2011 with Exchange 2010. it has been patched and updated recently to the latest updates.
We had a user, AJ, that left the company 3 years ago. His account was deleted a few months, maybe 6, after he left. The mailbox was deleted and the AD User. when he returned we created the account as new and added a mailbox. we are having some issues with people not being able to email him. we get hard bounces with what looks like and LDAP lookup string being the unknown address.
I have done some research and it points to the X500 address being wrong. everything I have used to find the proper legacy email DN has failed. i used a powershell command from the exchange management console, but that did not seem to work. all the examples I have read about don't quite line up with what I'm seeing. I was told to get the legacy info from ADSI, but I don't have the attribute tab.
Any suggestions that might help?
Thanks,
Matt.
We are running Small Business Server 2011 with Exchange 2010. it has been patched and updated recently to the latest updates.
We had a user, AJ, that left the company 3 years ago. His account was deleted a few months, maybe 6, after he left. The mailbox was deleted and the AD User. when he returned we created the account as new and added a mailbox. we are having some issues with people not being able to email him. we get hard bounces with what looks like and LDAP lookup string being the unknown address.
I have done some research and it points to the X500 address being wrong. everything I have used to find the proper legacy email DN has failed. i used a powershell command from the exchange management console, but that did not seem to work. all the examples I have read about don't quite line up with what I'm seeing. I was told to get the legacy info from ADSI, but I don't have the attribute tab.
Any suggestions that might help?
Thanks,
Matt.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
This is a complete explanation but do skip to the point where the legacydn is buolt using the NDR and added as x500 to the proxy addresses
So the NDR string that comes back can be converted and entered as another address. Will that resolve the issue immediately or do I need to update the GAL?
Also does it make sense that it failed using OWA from inside the network, but worked sending from Outlook on my Android phone?
Also, can I see what the current legacy address is for the user, I have read posts about looking at the attributes in the user panel. But I don't have that tab.
Also does it make sense that it failed using OWA from inside the network, but worked sending from Outlook on my Android phone?
Also, can I see what the current legacy address is for the user, I have read posts about looking at the attributes in the user panel. But I don't have that tab.
this is not a GAL issue but outlook issue. if you delete the problem user's email address from your outlook autocomplete and get then get the address from the GAL you will be able to successfully send the email.
yes get the address from the NDR and convert it according to the link I sent you and then add to the email addresses on the problem mailbox and it should resolve your issue. It's not instant, you will still have to wait for the OAB to update.
yes get the address from the NDR and convert it according to the link I sent you and then add to the email addresses on the problem mailbox and it should resolve your issue. It's not instant, you will still have to wait for the OAB to update.
@tmgreen Nope: the old legactexchangedn is stamped in emails too so you can get the very same error also replying to old emails or calendar invites.
agreed in regards to applying to old emails, but I don't think that was the question the author asked. but I do agree.
@matthew Also owa has cached addresses but activesync devices should not. So yes that should solve without updating the GAL when replying to old items
@tim yes it applies because when reconnecting a disconnected mailbox the new user gets a new legacydn stamped
So what about OWA, I thought it read from the OAB directly. Some tests failed for OWA.
I'm trying to get a better handle on how all the various components work to get the proper address.
So basically, Outlook is caching the old X500 address and trying to send to that. The NDR has what it is trying to sens to, which is the old X500 address.
What about external sensors using outlook and auto fill? Would they be using the old X500 as well or is it only inside the company, outlook clients with auto fill from before the address was deleted?
I'm trying to get a better handle on how all the various components work to get the proper address.
So basically, Outlook is caching the old X500 address and trying to send to that. The NDR has what it is trying to sens to, which is the old X500 address.
What about external sensors using outlook and auto fill? Would they be using the old X500 as well or is it only inside the company, outlook clients with auto fill from before the address was deleted?
they created a new mailbox according to the authors question. they didn't reconnect the original mailbox.
Correct.
User and mailbox AJ was deteled.
Employee came back, user and mailbox Aj was created as new.
User and mailbox AJ was deteled.
Employee came back, user and mailbox Aj was created as new.
owa can cache old addresses also based on usage, so if you use outlook alot owa will attempt to keep the uniformity and cache those addresses and can be cleared in owa also. x500 addresses are internal and and not external.
I’ve seen it Only internal but sometimes external addresses get IMCEAX type address as sender (i believe they come off old exchange installs only).
I currently do have a similar issue that i’m finding hard to grasp fully so I would suggest you to proceed for incremental changes: first check that your issue is solved by adding these address as proxyaddresses, then come back eventually (note that this works with my own issue but as solution it does not scale easily to hundred of thousand users because i find it hard looking at the tacking logs to match a IMCEAEX address in the NDR with the related smtp address the eamil was sent to - that may well be a question of its own, though.)
I currently do have a similar issue that i’m finding hard to grasp fully so I would suggest you to proceed for incremental changes: first check that your issue is solved by adding these address as proxyaddresses, then come back eventually (note that this works with my own issue but as solution it does not scale easily to hundred of thousand users because i find it hard looking at the tacking logs to match a IMCEAEX address in the NDR with the related smtp address the eamil was sent to - that may well be a question of its own, though.)
if you want to disable owa caching see following:
http://office365support.ca/disable-outlook-web-app-owa-offline-cache-mode-office-365-exchange-online/
http://office365support.ca/disable-outlook-web-app-owa-offline-cache-mode-office-365-exchange-online/
@tim the fact that the mailbox was newly provisioned does not make any difference since it will have the same smtp address which is sued to retrieve cached items and old emails, which in turn contain the old legacyexchangedn
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - PowerPoint 2016… 224 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2007 Inter… 197 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Outlook 2013 Par… 139 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2016 Part … 174 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
https://support.microsoft.com/en-us/help/2807779/imceaex-non-delivery-report-when-you-send-email-messages-to-an-interna