First off, the test AL button in the ESM doesn't build the AL the same way that the RUS does. The RUS does not issue an LDAP query to build the AL, it looks at every object that is detected as changed (or at every object if forced to rebuild) via USN change tracking and manually compares it to the AL LDAP filter. This means that bugs in either mechanism could result in different lists being built, so basically, don't trust what ESM says the AL will have as members, it is pretty worthless. Set the filter and let the AL build the list.
Because of how this is all implemented, there is no domain affinity for the building of the ALs. This means you need to focus on something else. I would not focus on the email addresses since those are also being set/modified by the RUS, you want to use something else. This could be a specific special attribute you set on the objects that allow you to categorize them or add the users/groups to special groups that indicate what domain they are in and add a memberof=somegroupdn component to the filter. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, May 30, 2006 3:53 PM To: [email protected] Subject: [ActiveDir] LDAP query to create Exchange address list - organisation with child domains I am in an organisation of which the Active Directory exists of a parent root domain and 4 child domains. Each child domain has its own address list in Exchange. It is one Exchange organisation with 1 Administrative Group. Let's call these domains A, B, C, and D. When looking at each of these lists I see the following: - Users with Exchange mailbox - Users with an External e-mail address - Groups - Contacts - Public Folders The thing I dont want to see but what I cannot seem to get rid of is the fact that I see (mail enabled) groups from other child domains in the address lists. Each child domain has several Exchange servers which names start with AA or BB or CC or DD, depending on the child domain for which they are serving. For instance the Exchange servers in child domain A, all start with AA. That is why I based the query on AA* for the A child domain. For child domain A the query looks like this: (&(&(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user) (!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person) (objectClass=user)(msExchHomeServerName=*/cn=AA*))(& (objectCategory=person)(objectClass=contact))(objectCategory=group) (objectCategory=publicFolder) )))) What I would like to do is create an Exchange address list without groups from other child domains in it. The strange thing is that when I build a query which consists of groups based on the emailaddress/proxyaddress of that specific child domain, the query gives an output of exactly those groups which are in that child domain, so far soo good. When I then add all users with an emailaddress/proxyaddress to that same query (I do this all from with ESM, right click address list etcetera), I get the message that no items can be found by this criteria. Any help is greatly appreciated. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
