toddomation.com: Exchange script: Fix broken migrated email addresses by splicing the historical LEDN in as a new X500 address

1/7/2018: I was working on a mail migration and needed to dust off and use this script, so I figured I'd go ahead and post it.

The underlying purpose for this script is, to workaround and suppress...
# 550 5.1.1 RESOLVER.ADR.ExRecipNotFound; Not found'
... errors for users replying to email that has been migrated from an external mail system.

Short form of the issue is that the migrated email (and Outlook Personal-Contacts) contain addresses stored in old-school X500 format (termed a LegacyExchangeDN). And unfortunately these addresses aren't functional anywhere except the source mail system.

But, there's a way around the issue: If you "add" the broken X500/LEDN value from the old system into the moved user's Exchange EmailAddresses list, that patched-in addresses will provide a 'shim' for delivery lookups that permits Exchange to resolve the address to the proper migrated user mailbox.

And that's where this script comes in: It takes a .csv file containing each migrated-user's 'WindowsEmailAddress' & 'LegacyExchangeDN' values exported from the migration source mail system, and splices the old LegacyExchangeDN value into the existing new mailbox EmailAddresses property.

Note: If you find yourself with these errors and you no longer have access to the original source mail system, you can approximate the necessary LEDN value to be added by examining the bounces generated by these bad addresses - the appropriate missing value will be right in the middle of the bounce:

IMCEAEX-_O=COMPANY_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT+29_CN=RECIPIENTS_CN=[recipientname]NAME@DOMAINcom
# 550 5.1.1 RESOLVER.ADR.ExRecipNotFound; Not found

Hint: It's the entire string after 'IMCEAX-'

Notes and instructions for use of the script are included in the help block at the top of the script.

This is pretty simple stuff. There's already a lot of commonly-available sample code already out there. The only real additions I make to the process are:

My script runs more error checking and validation around the changes (less risk of error).
I dump output details back for verification and loggging (to provide a good audit trail of the modifications).
The script supports a -whatif param to let you run test passes (so you can see what changes will occur, before executing the updates).
And it runs natively in Exchange Mgmt Shell. Most other folks leverage the AD powershell module's set-aduser command to do the update. I don't mind using ADMS, but using Exchange gives me more detail and better control (and avoids some of the annoying syntax inconsistencies it comes with ;P).

The Gist below has the core working bit of the larger script:

Static-source follows (for folks in RSS readers, or disabling scripting):
(check the linked Gist/Github links below for _current_ versions). append-x500LEDN-ToMbxEmailAddressess.ps1: // # append-x500LEDN-ToMbxEmailAddressess.ps1 <# key snippet from larger script...#> if(test-path $InputCSV) { write-verbose -verbose:$true "$((get-date).ToString('HH:mm:ss')):Loading Input file: $($InputCSV)" ; $procMbxs=import-csv $InputCSV ; foreach($pMbx in $procMbxs) { if($tmbx = get-mailbox -identity "$($pMbx.WindowsEmailAddress)" -ea 0 ){ write-host -foregroundcolor green "$((get-date).ToString('HH:mm:ss')):MATCHED:$($pMbx.WindowsEmailAddress)($($pMbx.displayname))=>TO:$($tmbx.WindowsEmailAddress)($($tmbx.displayname))" ; $x500LEDN = "X500:" + $pMbx.LegacyExchangeDN ; if ($tmbx.EmailAddresses -notcontains $x500LEDN) { write-host -foregroundcolor green "$((get-date).ToString('HH:mm:ss')):WHATIF:$($whatif):Adding LEDN as X500: `n$($x500LEDN) `nto existing emailaddresses:`n$($tmbx.emailaddresses)" ; set-mailbox -identity $pMbx.WindowsEmailAddress -EmailAddresses @{Add=$x500LEDN} -whatif:$($whatif); } else { write-host -foregroundcolor green "$((get-date).ToString('HH:mm:ss')):SKIPPING:Mailbox $($tmbx.windowsemailaddress) already contains $($x500ledn)" ; } ; } else { write-host -foregroundcolor red "$((get-date).ToString('HH:mm:ss')):UNABLE TO MATCH:$($pMbx.WindowsEmailAddress)($($pMbx.displayname))" ; } ; "===========`n" ; } ; } else { write-host -foregroundcolor red "$((get-date).ToString('HH:mm:ss')):MISSING InputCsv:$($InputCSV)" ; } ;

And the current revision of the full script can always be found at Github: append-x500LEDN-ToMbxEmailAddressess.ps1

Sunday, January 7, 2018

Exchange script: Fix broken migrated email addresses by splicing the historical LEDN in as a new X500 address

No comments:

Post a Comment