5.2 Mail-Enabling Existing User Accounts
When a user already has an account in Active Directory, you can
mail-enable the account using the Exchange Management Console and the
Exchange Management Shell. In the Exchange Management Console, you can
mail-enable an existing user account by completing the following steps:
-
In the Exchange Management Console, expand and then select the Recipient Configuration node.
Note
If you want to create the user account in a domain other than the
current one, you first need to set the scope for the Recipient
Configuration node.
-
Right-click the Recipient Configuration node, and then select New Mail User. This starts the New Mail User Wizard. -
On the Introduction page, select Existing User and then click Browse. This displays the Select User dialog box. -
In the Select User dialog box, select the user account you want to
mail-enable and then click OK. User accounts for the current domain are
listed by name and organizational unit.
Note
Accounts listed don't yet have an Exchange mailbox or e-mail
association. If you don't see the user you want to use, you may need to
change the scope by selecting Modify Recipient Picker Scope on the
Scope menu, selecting the appropriate scope using the options provided,
and then clicking OK.
-
Click Next. On the Mail Settings page, enter an Exchange alias for
the user. The Exchange Management Console uses the alias to set the
user's e-mail address. -
To the right of the External E-Mail Address text box is an Edit
button. Click the down arrow next to the Edit button to display two
options:
-
SMTP Address Select SMTP Address to associate a standard SMTP e-mail address with the user. Enter the e-mail address, and then click OK. -
Custom Address
Click Custom Address to associate a custom e-mail address with the
user. Enter the e-mail address, and then enter the e-mail address type.
Click OK.
-
Click Next, and then click New. Exchange Management Console
mail-enables the user account you previously selected. If an error
occurs, the user account will not be mail-enabled. You will need to
correct the problem and repeat this procedure. Click Finish.
You can mail-enable an existing user account using the Enable-MailUser cmdlet. Example 3
shows the syntax and usage. For the identity parameter, you can use the
user's display name, logon name, or user principal name.
Example 3. Enable-MailUser cmdlet syntax and usage
Syntax
Enable-MailUser -Identity Identity -ExternalEmailAddress EmailAddress
[-Alias ExchangeAlias] [-DisplayName Name] [-DomainController
FullyQualifiedName] [-MacAttachmentFormat <BinHex | UuEncode |
AppleSingle | AppleDouble>] [-MessageBodyFormat <Text | Html |
TextAndHtml>] [-MessageFormat <Text | Mime>] [-PrimarySmtpAddress
SmtpAddress] [-UsePreferMessageFormat <$true | $false>]
Usage
Enable-MailUser -Identity "cpandl.com/Marketing/Frank Miller"
-Alias "Frankm" -ExternalEmailAddress "SMTP:[email protected]"
5.3 Managing Mail-Enabled User Accounts
You can manage mail-enabled users in several ways. If a user account
should no longer be mail-enabled, you can disable mail forwarding. To
disable mail forwarding in the Exchange Management Console, right-click
Mail User and then select Disable. When prompted to confirm, click Yes.
At the Exchange Management Shell prompt, you can disable mail
forwarding using the Disable-MailUser cmdlet, as shown in Example 4.
Example 4. Disable-MailUser cmdlet syntax and usage
Syntax
Disable-MailUser -Identity Identity [-DomainController
FullyQualifiedName] [-IgnoreDefaultScope {$true | $false}]
Usage
Disable-MailUser -Identity "Frank Miller"
If you no longer need a mail-enabled user account, you can
permanently remove it from Active Directory. To remove a mail-enabled
user account in the Exchange Management Console, right-click the Mail
User and then select Remove. When prompted to confirm, click Yes. At
the Exchange Management Shell prompt, you can remove a mail-enabled
user account by using the Remove-MailUser cmdlet, as shown in Example 5.
Example 5. Remove-MailUser cmdlet syntax and usage
Syntax
Remove-MailUser -Identity "Identity" [-DomainController DCName]
[-IgnoreDefaultScope {$true | $false}]
[-KeepWindowsLiveID {$true | $false}]
Usage
Remove-MailUser -Identity "Frank Miller"
5.4 Creating Domain User Accounts with Mailboxes
In the Exchange Management Console, you can create a new user account with a mailbox by completing the following steps:
-
In the Exchange Management Console, expand and then select the Recipient Configuration node.
Note
If you want to create the user account in a domain other than the
current one, you first need to set the scope for the Recipient
Configuration node.
