How to create a Recipient Policy based on Company names?

by Bharat Suneja

One of the more frequently asked questions in an environment where you want to host more than 1 company’s email on a single Exchange server. Both companies have unique dns domains, let’s say CompanyA.com and CompanyB.com.

You typically end up locating thw users from the 2 (or more) companies in their own respective OUs.

You go to Recipient Policy in Exchange System Manager to create a recipient policy that generates the email addresses for CompanyA, but there’ s no option to be able to create a policy based on OUs! Unlike GPOs in Active Directory, Recipient Policy cannot be created base on OUs. Adding this feature would make lives of a gazillion Exchange admins easier, but the fact is you can’t.

So what are the options? You could create the policy based on attributes like location, department, company etc. In this case, we will go ahead and create the policy based on the company attribute.

This can be easily accomplished from the Recipient Policy GUI.

1. Go to the Recipient Policy container | right-click in the right pane where the default policy is listed | New | Recipient Policy.
2. From the New Policy dialog box, select the “E-mail addresses” checkbox to create a policy that generates email addresses. (The other option is Mailbox Manager settings) | click OK.
3. Enter a name in the General tab of the policy – let’s say “CompanyA Policy”
4. Click the Modify button – this presents the familiar ldap/ad search UI
5. In the Advanced tab, click the Field dropdown | select “User” | select the “company” attribute
6. From the “Condition” drop-down, select “Is (exactly)” condition
7. In the “Value” box type in the company name as it appears in your users’ Company field in AD Users & Computers | click Add to add the condition to the filter
8. [Optional] You can click on the “Find Now” button to see which users will be selected by that filter
9. Click on OK to add the filter to the policy. You may get an ESM warning that informs you about applying the policy | click OK
10. Go to the E-mail addresses tab | modify the default SMTP address to @companyA.com
11. ESM will prompt you to update recipient’s addresses. You can select Yes if you want to update immediately, or No if you are in a large domain where you want to schedule the update for later.

Wait for RUS to run. If set to run all the time, you can check the users’ properties to see if the intended recipients have the new email address.

Repeat the procedure for CompanyB.com domain.

Things To Remember:
1. You can modify the Default Policy to use it for CompanyA.com, else the Default Policy will still apply if its conditions are met, and you may see email addresses that are not required for a certain set of users.
2. When creating a new user, you will have to remember to always populate the user’s relevant attribute (company in this case) for the user to get the right email address.

{ 9 comments… read them below or add one }

Anonymous November 28, 2006 at 8:31 am

“Unlike GPOs in Active Directory, Recipient Policy cannot be created base on OUs”
———————————-

But the thing is, you can create a recipient policy filter based on OU’s. You just have to go to the advanced query filter to do so.

Reply

Bharat Suneja November 28, 2006 at 9:01 am

I wasn’t able to find anything in Advanced tab that will allow you to do this.

Can you please post more (step-by-step) details? A lot of us could benefit from this.

As a sidenote, though you can use wildcards such as (CN=Joe*) to pick up all users with CN starting with Joe (e.g. Joe Adams, Joe User, etc.), the wildcard does not work with distinguishedName attribute.

In other words, queries such as the following won’t work: (distinguishedName=*,OU=People,DC=MyDomain,DC=Com).

Reply

Anonymous June 4, 2008 at 5:45 am

You can create a Recipient Policy based on group membership, and make all CompanyA users member of a CompanyA group and all CompanyB users member of a CompanyB group.
Here’s how:

Create a new recipient policy, make it a Custom Search, select the Advanced tab and enter your query like
(&(memberOf=CN=companya.users,OU=Service,DC=companya,DC=com))

Set the email address accordingly (ie %1g.%[email protected])

Go to the Service/CompanyA/com OU and create a group named companya.users.

Create your users and before you mail enable them, make them members of the companya.users group.

Mail enable your CompanyA users and they will get an email address from the Recipient policy you just created.

Reply

Anonymous June 19, 2008 at 5:49 am
jeremy October 23, 2008 at 11:30 am

anonymous June 4th you are awesome! Thank you so very very much.

Reply

טכנאי מחשבים June 23, 2009 at 8:24 pm

very useful stuff!

Reply

Patrick August 19, 2009 at 10:58 am

umm… what about distribution lists? Contacts? other objects?
is there someway to set the search base? that should work….

Reply

Patrick August 19, 2009 at 11:30 am

ok – doesn't look like you can set a search base. which I find strange…
BUT! you can also have it look at a mailbox store. So if you have enterprise and you are putting everybody in a company in a single mailbox store that would be easy. Just look for users. If you look for groups it will find ALL groups.

Reply

Sumanth April 14, 2010 at 7:31 am

Can we Create a Custom Recipient Policy for Exchange 2007

Reply

Leave a Comment

Previous post:

Next post: