Legacyexchangedn, X500, Migrations & IMCEAEX NDRs
- Charles Smith
- Oct 3, 2020
- 2 min read
Updated: Oct 7, 2020
If you have recently migrated or recreated any mailboxes, you may have users who receive NDRs (bounce back) to recipients that resemble something like this:
IMCEAEX-_O=CVS_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT+29_CN=RECIPIENTS_CN=CharlesSmith784b@domain.com
The issue here is internally (within a single Exchange organization) Exchange does not use SMTP, and will use a protocol called X500 instead, namely the address stored in an AD attribute called LegacyExchangeDN. Any cached autocomplete entries in Outlook clients will be using these LegacyExchangeDN addresses.
If you migrate mailboxes from one org to another, or recreate a mailbox, the new mailbox will come with a new LegacyExchangeDN address, and users will get bouncebacks if they are using their Outlook autocomplete, which they will very likely use.
You have two options here, depending on what stage you are:
1. If you are still planning your migration, or you have a good backup of the source AD objects' LegacyExchangeDN attributes, then you can import in bulk to your new mailboxes as X500 addresses. This is the preferred method.
2. If your migration has taken place and you have no backup of the previous LegacyExchangeDN values, then you can recreate them and add as X500 addresses based on the NDRs, although this is ad-hoc only.
Bulk Import of X500:
First obtain the LegacyExchangeDN attributes in a CSV, using a command like this:
Get-mailbox | select LegacyExchangeDN,PrimarySMTPAddress | export-csv c:\temp\LEDN.csv
Ensure you have a column for 'PrimarySMTPAddress' and 'LegacyExchangeDN'
Then you can run a script like this to import these as X500:
$Users=import-csv "C:\temp\LEDN.csv"
foreach ($User in $Users) {
$x500="X500:"+$User.LegacyExchangeDN
set-mailbox -Identity $User.primarysmtpaddress -EmailAddresses @{Add=$x500}
}
**note for Exchange Online Hybrid Mode use the command set-remotemailbox
Recreating from NDRs:
To find the X500 address for the old LegacyExchangeDN attribute for the user, make the following changes based on the recipient address in the NDR:
Replace any underscore character (_) with a slash character (/).
Replace "+20" with a blank space.
Replace "+28" with an opening parenthesis character.
Replace "+29" with a closing parenthesis character.
Delete the "IMCEAEX-" string.
Delete the "@domain.com" string.
Add "X500:" at the beginning.
So our example
IMCEAEX-_O=CVS_OU=EXCHANGE+20ADMINISTRATIVE+20GROUP+20+28FYDIBOHF23SPDLT+29_CN=RECIPIENTS_CN=CharlesSmith784b@domain.com
Would become:
X500:/O=CVS/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=CharlesSmith784b
Then add this as an X500 address to the new mailbox.