что такое адрес x500 exchange
Что такое адрес x500 exchange
Будучи основанным на спецификациях X.500, каталог сервера Exchange не следует им в области использования протоколов передачи данных и двоичного формата потоков данных. Однако с точки зрения реализации объектного хранилища и разделения функций между DSA и DUA, Exchange может вполне считаться воплощением канонической модели каталога X.500. На рисунке 1.13 приведена схема информационного дерева каталога Exchange Server, содержащего все необходимые компоненты классического каталога, включая корень, контейнеры, листья и схему данных.
Каждый объект каталога имеет уникальное имя в каталоге, полное и относительное характерное имена. Формат характерного имени поясняет рисунок 1.14. Характерные имена объектов, таких как пользовательские ящики, списки рассылки и т.д., могут использоваться в качестве их почтового адреса во внутреннем формате Exchange. Следует, однако, помнить, что внутренние адреса имеют силу только в том случае, если адресуемый объект находится в пределах той же организации, что и отправитель.
Рис. 1.13. Схема каталога Exchange Server
Рис. 1.14. Формат характерного имени Exchange
Exchange использует метод репликации фрагментов каталога, т.е. каждый сервер хранит локальную копию каталога организации. Запросы от пользовательских агентов каталога обрабатываются локально во всех случаях, кроме обращений к общим папкам. Если сервер не имеет на себе запрошенной копии, он на основании данных каталога, переадресует клиента к DSA сервера, на котором копия папки присутствует.
Каждый сервер обслуживает фрагмент, состоящий из четырех неперекрывающихся пространств именований: организации (Organization), площадки (Site), настроек (Configuration) и схемы каталога. Назначение каждого из них будет рассмотрено далее.
Решено ошибки после миграции
anakom
Случайный прохожий
Добрый день! После миграции с Exchage 2010 на exchange 2016 у пользователя возникает ошибка при ответе на сообщение которое было получено до миграции.
То есть ошибка при внутренней пересылке внутри организации.
Не удалось выполнить доставку следующим получателям или группам:
Не удалось найти введенный электронный адрес. Проверьте адрес получателя и попробуйте отправить сообщение еще раз. Если проблема возникнет снова, обратитесь к своему администратору электронной почты.
Диагностические сведения для администраторов:
Формирующий сервер: mail2.domen.Local
IMCEAEX-_o=DOMEN_ou=Exchange+20Administrative+20Group+20+28FYDIBOHF23SPDLT+29_cn=Recipients_cn=userc33a3422@DOMEN.Local
Remote Server returned ‘550 5.1.11 RESOLVER.ADR.ExRecipNotFound; Recipient not found by Exchange Legacy encapsulated email address lookup’
Freddy
Случайный прохожий
Надо добавить адрес X500 для проблемного пассажира
To resolve this issue, use the following method.
Create an X500 proxy address for the old LegacyExchangeDN attribute for the user
To create an X500 proxy address for the old LegacyExchangeDNattribute for the user, make the following changes based on the recipient address in the NDR:
X500:/O=MMS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=User-addd-4b03-95f5-b9c9a421957358d
Что такое адрес x500 exchange
Question
I recently recreated an Exchange 2007 user mailbox, and now recipients replying to old emails are getting this NDRs:
I did some research and apparently, I need to create a custom X500 address. I tried doing that using the format below, but the user is still getting NDRs.
Someone said it’s case-sensitive, but still getting NDR’s.
Can somebody tell me what I’m doing wrong?
Thank you in advance.
Answers
The x500 is typically using the alias or cn unless there was some customization. Just add two x500 addresses like below, one of them will likely be the correct one.
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
All replies
The ideal method would be not to delete the original mailbox. Create a new one, move all data etc and then forward the old to the new. Then it wouldn’t be a problem.
