
close
close
Want to know about the security benefits of Microsoft's E5 license?
Finding delegates in Active Directory
When using Exchange 2000/2003 there are very common situations where users define delegates in their mailboxes in order to let others manage their mailboxes. For example – a managers and his or her secretary (send of behalf).
The problem occurs when one of the employees that was configured as a delegate (for example user A) has left the company. When user B sends a meeting request for the manager, user B will receive an NDR because user A no longer exists in Active Directory, but is still configured as a delegate for user B.
In this scenario we will use 3 users:
We are going to use the LDIFDE command (from the Windows 2003 Support Tools – or in the Windows 2003 CDROM). This command queries 2 attributes in the AD that can be found for every user object:
As a side note, you can view these attributes by using ADSIedit.msc (also from the Windows 2003 Support Tools) and navigating to the following path:
Download the Windows 2003 Support Tools
In the following command I will export all the publicDelegates users and the publicDelegatesBL for users that are located in an OU called “Users”, to a text file named C:
Delegates.txt:c:>ldifde -f C: delegates.txt -d "ou=users,dc=domain,dc=com" -l name,publicDelegates,publicDelegatesBL -r "(|(publicDelegates=*)(publicDelegatesBL=*))"
Explanation:
-f – assigns the output to the file named C:
You can run the command on the entire domain and not on a specific OU. If you choose to do so, use “dc=domain,dc=com” instead of “ou=users,dc=domain,dc=com”.
Lamer note: I know that the default “Users” container in AD is not an OU and therefore should be addressed as “CN=Users…”, this is just for the sake of the example.
What does the output file tell us?
More in Exchange Server
Kaspersky Discloses New 'SessionManager' Backdoor Targetting Microsoft Exchange Servers
Jul 1, 2022 | Rabia Noureen
M365 Changelog: (Updated) Safe Links Global Settings Migrated to Custom Policies
Jun 28, 2022 | Petri Staff
Microsoft Postpones the Release of Next Version of Exchange Server Until 2025
Jun 3, 2022 | Rabia Noureen
M365 Changelog: Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail to be retired
May 24, 2022 | Petri Staff
M365 Changelog: (Updated) Microsoft Defender for Office 365: Updates to URL Protection Report
May 24, 2022 | Petri Staff
Most popular on petri