Recipient Policy applies incorrectly

[btnet]

I have recipient policies set for multiple domains such as abc.com, domain.com, and support.abc.com. Some of policies look at the the COMPANY attribute of the AD user and some look at "custom attributes". Awhile back I noticed a lot of accounts with screwed up email addresses. Some would have the primary SMTP address set incorrectly and others would have addtional SMTP addresses. It looked as though the higher priority policies were skipped and the lower level policies were applied, therefore explaining why the new addresses had been created and the primary had been changed. I forced a rebuild and update and the primary's were set properly again. I then manually deleted the junk addresses for the accounts.

Now again (about two weeks later) I have another similiar problem. It doesn't seem as though as a policy has been skipped but almost like it was applied twice. For example, our email accounts are set as USERNAME@domain.com, but now there are accounts that have new email addresses set as PRIMARY that are USERNAME2@domain.com. Some even have a third USERNAME3@domain.com. Also this time the X400 addresses have been updated as well. The X400's also have the firstname as NAME2.

After running UPDATE and REBUILD the primary email addresses were all restored to the way they were supposed to be.

I have a couple of accounts that I have for testing purposes and have moved them to and from some OU's and these have 4 to 7 new addresses. This is about the only change that I can think of that has been made with the accounts in question (moved a lot of accounts from one OU to another). By moving accounts to new OU's is this confusing the recipient policy update service? It is currently set to RUN ALWAYS.

Any ideas?

 

[btnet]

I really think moving the users between OU's caused the problem. I haven't had the problem again, but I also haven't moved users. It would be nice to have an explanation though.

 

[TB0NE]

btnet,

I know you've resolved your own problem but if you have a moment would you consider a problem I'm having with recipient policies.

Until recently I only managed one email domain and used the default recipient policy. I have been asked to create a second email domain for a remote office. 10 of our employees are at this location and I have placed them in their own OU.

I created a second recipient policy that filtered on the OU and applied the settings. I then updated the services. Once applied, I checked the users in the OU and the secondary email domain was present. Everything looked fine until I checked the application log. I had multiple Event ID 8325s refering to the MSExchangeAL service. The error is as follows:

The service can't work properly because the Policy 'CN=**policy name**,CN=Recipient Policies,CN=**Company Name**,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=**domain name**,DC=com' has an invalid Filter Rule (purportedSearch). Use the Exchange System Management tool to correct this problem. While this error exist new users, contacts and groups won't receive mail information necessary to them to work properly.

Have you seen this before or have any idea what the problem could be?

I did not add the second email address to the default policy. I only created a second email address within the new policy and made it primary. My intent was to have my default policy (with a single address) apply to my local domain and have the second policy (with two email domains) apply to the remote office.

Any ideas would be greatly appreciated.

Thanks!

 

[srinars1]

hi

We have faced problem if we have reciepient policy if the filter if OU based.Instead of ou based,create a mailenabled group and put userdids of your remote office into this group.Then create recieipient policy,with higher priority,with filter option in such a way that memeber of this group will 2 email address.Try this and let me know.Typhically the ldap query for enumerating a group is:

(&(&(mailnickname=*)(|(memberOf=cn=groupname,OU=RemoteOffice,DC=xyz,DC=com))))



regards
srinars