Using the lEDN avoids an AD lookup. If you have a couple of hours and a magnifying glass, download the Exchange AD Topology diagram and the Exchange Transport diagram and prepare to be bored, but very informed.
The OAB protocol specification and format is also public - it defines this behavior. Exchange is already the largest consumer of AD resources in most environments. If Exchange used AD for every potential access, you'd probably need a 1-for-1 Exchange core to AD core. Ben - you can't do it this way. The correct answer is to export the mailbox. Deleting content, if appropriate. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Mike Tavares Sent: Monday, January 19, 2015 2:26 PM To: [email protected] Subject: Re: [Exchange] Replacing an account, Outlook autocomplete is stubborn I believe the cached entry is using the X:500 address which is why it is still finding the old mailbox instead of the new one. One would think that Exchange would be smart enough to follow the email address but it never has. -----Original Message----- From: Ben Scott Sent: Monday, January 19, 2015 1:32 PM To: [email protected] Subject: [Exchange] Replacing an account, Outlook autocomplete is stubborn ENVIRONMENT Windows Server 2008 R2 Exchange 2010 Windows 7 Outlook 2010 SCENARIO We had to take some user mailboxes offline. Specifically, we needed to disable access to them, such that no users can read or modify the contents, and mail cannot be sent or received using them. However, we need to preserve them for later access in a controlled fashion, as close to as "untouched" as possible. Sort of putting the mailbox in suspended animation/cold storage, if you will. In order to get the people in question back up and running as quickly as possible, we created new accounts for them, and edited the associated email addresses to add their old addresses. We also changed the Exchange aliases. Problem is, for other users in the company who have the target users in their Outlook autocomplete (nickname) cache, Outlook keeps finding the old, disabled account. We would like to have a way to have mail sent to the new accounts, without having to reset or manually fix-up everybody's autocomplete cache. If we've done it all wrong and are now hosed, we'd like to know what to do differently next time. STEPS TO REPRODUCE Suppose an existing user, display name "John Smith", account name "JSMITH", SMTP address "[email protected]". We modify the mailbox permissions of the existing user to remove everything for "SELF". We also set Delivery Restrictions such that only JSMITH can send to that mailbox (effectively meaning, nobody can send to it). We edit the existing user to have display name "John RENAMED Smith". We edit mailbox properties of JSMITH. Change the Exchange alias from "JSMITH" to "JSMITH-RENAMED". Remove X.400 address. Add new SMTP address "[email protected]", set as primary/reply. Remove all other SMTP addresses. We create new user, account name "JSMITH2", display name "John Smith". Add SMTP address "[email protected]", set as primary. Add custom address, type "X400", set to X.400 address previously assigned to JSMITH (copied-and-pasted). Now, we see the new "John Smith" in our GAL, and we can send mail to it. JSMITH2 can send mail to internal and external recipients. External recipients see "[email protected]" as the sender. External senders can send to "[email protected]" and JSMITH2 gets the mail. All good. However, things get weird in Outlook. When someone starts typing "john", the autocomplete list shows "John Smith <JSMITH@example.>". If they [Tab] or click to select it, we see just an underlined name "John Smith". This looks good, but is misleading. If we double click that name, Outlook now shows the email address as "[email protected]". (***PROBLEM***) If we send the message, it promptly comes back as undeliverable because the address is restricted (which it should). SPECULATION I'm guessing that despite displaying "John Smith <[email protected]>", the autocomplete cache actually contains a reference to the original JSMITH account somehow. (Perhaps using the account name, or some other ID that is being used internally, and not displayed. (exchangeLegacyDN, perhaps? That seems to show up whenever weirdness with names in Exchange is happening.) What I'd like to do is find some way to modify Exchange/Active Directory such that the Outlook clients pull the right information for the autocomplete cache information. With the ability to change it back. And without totally screwing up Exchange, of course. If this is just one of those "the software doesn't allow this", is there a better way to approach this problem in the future? -- Ben
