First class recipient types in Exchange 2007


Exchange 2003 used several recipient types, but it was often difficult to determine exactly what type a given object was. For example, a mail-enabled user and a mailbox-enabled user looked identical in ADUC without careful inspection. It required opening the user object property pages and inspecting the properties to make the determination.

Even worse, differentiating between mailbox types (i.e. user mailbox from a conference room mailbox) is even more difficult with Exchange 2003 as there is no visual indication of the difference apart from permission settings!

Exchange 2007 solves these problems by adding several explicit Recipient Types which can easily be differentiated by their icon in Exchange Management Console or by looking at the RecipientTypeDetails property on the recipient in Exchange Management Shell.

Exchange 2007 also differentiates all mail-enabled recipients (who can send and receive mail) from non-mail-enabled recipients. Below is a list of the mail-enabled recipient types available in Exchange 2007 and a description of each:

  • UserMailbox – an Exchange 2007 mailbox assigned to one specific user account in the local forest. Most mailboxes will be of this type unless you are using a Resource Forest.
  • LinkedMailbox – an Exchange 2007 mailbox in a resource forest assigned to a specific user in the user/account forest.
  • SharedMailbox – an Exchange 2007 mailbox which is shared by one or more user accounts.
  • LegacyMailbox – a mailbox located on an Exchange 2000 or Exchange 2003 server.
  • RoomMailbox – an Exchange 2007 mailbox which represents a conference room for scheduling purposes.
  • EquipmentMailbox – an Exchange 2007 mailbox which represents a piece of equipment for scheduling purposes (TV, Projector, etc).
  • MailContact – an AD contact with an external email address assigned
  • MailForestContact – an AD contact with an external email address assigned that was created by MIIS GALSync. This object represents a recipient object from another forest.
  • MailUser – this is an AD User with an external email address
  • MailUniversalDistributionGroup – this is an AD UDG with an email address
  • MailUniversalSecurityGroup – this is an AD USG with an email address
  • MailNonUniversalGroup – this is an AD Local or Global Security or Distribution group with an email address
  • DynamicDistributionGroup – a special group with dynamically generated group membership and an email address.
  • PublicFolder – a mail-enabled Public Folder

Here is an example of how some of those different types of recipients look like in Exchange 2007 console:

Why make this change?

There were two key reasons for creating these additional recipient types. First, providing explicit recipient types makes it easier for an administrator to quickly differentiate between the different types of recipients. This allows searching, sorting, and filtering by explicit recipient type as well as allowing bulk operation to be managed by recipient type. Second, the recipient type is used directly by the Exchange Management Console to surface different property sets in the GUI. For example you may want to set the capacity of a conference room whereas a standard user mailbox would have no need for this property. With these different recipient types provided, administrators should be able to find and manage mailboxes more quickly and effectively.

- Jim Edelen

Comments (11)
  1. Davidd says:

    I think this is a great addition to the interface!  We use conference rooms heavily in our environment and it will be really nice to have them show up different.

    Is there a way to decouple the conference room mailbox from a generic user account?  Currently we have a user account for each of our conference rooms just as a place holder.  I would much rather see a mailbox without a user.

    Second, is there a way to create a group mailbox in E2K7 without creating a generic user?  We have a significant need for this right now and we really can’t come up with a clean way to do this in E2K3.

  2. Jim Edelen says:

    In Exchange 2007 all Mailboxes still need to have a user account associated with them.  When you create a conference room, equipment or shared mailbox, a disabled user account is created.

    What specifically is causing you problems with this?  Is it that there are extra users in ADUC or something else?  If we get the specifics, we can make sure they are considered in the future.

  3. Davidd says:

    I am just not too crazy about having generic user accounts floating around in AD.  To me it makes more sense and seems a lot cleaner to have the ability to create a mailbox for a resource or group without having an associated user account.  

    This becomes especially important with group accounts, as we are a large environment (25,000 users) and we need to simplify their management.  The way we handle groups is that we have automatically populated groups based on HR data.  We also provide manually populated groups where a department, or division, etc can request a net manual group, our helpdesk will create it, and the requesting manager/technician can manage the membership and other options.  They have the ability to drop all mail destined to the group on the floor, deliver it to all members, deliver it to a specific user, or deliver it to a group mailbox.

