Microsoft KB Archive/317298

= XADM: How to Create E-Mail Addresses Based on Recipient Policies =

PSS ID Number: 317298

Article Last Modified on 4/1/2004

-

The information in this article applies to:


 * Microsoft Exchange 2000 Server

-



This article was previously published under Q317298



SUMMARY
If you are hosting multiple e-mail domains in your Microsoft Exchange Server organization, you may want to create e-mail addresses that are based on group memberships. To do this, create a separate recipient policy for each group.



MORE INFORMATION
To create the filter criterion for the policy, you have to know the fully qualified domain name (FQDN) of the group. If you are not sure what the correct name is, the easiest way to find it is to use ADSI Edit. This tool is included on the Microsoft Windows 2000 CD-ROM in the Support folder. To find the FQDN, follow these steps:
 * 1) Click Start, point to Programs, point to Windows 2000 Support Tools, point to Tools, and then click ADSIEdit.
 * 2) In ADSI Edit, locate the Users container under the Domain NC, and then expand the Users container.
 * 3) Right-click the group object, and then click Properties.
 * 4) On the Attributes tab, you find the path name. Write down everything that is displayed after the letters &quot;LDAP://server.org.domain/&quot;. This string is the group's FQDN. The FQDN's syntax is &quot;CN=Groupname,CN=Users,DC=Org,DC=Domain&quot;.

To create a recipient policy that applies to all members of the specific group, follow these steps:
 * 1) Start the Exchange System Manager
 * 2) Expand the Recipients folder, and then click Recipient Policies in the left pane.
 * 3) Right-click Recipient Policies, and then click New Recipient Policy on the shortcut menu.
 * 4) In the Name box, type a name for the recipient policy.
 * 5) Click Modify.

The Find Exchange Recipients dialog box appears. In the Find Exchange Recipients dialog box, you can create a filter for users to which the recipient policy will apply.
 * 1) Click the Advanced tab.
 * 2) Click Field, click User, and then click Group Membership.
 * 3) Set the Condition to Is (exactly), type the group's FQDN in the Value box, and then click Add.

Note The term Is (exactly) may be misleading. A user can belong to multiple groups and have a multivalued value for his or her memberOf property. Is (exactly) still finds the match as long as the user has one complete group membership string that matches the entry in the Find dialog box.
 * 1) Click Find Now to test the filter.
 * 2) Click OK to close the Find Exchange Recipients dialog box.
 * 3) Click the E-mail Addressing tab, and then change the generation rules the way that you want.
 * 4) Click OK to close the   Properties dialog box, where   is the name that you chose in step 4.

For additional information about how to create a recipient policy that filters users based on their user principal name (UPN) suffix names, click the following article numbers to view the articles in the Microsoft Knowledge Base:

325921 How to configure e-mail addresses based on domain membership

318635 How to manage address lists when you host virtual organizations

Note If you have a very limited number of users who must receive e-mail for a specific domain, you can manually add the users' addresses to a recipient policy. For additional information about how to manually add users' addresses to a recipient policy, click the following article number to view the article in the Microsoft Knowledge Base:

268838 Configuring Exchange to receive mail from multiple domains

To add the e-mail addresses manually, you can modify users' properties individually in Active Directory Users and Computers to add the Simple Mail Transfer Protocol (SMTP) address that you want on the E-Mail Addresses tab. This will tell your Exchange server that it can accept mail for the specified e-mail domain. You also need an appropriate mail exchanger (MX) resource record for the added e-mail domain.

Note Group membership is based on the backlink attribute memberOf, therefore you must either modify a non-calculated attribute on the user, or force a rebuild of the Recipient Update Service to force the Recipient Update Service to process the object.

If you do not have ADSIEdit installed, you can also use the LDP utility to find the group's FQDN.

Warning If you use the ADSI Edit snap-in, the LDP utility, or any other LDAP version 3 client, and you incorrectly modify the attributes of Active Directory objects, you can cause serious problems. These problems may require you to reinstall Microsoft Windows 2000 Server, Microsoft Windows Server 2003, Microsoft Exchange 2000 Server, Microsoft Exchange Server 2003, or both Windows and Exchange. Microsoft cannot guarantee that problems that occur if you incorrectly modify Active Directory object attributes can be solved. Modify these attributes at your own risk.

Note Only the recipient policy with the highest priority applies if the criteria of multiple recipient policies match the object. In a mixed-mode Exchange Server environment, the policies' priorities cannot be changed. By default, the site policy has the highest priority. This is why you cannot use the method in this article in a mixed-mode Exchange Server environment.

For additional information about recipient policies, click the article number below to view the article in the Microsoft Knowledge Base:

319201 HOW TO: Use Recipient Policies to Control E-mail Addresses

For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

304516 XADM: Address list filter based on group membership does not apply

Keywords: kbhowto KB317298

Technology: kbExchange2000Search kbExchange2000Serv kbExchange2000ServSearch kbExchangeSearch

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© 2004 Microsoft Corporation. All rights reserved.