Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

Suppose:

An internal mail contact has been moved from Exchange 2010 to Exchange 2016.

Problem:

When attempting to send an email to a mail contact, you receive an NDR with an error similar to the below:

IMCEAEX-_o=NT5_ou=00000000000000000000000000000000_cn=This email address is being protected from spambots. You need JavaScript enabled to view it.
Remote Server returned '550 5.1.11 RESOLVER.ADR.ExRecipNotFound; Recipient not found by Exchange Legacy encapsulated email address lookup'

Solution: 

An X.500 address needs to exist to associate the mail contact with the LegacyExchangeDN value.

Information you will need:

  • Email address from the NDR diagnostic info.
    • Above, this would be: IMCEAEX-_o=NT5_ou=00000000000000000000000000000000_cn=This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Alias or email of the mail contact that you are attempting to send to
    • For argument's sake: This email address is being protected from spambots. You need JavaScript enabled to view it.

We will need to augment the email address that we received from the NDR and update the AD Object for the mail contact with that information. The email address augmentation rules are as follows:

  • Remove the leading text "IMCEAEX-"
  • Change underscores to forward slashes
  • Change +20 to a space
  • Change +28 to an open parenthesis
  • Change +29 to a close parenthesis
  • Change +2E to a period

Here's a simple PowerShell function that will take the email address that was retrieved from the NDR and return the corrected address:

Function Get-X500Address {
    param (
        [Parameter( Mandatory=$true)]
        [String]$Address
    )
    $Address = $Address.TrimStart("IMCEAEX-")
    $Address = $Address.Replace("_","/")
    $Address = $Address.Replace("+20"," ")
    $Address = $Address.Replace("+28","(")
    $Address = $Address.Replace("+29",")")
    $Address = $Address.Replace("+2E",".")
    $Address = $Address.Substring(0,$Address.LastIndexOf("@"))
    return $Address
}

If you look at the existing LegacyExchangeDN within Active Directory, it looks quite different from what we want it to be:

[PS] C:\WINDOWS\system32>(Get-ADObject -Identity "CN=test-contact,OU=Sharepoint Contacts,OU=Departments,DC=domain,DC=xyz" -Properties legacyExchangeDN).legacyExchangeDN
/o=Domain/ou=Exchange Administrative Group (FYDIBOHABCDEFGH)/cn=Recipients/cn=5e3exxa660a142f3893xxe549xx1368b-test-contact

What we'll need to do is add the new X500 address to the "ProxyAddresses" field on the AD Object. This can be done by either manually adding the entry into Active Directory via the GUI, or I have also written a PowerShell script to perform the operation.

If you prefer the GUI method, open Active Directory Users and Computers and navigate to the OU that your Contact resides. 

  • Select "Properties"
  • Go to the "Attribute Editor" tab
  • Scroll to "proxyAddresses"
  • Select "Edit"
  • Enter the corrected X500 address with "X500:" appended to the beginning of it.
  • Select "OK", then "Apply"

If you prefer to use a PowerShell script to somewhat automate these tedious tasks, the script can be located here: Set-ContactLegacyDN.ps1