-
Right-click the Recipient Configuration node, and then select New Mailbox. This starts the New Mailbox Wizard. -
Click Next twice to accept the default selections on the
Introduction page (to create a user mailbox) and the User Type page (to
create a new user account with a mailbox). -
On the New Mailbox User Information page, shown in Figure 7
the Organizational Unit text box shows where in Active Directory the
user account will be created. By default, this is the Users container
in the current domain. Because you'll usually need to create new user
accounts in a specific organizational unit rather than in the Users
container, select the Specify The Organizational Unit check box and
then click Browse. Use the Select Organizational Unit dialog box to
choose the location in which to store the account, and then click OK. -
Type the user's first name, middle initial, and last name in the
text boxes provided. These values are used to create the Name entry,
which is the user's display name. -
As necessary, make changes to the Name text box. For example, you
might want to type the name in LastName FirstName MiddleInitial format
or in FirstName MiddleInitial LastName format. The full name must be no
more than 64 characters in length. -
In the User Logon Name text box, type the user's logon name. Use the
drop-down list to select the domain with which you want to associate
the account. This sets the fully qualified logon name.
-
The first 20 characters of the logon name are used to set the
pre–Windows 2000 logon name, which must be unique in the domain. If
necessary, change the pre–Windows 2000 logon name. -
Type and then confirm the password for the account. This password
must follow the conventions of your organization's password policy.
Typically, this means that the password must be at least six characters
in length and must use three of the four available character types:
lowercase letters, uppercase letters, numbers, and symbols. -
If you want to ensure that the user changes the password at next logon, select the User Must Change Password At Next Logon check box. Click Next. -
As shown in Figure 8 enter an Exchange alias for the user. The Exchange Management Console uses the alias to set the user's e-mail address. -
If you want to specify a mailbox database rather than use one that
is selected automatically, select the Specify Mailbox Database check
box, and then click the Browse button to the right of the Mailbox
Database text box. In the Select Mailbox Database dialog box, choose
the mailbox database in which the mailbox should be stored. Mailbox
databases are listed by name as well as by associated server.
Exchange uses the mailbox provisioning load balancer to select a
database to use when you create a mailbox and do not specify the
mailbox database to use.
-
If you want to apply a managed
folder mailbox policy to the mailbox, select the Managed Folder Mailbox
Policy check box, and then click the related Browse button. In the
Select Managed Folder Mailbox Policy dialog box, choose the policy to
apply and then click OK.
Exchange Server 2010 uses managed folder mailbox policies in the
same way as Exchange Server 2007. These policies are part of the
Messaging Records Management feature. However, managed folder mailbox
policies are being phased out in favor of retention policies and
retention tagging. Because no default policy is applied to a new
mailbox, you must explicitly assign a policy, either when you create
the mailbox or later by editing the mailbox's properties.
Tip
In a mailbox's Properties dialog box, you can specify the managed
mailbox folder policy to use by double-clicking the Messaging Records
Management option on the Mailbox Settings tab, selecting the Managed
Folder Mailbox Policy check box, and clicking the related Browse
button. In the dialog box provided, select the policy to use and then
click OK.
-
If you want to apply an Exchange ActiveSync policy to the mailbox,
select the Exchange ActiveSync Mailbox Policy check box, and then click
the related Browse button. In the Exchange ActiveSync Mailbox Policy
dialog box, choose the policy to apply and then click OK.
When you install Exchange Server, a default Exchange ActiveSync mailbox policy is created.
This policy is applied automatically to all new mailboxes you create
unless you specify a different policy to use. To view the settings for
the default policy, enter get-activesyncmailboxpolicy –identity "Default"
in the Exchange Management Shell. -
Click Next. If you want to create an archive mailbox for the user,
select the related check box. Items in the user's mailbox will be moved
automatically to the archive mailbox based on the default retention
policy.
When you install Exchange Server, a default retention policy is
created for all archive mailboxes.
