• State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 93 subscribers
  • Views 15393 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Target address and proxy address attribute provisioning in v8

robin.olivier
over 5 years ago

Hello,

I'm having a hard time understanding the way the attribute proxyAddresses and targetAddress are provisioned in Active Directory and Exchange sync projects in v8.

I have two main issues:

- in v6 there was a attribute ADSAccount.TARGET_Address, which could be mapped to the corresponding attribute in AD. It seems to be gone from the OneIM schema in v8. Why is that? I didn't find any mention of this in the documentation, and I'm about to make an schema extension to the ADSAccount table...

- I don't really understand the roles and differences of the ADSAccount.proxyAddresses field, compared to the Ex0Mailbox.EmailAddresses field, or the ADSAccount.OtherMailbox field. To me it feels like they are all the same thing (an alias adresses to which one can write, and the email will be routed to the corresponding email address). I didn't find anything related to that in the documentation. Can someone explain how these are supposed to be used? I'm sorry I know this is a very general question, but I'm really out of ideas here. I tried finding some documentation (either OneIM or AD/Exchange) which could explain which attributes are used and when, but I couldn't.

Any help will be greatly appreciated.

Best regards,

Robin

Parents
  • +1 over 5 years ago

    I am far from being an Exchange expert but at least some short explanations.

    There is no difference between AD proxyAddresses and Exchange EmailAddresses. And, there is no difference between AD targetAddresss and Exchange ExternalEmailAddress.

    So I assume you just set the external email address as your targetAddress.

    See explanation from Microsoft article https://blogs.technet.microsoft.com/undocumentedfeatures/2016/10/29/mailbox-delivery-settings/

    Mailbox

    A mailbox is a recipient (duh).  If a user is homed "locally," their mailbox is the final destination.  Core attributes we expect to see configured:

    ...

    • proxyAddresses - multivalued attribute containing all alias/proxy addresses for a mailbox.  The AD attribute name is proxyAddresses; from inside Exchange Management Shell, it is referenced as EmailAddresses.

    Mail-Enabled User

    The Mail-Enabled user object can serve two purposes: display in an address book (because it is a mail recipient), or as a pointer object for a remote Exchange mailbox. Core attributes we expect to see configured for a mail-enabled user:

    ..

    • proxyAddresses - multivalued attribute containing all alias/proxy addresses for a mailbox.  The AD attribute name is proxyAddresses; from inside Exchange Management Shell, it is referenced as EmailAddresses.
    • targetAddress - string value of the object's real email address in the remote mail system.  The AD attribute name is targetAddress; from inside Exchange Management Shell, it is referenced as either ExternalEmailAddress (if the object is a MailUser) or RemoteRoutingAddress (if the object is a RemoteUserMailbox).  This value serves two purposes: for mail routing, is serves as the next-hop address for mail delivery.  For Outlook clients, it is the value Outlook references during an autodiscover lookup.
  • 0 over 5 years ago in reply to Markus Weiss-Ehlers

    Thank you Markus for this detailed explanation. This was exactly what I needed!

    About my first question: so, is there no reason why the ADSAccount.TARGET_Address field was removed? Of course I can go ahead and just recreate it, but it strikes me as a bit weird that this field should be removed for no apparent reason from the default schema...

  • 0 over 5 years ago in reply to robin.olivier

    It has been removed because since version 7 the Active Directory and Exchange-related objects have been split up into different tables for several reasons.

    If you take a look at an Exchange synchronization project, you will see that the ExternalEmailAddress will already be synchronized for the Mail-Enabled users. There is a property ExternalEmailAddress in the table EX0MailUser that will be synced to Exchange.

  • 0 over 5 years ago in reply to Markus Weiss-Ehlers

    Yes, I understand.

    However this makes the assumption that every ADSAccount will be matched by an Ex0Mailbox.

    In our case we are managing admin AD accounts, which do not need a dedicated Ex0mailbox object (we'd rather avoid creating a dedicated mailbox for every admin account). Our customer requires that every email sent to the email of the admin account ends up in the user's "regular" email mailbox. Hence the necesary usage of Target_Address.