    Given that these are configurable by the group manager and may change over time, it would be a nightmare to script this by flipping between using Public Folders for the group mailbox and delivering to each member, etc.  This actually leads to another thing…  It would also be nice to have the ability to forward a group to another account (altRecipient for a group in LDAP).

    We have been running Exchange with about 3,000 of our users, until recently when we migrated all 25,000 off of our UNIX system.  So far it is working really nice, but our UNIX mail system was definitely more flexible in how it dealt with mailboxes.  In this respect, E2k+ has really taken a step back from E5.5.  Because of these limitations, we are actually considering deploying a small UNIX mail system to deal with our groups.  The rigidity of Exchange requiring a user for each mailbox just can’t compete with the flexibility of a nice UNIX based mail system.

  4. Jim Edelen says:

    I am still not quite sure I understand.  Are you saying that you want groups to have access to a shared mailbox for the group?  You can do that today – create a shared mailbox and use the add-mailboxpermission tasks to give the group you created permissions to the shared mailbox.  Members can then be added/removed from the group and still have access to the shared mailbox.

    Or are you saying that you don’t want a user account associated with the mailbox becasue it could inadvertantly be added to one of these group you have?  

  5. Davidd says:

    Maybe I am missing something, but…  Take a group called "foo" with an SMTP address of foo@org.com.  I need the group mail enabled to assign Public Folder permissions, so the group gets the email address foo@org.com.  Initially the group is set to deliver to all members, but the group admin wants to change it to deliver to the group mailbox.  In the background, the script would need to create a new user called fooMBX (can’t create a user called foo because of naming conflicts), mail enable it, take away the foo@org.com SMTP address from the actual group, asign foo@org.com to the user account, assign permissions to the mailbox for the group (can’t wait for E2k7 for Power Shell!!!), etc.  This doesn’t even take into account the Display Name for the GAL…  I need the group in the GAL for permissions on Public Folders, but I also need the mailbox in the GAL for the users to send mail to it.  Having a different name in the GAL for the mailbox would only serve to confuse and frustrate our users.

    The only other option that I see is a mail enabled Public Folder, but I would hate to waste the time developing this when they are just going to go away in the future.

    I guess I could also create the fooMBX account, NOT give it the foo@org.com address and only the foombx@org.com address, set the altRecipient LDAP attribute on the foo group (I see this is an available LDAP attribute for a mail enabled group) to forward to the fooMBX account.  However, exposing this as an option to the group admins would be less than ideal (I just imagine one of them flipping it from forwarding to delivering just to see what it does).  We could only expose this to our help desk, but that would be a business process change.  I know we are probably not the typical organization, but this is why I like the idea that mailbox != user account.

  6. Jim Edelen says:

    Thank you for the feedback.  To achieve this scenario, you will need to use powershell scripting as you indicated.  I will forward the scenario to the appropriate people so they can take it into consideration when designing new features.

  7. Hi,

    I am preparing a migration from an Exchange 2003 environment where the customer has created a lot of resource mailboxes. Is it possible to migrate or convert these mailboxes to room mailboxes?

  8. Paul Macknight says:

    The answer to your question is no. But let me give you some more detail about this.

    The concept of resource mailbox in 2003 could vary. So the way we do this in move-mailbox is: If a mailbox has msExchMasterAccountSID assigned to SELF and its user account is disabled, we will move it as an 2007 Shared mailbox. For any other configuration (expect linked mailboxes) we move it as a "regular" mailbox.

    So depending on the way you set up your 2003 resource mailbox you might be able to migrate it directly as a 2007 shared.

    But if your final goal is to convert these mailboxes to Room or Equipment, you will need to run set-mailbox (the parameter to convert a mailbox is -type) after you migrate the mailboxes.

    Thanks

  9. -DaveT says:

    The RoomMailbox feature sounds great, but how does it manage it’s requests?

    If I put a conference room on my invitee list, does it automatically accept the meeting?

    Then if someone else tries to book that conference room for that time, will it send them a meeting rejection notice?

    We originally tried setting up mailboxes for conference rooms, but people would just ignore the "busy" status of the room and we had lots of problems.

  10. Robert says:

    I have mail enabled Public Folders on my Exchange 2007 box but they aren’t showing up in Recipient Configuration.  What am I missing?

  11. Anonymous says:

    I have previously listed the progress we’ve been making in posting ITPro focused Systems Management blog

Comments are closed.

Skip to main content