Recipe17.11.Mailbox-Enabling a User


Recipe 17.11. Mailbox-Enabling a User

Problem

You want to create a mailbox for a user. This is also known as mailbox-enabling a user.

Solution

Using a graphical user interface

  1. Open the ADUC snap-in.

    This needs to be run on a workstation or server that has the Exchange Management Tools loaded (see Recipe 17.6).


  2. If you need to change domains, right-click on Active Directory Users and Computers in the left pane, select Connect to Domain, enter the domain name, and click OK.

  3. In the left pane, browse to the parent container of the user, right-click on the user, and select Exchange Tasks.

  4. On the Welcome screen, click Next.

  5. Select Create Mailbox and click Next.

  6. Verify the mail alias is what you want, select the server you want the mailbox on, select which store where you want the mailbox, and click Next.

  7. On the Completion screen, click Finish.

Using a command-line interface
> exchmbx -b "<UserDN>" -cr "<server>:<storage group>:<mail store>"

Or alternatively, run the following command:

> exchmbx -b <UserDN> -cr "<Home MDB URL>"

To mailbox-enable user joe with a mailbox on Exchange Server SRV1, Storage group SG1, and mailbox store DB1, execute the following command:

> exchmbx -b "cn=joe,cn=users,dc=rallencorp,dc=com" -cr "srv1:sg1:db1"

I highly recommend that you keep your storage group and mailbox store names short, simple, and "space" free. Spaces are troublesome to deal with at the command prompt and have caused many administrators unneeded grief. If you do not use spaces and other special characters, you can dispense with the quotes in all of the command-line examples.


Replace <UserDN> with the user's distinguished name, <server> with the Exchange server name, <storage group> with the storage group, <mail store> with the mail store, and <Home MDB URL> with the full homeMDB URL for the desired mailbox store.

Using VBScript
' This code creates a mailbox for a user. ' ------ SCRIPT CONFIGURATION ------ strUserDN = "<UserDN>"   ' e.g., cn=jsmith,cn=Users,dc=rallencorp,dc=com strHomeMDB = "<Home MDB DN>"  ' e.g. CN=Mailbox Store (SERVER),CN=First Storage Group,CN=InformationStore, ' CN=SERVER,CN=Servers,CN=First Administrative Group,CN=Administrative Groups, '      CN=RALLENCORPMAIL,CN=Microsoft Exchange,CN=Services, '      CN=Configuration,DC=rallencorp,DC=com" ' ------ END CONFIGURATION --------- set objUser = GetObject("LDAP://" & strUserDN) objUser.CreateMailBox strHomeMDB objUser.SetInfo( ) Wscript.Echo "Successfully mailbox-enabled user."

Discussion

A mailbox-enabled user is a user who has a mailbox defined in the Exchange organization where the user object exists. This is the most common object in an Exchange organization.

Mailbox-enabling a user requires Exchange Data Administrator permissions. See the Discussion for Recipe 17.7.


When you create a mailbox for a user with the GUI or VBScript, you call out to the CreateMailbox CDOEXM interface. In the background, the specific changes made by the CreateMailbox method are on the user object in Active Directory and include changes to the following attributes:

  • mDBUseDefaults

  • msExchUserAccountControl

  • homeMTA

  • msExchHomeServerName

  • homeMDB

  • mailNickname

  • msExchMailboxGuid

  • msExchMailboxSecurityDescriptor

  • legacyExchangeDN

Once all of those attributes are in place, the RUS sets additional attributes on the user object. The mailbox cannot be used nor receive email until the RUS has gone through this stamping process.

Using a graphical user interface

Creating a mailbox when you create a new user is a trivial task with ADUC because you simply need to specify the email alias and where in the Exchange organization the mailbox should reside. All of the guesswork on where the mailbox can go is removed because you have to select the location from the drop-down menu.

Using a command-line interface

Prior to the ExchMbx tool, there was no simple way to mailbox-enable a user from the command line. The LDIFDE method is not feasible because the msExchMailboxSecurityDescriptor attribute is a binary value and difficult to manipulate with LDIF files and text editors. For flexibility, ExchMbx allows you to specify the entire homeMDB URL, or you can specify the server, storage group, and mailbox store.

If you want to mailbox-enable multiple users at once, remove the -b option from the parameter list and pipe the distinguished names into ExchMbx from another tool or from a file. Run exchmbx /? for usage details.


Using VBScript

The trickiest part of creating a mailbox for a user with VBScript is to know what to use for the homeMDB attribute. If you use the wrong value you will get the error: "The server is not operational," which isn't helpful feedback. This is where the GUI method is nice, because it looks up all of the possible values for you and lets you select from the list.

I present an alternative scripting method in Recipe 17.16, which lets you specify three well-known pieces of information to locate the proper homeMDB value. Finally, another alternative would be to search Active Directory for all valid homeMDB values, display them, and have the person running the script select from the list just like ADUC does. This third method involves searching against the Configuration container of Active Directory with the following filter: (objectcategory=msExchPrivateMDB).

See Also

MS KB 275636 (Creating Exchange Mailbox-Enabled and Mail-Enabled Objects in Active Directory) and MS KB 253770 (XADM: Tasks Performed by the Recipient Update Service)



Windows Server Cookbook
Windows Server Cookbook for Windows Server 2003 and Windows 2000
ISBN: 0596006330
EAN: 2147483647
Year: 2006
Pages: 380
Authors: Robbie Allen

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net