    To clarify: I've got a standard AD account "robin.olivier" with email robin.olivier@customer.com and a mailbox. I also have an admin AD account "robin-adm" with email "robin-adm@customer.com" but no actual mailbox. When a user sends an email to "robin-adm@customer.com" the email should be redirected to the mailbox of my regular account, "robin.olivier@customer.com".

    If I'm not mistaken, to achieve the desired result, I do need to set the targetAddress AD attribute with the email robin.olivier@customer.com. And I cannot do it with the Exchange sync project, since there is no Ex0mailbox object for the admin account.

    Now... come to think of it, maybe I can just set "robin-adm@customer.com" as one of the proxyAddresses of the regular mailbox. I don't know if that would work.

  • 0 over 5 years ago in reply to Markus Weiss-Ehlers

    Yes, I understand.

    However this assumes that there is always an Ex0Mailbox object associated with an ADSAccount, which is not always true.

    For example, we have the following use case with one of our customers:

    - users all have a standard AD account, mine is "robin.olivier" for example, with an email "robin.olivier@customer.com" and an Exchange mailbox.

    - some users also have an admin account for server administration. For example, mine is "olivier-adm", and has an email address "olivier-adm@customer.com", but it does not have a mailbox associated with it.

    My customer wants that when a user writes to "olivier-adm@customer.com", the email is forwarded to "robin.olivier@customer.com".

    To do that, I do need to set the targetAddress attribute of the admin AD account to robin.olivier@customer.com. It also need to set the proxyAddresses attribute of the admin AD account to contain smtp:olivier-adm@customer.com. This cannot be done using the standard Ex0mailBox mapping, since there is no Ex0mailbox object for this ADSAccount. I can only work with the ADSAccount entry.

    Hence the need for the custom CCC_Target_Address attribute (we have additional rules to implement to fetch the relevant email in various way depending on some edge cases, so we can't really use a virtual property in the Sync Editor. Maybe we could, but I didn't manage to make it work!)

    (for some reason my messages keep being flagged as spam... I hope this one goes through... anyway, thanks again very much for your help Markus!)

Reply
  • 0 over 5 years ago in reply to Markus Weiss-Ehlers

    Yes, I understand.

    However this assumes that there is always an Ex0Mailbox object associated with an ADSAccount, which is not always true.

    For example, we have the following use case with one of our customers:

    - users all have a standard AD account, mine is "robin.olivier" for example, with an email "robin.olivier@customer.com" and an Exchange mailbox.

    - some users also have an admin account for server administration. For example, mine is "olivier-adm", and has an email address "olivier-adm@customer.com", but it does not have a mailbox associated with it.

    My customer wants that when a user writes to "olivier-adm@customer.com", the email is forwarded to "robin.olivier@customer.com".

    To do that, I do need to set the targetAddress attribute of the admin AD account to robin.olivier@customer.com. It also need to set the proxyAddresses attribute of the admin AD account to contain smtp:olivier-adm@customer.com. This cannot be done using the standard Ex0mailBox mapping, since there is no Ex0mailbox object for this ADSAccount. I can only work with the ADSAccount entry.

    Hence the need for the custom CCC_Target_Address attribute (we have additional rules to implement to fetch the relevant email in various way depending on some edge cases, so we can't really use a virtual property in the Sync Editor. Maybe we could, but I didn't manage to make it work!)

    (for some reason my messages keep being flagged as spam... I hope this one goes through... anyway, thanks again very much for your help Markus!)

Children
  • 0 over 5 years ago in reply to robin.olivier

    What you are describing, Microsoft would call a Mail-Enabled user in Exchange. So, you do not need to have a mailbox but a Mail User object EX0MailUser and set the property ExternalEmailAddress. That should be it. Honestly, the customer is mocking this by setting the properties you mentioned in AD only.

    Everything else would be customizing, but I want to point out that you need to take care about your data flows then as both synchronization projects end up in writing and reading the same properties in the end.

    In regards to the spam, I am unable to help. But I can see 3 posts in the community, seems that the emails got through.