Tuesday, 10 August 2010

How To Manage Address List Distribution (Offline Address Books)

Address Lists can be made available to users offline by allowing them to download 'Offline Address Lists' or OABs. OAB are files containing address lists that can be downloaded to clients in two main ways:

  1. Outlook 2007 clients can download OABs by connecting to a web service on the Exchange Server (virtual directory)
  2. Outlook 2003 and earlier clients have to download OABs from a system public folder. 
To create an OAB that relys on web based distribution try the following cmdlet:

[PS] New-OfflineAddressBook -Name "Trainers Starting with A OAB" -AddressLists "Trainers Starting with A"

Once the OAB has been created you can define which OAB users should receive. You can do this in two ways:

  1. Attach an OAB to a mailbox database
  • [PS] Set-MailboxDatabase -Identity "DB1" -OfflineAddressBook "Trainers Starting with A"
     2.  Specify an OAB for particular users
  • [PS] Set-Mailbox "Andrew Stevens" -OfflineAddressBook "Trainers Starting with A"

How To Manage Address List Content

Creating Address Lists

The following cmdlet will show you how to create an address list based on certain Active Directory attributes:

[PS] New-AddressList -Name "The Training Department" -IncludedRecipients MailboxUsers -ConditionalDepartment Training 

The 'conditionaldepartment' attribute is based on a number of different AD attributes. Some of them are shown below:

1. Company
2. Department
3. State or province

Just include 'conditional' in front of these attributes as shown in the above cmdlet.

You can create an address list using custom filters rather that relying on the predefined AD attributes. This makes creating building address lists fun! For example, if you wanted to create an address list which defines usermailbox recipients that have a surname which starts with the letter 'A' try typing the following cmdlet:

[PS] New-AddressList -Name "Trainers Starting with A" -RecipientFilter {((RecipientType -eq 'UserMailbox') -and (Lastname -like 'A*'))}

You can update this address list by typing the following cmdlet:

[PS] Update-AddressList -Identity "Trainers Starting with A"

Who Can View the Address List Created

Now the address list has been created you can customize who can view the address list. By default all users can see the list but you can change this if you want. For example, considering the above address list you can only members of the Training Department to view 'Trainers Starting with A'. To do this use the following two cmdlets:

1. Remove the permission that allows all authenticated users to view the address list

[PS] Remove-ADPermission "Trainers Starting with A" -User "Authenticated Users" -ExtendedRights "Open Address List" -Confirm:$false

2. Define which security group can view the address list

[PS] Add-ADPermission "Trainers Starting with A" -User "Training Department" -ExtendedRights "Open Address List" -Confirm:$false

The above "Training Department" is a security group. If you want to view the membership of an address list try typing the following cmdlet:

[PS] Get-AddressList "Trainers Starting with A"

Thursday, 5 August 2010

Email Address Policies

Email Address Policies

Consider this scenario: You have decided on using a UPN suffix of while using an AD domain name of companyname.local. This will enable your users to have a single log in name that matches their email address. As the domain name is companyname.local the default email address (smtp address) will be based on the same name. User Andrew would have therefore an email address of andrew@companyname.local

This of course is not suitable for Internet messaging and also does not match the upn suffix. To make this right we need to configure a second email address policy. In this policy, we would define an email address of and apply it to user mailboxes. That's recipients with mailboxes in your Exchange organization. Here's how to do it:

1. Configure an accepted domain based on the address (see earlier posts)
2. Use the following cmdlet to create an email address policy called

[PS] New-EmailAddressPolicy "" -IncludedRecipients MailboxUsers -EnabledPrimarySMTPAddress ""

The variables used above will create a policy that uses firstname (g) and last name (s). Other variables are shown below

To apply a policy once created use the following cmdlet
[PS] Update-EmailAddressPolicy ""