This policy is applied automatically to all new mailboxes you create
unless you specify a different policy to use. To view the settings for
the default policy, enter get-retentionpolicy –identity "Default Archive Policy"
in the Exchange Management Shell. -
Click Next, and then click New to create the account and the related
mailbox. If an error occurs during account or mailbox creation, the
Exchange Management Console will create neither the account nor the
related mailbox. You need to correct the problem and repeat this
procedure. -
Click Finish. For all mailbox-enabled accounts, an SMTP e-mail
address is configured automatically. You can also add more addresses of
the same type. For example, if Brian Johnson is the company's human
resources administrator, he might have the primary SMTP address of [email protected] and an alternate SMTP address of [email protected]. -
Creating the user account and mailbox isn't the final step. You might also want to do the following:
-
Add detailed contact information for the user, such as a business phone number and title. -
Add the user to security and distribution groups. -
Associate additional e-mail addresses with the account. -
Enable or disable Exchange features for the account. -
Modify the user's default delivery options, storage limits, and restrictions on the account. -
Apply a retention policy other than the default to the mailbox.
In the Exchange Management Shell, you can create a user account with a mailbox by using the New-Mailbox cmdlet. Example 6 provides the syntax and usage. When you are prompted, enter a secure password for the new user account.
Example 6. New-Mailbox cmdlet syntax and usage
Syntax
New-Mailbox -Name Name -Password Password
-UserPrincipalName UserNameAndSuffix
[-MailboxPlan <MailboxPlanIdParameter>] {AddtlParams} {ModParams}
New-Mailbox -Name Name -Password Password -WindowsLiveID WindowsLiveId
[-EvictLiveId {$true | $false}] [-MailboxPlan MailboxPlanId]
{AddtlParams} {ModParams}
New-Mailbox -Name Name -UserPrincipalName UserNameAndSuffix
[-MailboxPlan MailboxPlanId] {AddtlParams} {ModParams}
New-Mailbox -Name Name -UseExistingLiveId {$true | $false} -WindowsLiveID
WindowsLiveId [-MailboxPlan MailboxPlanId] {AddtlParams} {ModParams}
New-Mailbox -Name Name -Shared {$true | $false} -UserPrincipalName
UserNameAndSuffix [-Password Password] {AddtlParams} {ModParams}
New-Mailbox -Name Name -Room {$true | $false} -UserPrincipalName
UserNameAndSuffix [-Password Password] {AddtlParams} {ModParams}
New-Mailbox -Name Name -Equipment {$true | $false} -UserPrincipalName
UserNameAndSuffix [-Password Password] {AddtlParams} {ModParams}
New-Mailbox -Name Name -LinkedDomainController DCName
-LinkedMasterAccount Identity -UserPrincipalName UserNameAndSuffix
[-LinkedCredential Credential] [-Password Password]
{AddtlParams} {ModParams}
New-Mailbox -Name Name -ImportLiveId {$true | $false} -WindowsLiveID
WindowsLiveId {AddtlParams} {ModParams}
New-Mailbox -Name Name -Arbitration {$true | $false} -UserPrincipalName
UserNameAndSuffix [-Password Password] {AddtlParams}
New-Mailbox -Name Name -FederatedIdentity FederatedId -WindowsLiveID
WindowsLiveId {AddtlParams}
{ModParams}
[-ArbitrationMailbox ModeratorMailbox] [-ModeratedBy Moderators]
[-ModerationEnabled <$true | $false>] [-SendModerationNotifications
<Never | Internal | Always>]
{AddtlParams}
[-ActiveSyncMailboxPolicy MailboxPolicyId] [-Alias ExchangeAlias]
[-Archive {$true | $false}] [-Database DatabaseId] [-DisplayName Name]
[-DomainController FullyQualifiedName] [-FirstName FirstName]
[-Initials Initials] [-LastName LastName] [-ManagedFolderMailboxPolicy
MailboxPolicyId] [-ManagedFolderMailboxPolicyAllowed {$true | $false}]
[-Organization OrgName] [-OrganizationalUnit OUName] [-PrimarySmtpAddress
SmtpAddress] [-QueryBaseDNRestrictionEnabled <$true | $false>]
[-RemoteAccountPolicy RemoteAccountPolicyId] [-ResetPasswordOnNextLogon
<$true | $false>] [-SamAccountName PreWin2000Name] [-SharingPolicy
SharingPolicyId] [-ThrottlingPolicy ThrottlingPolicyId]
Usage
New-Mailbox -Name "Shane S. Kim" -Alias "shanek"
-OrganizationalUnit "cpandl.com/Engineering"
-Database "Engineering Primary"
-UserPrincipalName "[email protected]" -SamAccountName "shanek"
-FirstName "Shane" -Initials "S" -LastName "Kim"
-ResetPasswordOnNextLogon $true -Archive $true
|
