Defining an Exchange 2007 E-Mail Address Policy, Part 1
As we all know, Exchange Server 2007 is a lot different from previous versions of Exchange. One of the changes that Microsoft made in creating Exchange Server 2007 was to get rid of the Recipient Update Service. In case you’re not familiar with the Recipient Update Service, it was the mechanism responsible for stamping e-mail addresses onto Active Directory objects. As you may know, the Recipient Update Service didn’t always behave as anticipated, and sometimes the result long delay before user accounts would be assigned an e-mail address.
In Exchange Server 2007, the Recipient Update Service has been replaced by a new synchronous process that assigns e-mail addresses to Active Directory accounts immediately via the EmailAddressPolicy command. Of course one of the side effects to this change is that the method for creating a new e-mail address policy has changed. The process is still simple, and straight forward, but it is quite a bit different from the process used in Exchange Server 2003.
Before you can create an e-mail address policy, you must first define at least one excepted domain. Accepted domains are generally domains for which the Exchange organization should be authoritative for. In some cases though, an accepted domain can be a domain in a different Active Directory forest within the organization, or an external domain.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
When you deploy the first hub transport server in your Exchange Server organization, Exchange configures the forest root domain as an accepted domain by default. This works fine if your internal and external domain names match, but it causes problems if you use separate domain names. For example, in my organization my production network uses an internal domain name of production.com. However, my external domain name is BrienPosey.com. By default, Exchange is aware of the production.com domain, but not of the BrienPosey.com domain name.
Creating a New Accepted Domain
Creating a new accepted domain is a simple, but essential process. To do so, open the Exchange Management Console and navigate through the console tree to Organization Configuration | Hub Transport. Now, click the New Accepted Domain link, found in the console’s Actions pane. When you do, you will be taken to the screen shown in Figure A. As you can see, you must enter a name for the new domain, and the accepted domain name. Generally, these can be one in the same. You must also specify whether the new domain is an authoritative domain, an internal relay domain, or an external relay domain. When you are done, click the New button, and the new accepted domain will be added to the Accepted Domains tab, as shown in Figure B.
Figure A You must enter a display name and the name of the new accepted domain.
Figure B The new accepted domain appears on the Accepted Domains tab.
An Alternative Method for Defining an Accepted Domain
In case you are wondering, you can use the Exchange Management Shell to define an accepted domain. The command that you would use for doing so is:
New-AcceptedDomain –Name “brienposey.com” –DomainName “brienposey.com” –DomainType “Authoritative”
As you can see, the New-AcceptedDomain command shown above uses the exact same parameters as the New Accepted Domain Wizard does. Simply use the –Name and the –DomainName parameters to supply the display name and the domain name respectively. Notice in the command above that the actual display name and display name are enclosed in quotation marks.
In this particular case, I have set the domain type to Authoritative. However, I could have specified InternalRelay or ExternalRelay instead as a way of defining an internal or an external relay domain.
As you can see, the New-AcceptedDomain command is one of the easier Exchange Management Shell commands to use. Even so, some people seem to have a mental block when it comes to performing actions from the command line. If you need additional help with the New-AcceptedDomain command, you can enter the following command into the Exchange Management Shell to get the command’s full syntax:
In this article, I have explained that defining an accepted domain is a prerequisite to creating an E-mail address policy. I have also walked you through the process of creating an accepted domain. In Part 2, I will conclude the series by showing you how to create an E-mail address policy.
Got a question? Post it on our Exchange Server Forums!