Simon Butler, Exchange MVP
Blog | Exchange Resources | In the UK? Hire Me.
try adding the legacyExchangeDn of old mailbox as x.500 address
Something like:
x500:/o= /ou= /cn=Recipients/cn=
legacyExchangeDN:/o= /ou= /cn=Recipients/cn=
Well I just tried both custom addresses:
x500:/o= /ou= /cn=Recipients/cn=
L egacyExchangeDN:/o= /ou= /cn=Recipients/cn=
but I’m still getting the NDRs. I’m confirmed that there are no typos. I even tried from OWA and still getting the same NDR.
Any other suggestion?
does the user get it or does it bounce?
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Just tried. Still getting NDR.
#550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found ##
Was this originally a 2003/5.5. org?
Compare the x500 you entered to the legacyExchangeDN of another mailbox.
Can you post the exact x500 address you added ( obscure the Org Name and alias if you want, but not the actual construction of the address)
Remember, either the admin group, recipients container or alias changed when you recreated the mailbox. The x.500 address you add as a custom address has to be what it was BEFORE. So most likely, it was referring to a legacy admin group, or you created a new alias when you created the new mailbox (SamAccountName versus First.Last etc..)
Here are the two x500 custom addresses that I entered:
And yes, the user was originally a member on the Exchange 5.5 org, then upgraded to 2003 and now 2007.
Thank you in advance.
Here are the two x500 custom addresses that I entered:
And yes, the user was originally a member on the Exchange 5.5 org, then upgraded to 2003 and now 2007.
Thank you in advance.
Ok, the 2nd one is not a proxyaddress, so you can remove that.
Assuming the OU is set correctly ( NY was the legacy Admin Group?), and the Org Name is correct, then I would focus on the cn= Typically the 5.5 alias is going to be the original sAMAccountName and not user@domain.com
Is that really what it was?
Are you sure cn=user@domain.com is correct? Typically the cn= john doe. The @domain.com isn’t typically there unless there was some customization going on.
When you looked up an existing user’s legacyexchangedn did it show @domain.com?
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Well, I think the OU is NY. Below is the NDR so that’s what I’m referencing.
I will try using the sAMAccountName, but how do I get the sAMAccountName?
Well, I think the OU is NY. Below is the NDR so that’s what I’m referencing.
I will try using the sAMAccountName, but how do I get the sAMAccountName?
It would be the account they logon to the domain with using the domain\user convention. Whatever «User» is.
If you look at other accounts legacyexchangeDN values, you can confirm that.
That IMCEAEX-_O=COMPANY_OU=NY_cn=Recipients_cn=User@domain.com isnt really what their legacyExchangeDN value was nor is it a valid address. Its the encapsulated address of that account referring to the default recipient domain.
The x500 is typically using the alias or cn unless there was some customization. Just add two x500 addresses like below, one of them will likely be the correct one.
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
The x500 is typically using the alias or cn unless there was some customization. Just add two x500 addresses like below, one of them will likely be the correct one.
James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Or an Employee Number or JohnD or etc.. 🙂
OMG!! It’s working!! The full username did the trick. Woo-hoo.
Glad you got it figured out! 🙂
YOU my friend, hit the nail on the head with that one. You’re some sort of an exchange genius!
I had a problem where /O=ExchangeOrgName/OU=NY/cn=Recipients/cn=John-DoeAC422F48510784669C5B30BD0FCDAA was what I got using the Get-MailPublicFolder
| Select LegacyExchangeDN and used that as the X500 address, and it didn’t work.
I then just removed the random numbers from the end so it looks like this /O=ExchangeOrgName/OU=NY/cn=Recipients/cn=John-Doe like you suggested and added it as an extra X500 address and voila, it works!
We had the same issue on Exchange 2010, and this almost worked for us: /o=CompanyName/ou=Site/cn=Recipients/cn=User@domain.com
What we needed to add was extra information from the bounceback email. Here is the bounceback email:
Delivery has failed to these recipients or groups:
(full name of user is displayed here, as it was entered in AD)
The e-mail address you entered couldn’t be found. Please check the recipient’s e-mail address and try to resend the message. If the problem continues, please contact your helpdesk.
