Prev: Outlook picking up the wrong exchange server
Next: Exchange Server 2003 to Server 2007 Migration
From: Mike F on 18 Jun 2010 20:14
This provided the way to do this how I originally intended (by either OU or
AD group- this explains how to apply the policy by group membership)

http://www.tek-tips.com/faqs.cfm?fid=5776



"Mike F" <m(a)m.com> wrote in message
news:DCD129CA-F81D-4004-8E32-C31EABC31764(a)microsoft.com...
> The goal of having the correct recipient policy apply at the time the user
> is created is reduce steps and error when creating a user.
>
> There are 3 different sister companies that have users in different
> countries, not joined to the domian, that will be using Outlook Anywhere
> (RPC over HTTPS)to gain access to their mailboxes. Their email address
> domains for each of the companies are all different and this is what I'm
> trying to control when the user is setup. I can go back into the user
> account and modify the email addresses to make them what they need to be
> manually, but I fear either a recipient policy being reapplied or an admin
> making an error when editing the email addresses manually (or forgetting
> to do that).
>
> Given this extra info, do you have a recommended way to create the user,
> having the correct recipient policy apply to them based on something done
> when creating the user (if not what OU they're in or group membership
> since those don't apparently work)?
>
> Thanks!
>
>
>
> "Rich Matheisen [MVP]" <richnews(a)rmcons.com.NOSPAM.COM> wrote in message
> news:o2pl16l6fjmeddvhl03spjkehemvcpm2j7(a)4ax.com...
>> On Thu, 17 Jun 2010 19:58:16 -0500, "Mike F" <m(a)m.com> wrote:
>>
>>>Can you give a sample of an attribute
>>
>> Sure. How about "extensionattribute1"?
>>
>>>and how I may write an LDAP query to
>>>pick only the user of 1 OU?
>>
>> If you put, say, "XX1" into extensionAttribute1 then the query would
>> be: extensionattribute1=xx1
>>
>>>I would think that attribute is set after the
>>>user is created
>>
>> That's not necessarily true. You can create the user without creating
>> the mailbox. Then you can populate the property and afterwards create
>> the mailbox.
>>
>>>which would mean the recipient policy doens't apply when the
>>>user is created - is that correct?
>>
>> Depends. See above.
>>
>>>Would I have to reapply the policy once
>>>the user attribute is set?
>>
>> If you populate the attribute after you create the mailbox, yes. But
>> how would using the OU work if you moved the user to a different OU
>> after creating the mailbox?
>> ---
>> Rich Matheisen
>> MCSE+I, Exchange MVP
>

From: Rich Matheisen [MVP] on 18 Jun 2010 21:20
On Fri, 18 Jun 2010 07:41:54 -0500, "Mike F" <m(a)m.com> wrote:

>The goal of having the correct recipient policy apply at the time the user
>is created is reduce steps and error when creating a user.

Then automate the creation of mailboxes.

>There are 3 different sister companies that have users in different
>countries, not joined to the domian, that will be using Outlook Anywhere
>(RPC over HTTPS)to gain access to their mailboxes. Their email address
>domains for each of the companies are all different and this is what I'm
>trying to control when the user is setup. I can go back into the user
>account and modify the email addresses to make them what they need to be
>manually, but I fear either a recipient policy being reapplied

Why would you fear that?

>or an admin
>making an error when editing the email addresses manually (or forgetting to
>do that).
>
>Given this extra info, do you have a recommended way to create the user,
>having the correct recipient policy apply to them based on something done
>when creating the user (if not what OU they're in or group membership since
>those don't apparently work)?

Creating a user is an operation separate to assigning a mailbox. You
can create the user, populate the "company" attribute (for example)
and use the value of that attribute in each of the several recipient
policies.

The use of OUs is very often misused in the way that you're attemting
to use them. You may, in the future, find it necessary to move some of
the users to a different OU (to make use of group policies, to allow
different sets of administrators to operate on users within the OU,
etc.). Moving them to another OU wouldn't alter the e-mail address
they've been assigned, but it would mean that you'd have to construct
another recipient policy.

Instead, use a value that belongs to the user no matter where it
exists in your AD hierarchy.
---
Rich Matheisen
MCSE+I, Exchange MVP
First  |  Prev  | 
Pages: 1 2
Prev: Outlook picking up the wrong exchange server
Next: Exchange Server 2003 to Server 2007 Migration