
4 Dec 2019 by Mike Weaver
Inspire: Winning Hearts and Minds
Successful change management requires inspirational leadership. Here’s how to keep your team on track.
The X500 email address, or the X500 Proxy Address, is one of the most important “tricks” of the data migration trade. Regardless of Exchange Version, including Exchange 2010, Exchange 2013, Exchange 2016, or Exchange Online in Office 365, this trick still applies today.
When moving from one environment to another, calendars can be a major challenge. This stems back to the very early days of Exchange.
Back before Exchange was integrated into Active Directory, Exchange used the Legacy Exchange DN for internal recipients. Because of this, internal recipients are actually stored in content, like calendar invites.
The result is that if someone updates a calendar invite after it has been moved to another environment, the internal attendees will get a nasty undeliverable (NDR). The business result is people going to the wrong place at the wrong time, confused users, and frantic emails saying, “DELETE THE BAD INVITE NOW!!”
So the bad news is that if you are here right now, it can be hard to fix this. You need to collect the Exchange Legacy DN from the source before the move to make it easier. You can fix this as they come in by just taking the Exchange Legacy DN from the NDR, but that won’t scale.
The good news for Quadrotech’s Radar Reporting customers is we collect this for you. For Cloud Commander customers, you are not likely reading this as we do this entire process by default!
So…here is one method to collect the Exchange Legacy DN before migration and three ways to correct it after migration. (with some other helpful info!)
This is one of my favorite scripts. It has been added to over the years. This script will collect the following:
You’re probably wondering how do I run this collection script?
So I’ve provided you with the script at the bottom of this article!
Always test all scripts in a test environment!
Target Correction
If you just have a few accounts to change or want to investigate the issue further, you can use ADUC to do this, with Advanced Features Turned On.
You can also add the X500 Proxy Address in the Proxy Address Section of Microsoft Exchange. In this example, I will do this in Exchange 2016
1. Log into the Exchange Admin Center
2. Click on Recipients
3. On the mailbox screen search for the user, you want to update and open the properties of the account
4. Choose the email addresses tab on the left-hand side
5. Click the + button
6. For the address type choose custom and type “x500
7. In the email address, copy and paste the Exchange Legacy DN
8. Click OK
9. Wait for replication
You can also do these functions in PowerShell using the Active Directory Module. This script can be used to add the X500 Address address.
Login to a computer with the Active Directory tools installed. You can import the module (import-module or just launch the “Active Directory for Windows PowerShell” application
A B C D
Example: Set-ADUser MIWETestAA -add @{ProxyAddresses”x500:/o=ExchangeLabs/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=0511b2015ac3521f8355f08ca5be1af1-MIWE TestAA”}
As always, practice on a test user first! If for some reason you make a mistake, you can edit the addresses using the attribute editor in the section above if you need a visual.
In closing, hopefully, this has helped answer your question, ‘What is the X500 email address?’ Quadrotech stands ready to help you with your migration projects. Check out some of our product pages, or get in touch with us!
Script:
$BaseFileName = 'c:\output\Quadrotech\QT_Userinformation.csv'
$ProxyFileName = 'c:\output\Quadrotech\QT_ProxyAddresses.csv'
if (Test-Path $BaseFileName) { Remove-Item $BaseFileName -force }
if (Test-Path $ProxyFileName) { Remove-Item $ProxyFileName -force }
Add-Content $BaseFileName "SamAccountName,Display Name,Office,City,State,Department, Last Login, Enabled?,PasswordExpired?,MailNickName,LegacyExchangeDN,Manager UPN"
Add-Content $ProxyFileName "SamAccountName,ProxyAddress"
$Users = Get-ADUser -filter {LegacyExchangeDN -like "*"} -Properties SamAccountName, displayname, Office, City, State, Department, lastLogonTimestamp, Enabled, PasswordExpired, MailNickName, LegacyExchangeDN, proxyaddresses,manager
foreach ($user in $Users)
{
$userprops = [ordered]@{}
$userprops["SAMName"] = $user.SamAccountName
$userprops["DisplayName"] = $user.displayname
$userprops["Office"] = $user.Office
$userprops["City"] = $user.City
$userprops["state"] = $user.State
$userprops["Department"] = $user.Department
$userprops["lastlogindate"] = [datetime]::FromFileTime($user.lastLogonTimestamp)
$userprops["Enabled"] = $user.Enabled
$userprops["passwordexpired"] = $user.passwordexpired
$userprops["mailnickname"] = $user.mailnickname
$userprops["legacyExchangeDN"] = $user.legacyExchangeDN
$userprops["mgrUPN"] = $(try { (get-aduser $user.manager).userprincipalname} catch {})
Add-Content $BaseFileName ($userprops.Values -join ",")
foreach ($addr in $User.proxyaddresses) { Add-Content $ProxyFileName ($userprops.SAMName + "," + $addr) }
}