Exchange Server X500 Address An Amazing Thing to Know
Then I realize that i have done a terrible mistake that can’t resolve it. The problem created when delete all the contacts and recreate again the same contacts and new one. This problem occurs because while the Outlook auto-complete cache stores SMTP addresses for e-mail sent to external addresses, it uses X.500 addresses for e-mail sent to addresses within the Exchange organisation. Even though we had given the conact or user account all the old SMTP addresses, the old X.500 address which Outlook was sending to was missing. So this cause exchange to reject the message and return and undeliver email like
Kostas Example
The e-mail address you entered couldn’t be found. Please check the recipient’s e-mail address and try to resend the message. If the problem continues, please contact your helpdesk.
Diagnostic information for administrators:
Generating server: anholt.onmicrosoft.com
IMCEAEX-_O=EXCHANGELABS_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT
+29_CN=RECIPIENTS_CN=827865984d33455b8a289b007a37f400-Kostas+20Example@example.com
#550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found ##
Original message headers.
I done my research for X.500 address and i realize that is amazing what can do and resolve the problem. So let’s start to explain step by step how can create a new X500 Address in the Exchange Server and avoid the problem of Undeliver Email when user try to send it from Outlook autocoplete list.
My scenario related with the Mailbox contacts of Exchange Server but this doesn’t mean that you can’t use it with email address of a mailbox.
Now you must wait until Exchange Server Update the Offline Address Book and push all the changes in the Outlook users. If you use Exchange Server you know that this happened once a day in specific time. After that Outlook users start to send again in email addresses of Contacts without problems and undeliver emails.
It’s very easy but you must know about X500 Address to resolve this problem.
If you are interesting for Exchange Server or Office 365 you can find lot of courses from MVP and other Trainers in Pluralsight Console.
Do you want to find tools that maybe help you? Explore Collection of Tools for IT Professionals.
Are you interesting to export Reports from Active Directory? Download our Powershell Tool to do it.
I hope to find usefull my article. Do your comments here in Google+ or Facebook and i will be there to discuss with you.
Отчет о невывозе IMCEAEX при отправке сообщений электронной почты внутреннему пользователю в Office 365
Симптомы
Когда вы отправляете сообщения электронной почты внутреннему пользователю в Microsoft Office 365, вы получаете отчет о невывозе IMCEAEX (NDR) из-за плохой ссылки LegacyExchangeDN. NDR IMCEAEX указывает, что пользователь больше не существует в среде.
Причина
Эта проблема возникает из-за изменения значения атрибута LegacyExchangeDN. Автоматический кэш в Microsoft Outlook и в Microsoft Outlook Web App (OWA) использует значение атрибута LegacyExchangeDN для внутренней маршрутизации сообщений электронной почты. Если значение меняется, доставка сообщений электронной почты может привести к сбой с помощью NDR 5.1.1. Например, адрес получателя в NDR напоминает следующее:
Решение
Чтобы устранить эту проблему, используйте следующий метод.
Создание прокси-адреса X500 для старого атрибута LegacyExchangeDN для пользователя
Чтобы создать прокси-адрес X500 для старого атрибута для пользователя, внести следующие изменения на основе адреса получателя в LegacyExchangeDN NDR:
После внесения этих изменений прокси-адрес для примера в разделе «Симптомы» напоминает следующее:
X500:/O=MMS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=User6ed4e168-addd-4b03-95f5-b9c9a421957358d
Будут заменены наиболее распространенные элементы. Однако в атрибуте могут быть другие символы, которые также будут изменены в том, как они отображаются LegacyExchangeDN в NDR. Как правило, любой шаблон символов «+##» должен быть заменен соответствующим символом ASCII. Например:
Если вы не знакомы с кодом ASCII, см. в таблице кодов символов ASCII 1.