Wednesday, October 1, 2008

Exchange Add Hidden Mailbox

Issue:

After hidding an account of a terminated user, I needed to add the account to the managers mailbox for monitoring of business related mail.

Quick:

Use the Legacy Exchange DN from acitive directory.

Visual/Learning:

Normally this would be just a matter of adding rights to the mailbox under AD Users and Computers => Properties => Exchange Advanced Tab => Mailbox Rights... button, and then adding the mailbox to the managers Outlook account under Tools => Email Accounts => "View or change existing email accounts" => Change Button => More Setting button => Advanced Tab => Add button to add the mailbox from the Global Address List (GAL). But when the account is hidden you do not see it in the GAL listing.

You can still add the maibox by using the Legacy Exchange DN from acitive directory. Now how to find out what it is. The sure fire way is to export the information from Active Directory (see below), but you may be able to guess what it is without doing the export.

Guessing method:

First open Exchange Manager and look at the Org name and the Administrative Group name.

Now you should be able to create a text string like you see below. Replace ORG with the name of you Exchange organization. If the administrative group name is different replace that as well. Also put the users alias at the end as shown. You can find the alias in Active Directory Users and Computers on the Exchange General tab.

Now just type of copy that string into the add mailbox window and the account should get added.

If that did not work you can export Active Directory information using the following command on the Exchange Server, where exportfile.ldf is the file you are exporting to and DomainServer is the name of a domain controller on your network.

You may get a lot of stuff in the file depending on the size of your Active Directory, but you should be able to find a legacyExchangeDN for the hidden account that looks like this:

3 comments:

Anonymous said...

How to add a hidden mailbox:

1. Go into ADUC and search for the mailbox.
2. Go into the E-Mail address tab and double-click on the X500 address.
3. Copy the e-mail address from the window that pops up.
4. Use what you copied as your mailbox name.

Jimmy said...

Marcus, thanks for the comment. This may work for some but when I tried it there was no entry for x500, only x400. I think those x500 address are generated in a migration from Exchange 5.5. Our site was created with a fresh install of 2003.

grabber_blue said...

Exchange 2007 has neither x400 or x500 addresses. The legacyExchangeDN attribute from the AD account properties worked for me though: "/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=HiddenAccountName"