This video shows how to mail-enable an existing Active Directory user with an external email address and create mail contacts for the global address book.
- [Instructor] In the previous chapter, we looked at a few different examples of mailboxes that are not traditional users. But in this segment, we're going to be looking at user objects that are not actually mailboxes. If your company hires consultants, you probably create accounts for them in Active Directory to grant access to various file shares and other network resources. These types of users often have email addresses at their own companies that they prefer to use so it's not necessary to create mailboxes for them.
It may be important that we can grant them access to other types of mailboxes like resource mailboxes or some of the permissions we've been talking about. These users can be mail enabled so they will appear on the global address list and be available to assign these types of permissions. So, here we are back on one of our Exchange Servers where I'm going to change over to the management shell so that I can assign Exchange access to this existing Active Directory user.
As with creating a mailbox, if I'm assigning this access to an Active Directory account that already exists, I'm going to use the commandlet enable. And instead of enabling a mailbox, I'm going to enable a mail user. The identity parameter will once again point to the account that already exists in Active Directory. And the final parameter is ExternalEmailAddress which is the email address at Fran's other company where we've contracted her from.
As with the creation of mailboxes, we could create the mail user and the Active Directory account at the same time using new instead of enable. But before we do that, I want to show you another trick at assigning a password as part of creating the account. We have seen a couple of different methods already. Let me show you how to assign a value to a variable that you can use in the New-Mailbox or New-MailUser command.
If I establish the variable of password, then I can set that equal to a prompt and I can even include a text prompt to remind me of what I'm supposed to enter and I can designate that it will receive this text as a secure string which is what's going to be required by the New-MailUser or the New-Mailbox commandlet. There it's prompting me with the text that I told it to use and I can now enter a password that will be assigned to that value $password.
So, now I can use the New-MailUser commandlet to create both an Active Directory account and mail-enabled user privileges for Jack Ogee. This account will have a user principle name of email@example.com and will point to the external email address that he uses at the media design company where he works most of the time and then I can use that password variable that we've just assigned.
Jack now has an Active Directory account and a directory entry in the Exchange Server that points to his external email address. Now, there's a similar entry that can be created in the Exchange global address list or people that do not have and will not have Active Directory accounts. Let me scroll this to the top of the screen and if I was to enter New-MailContact, specify a name of Jennifer Jackson, and the external email address that she uses at Red 30 Design, that will place Jennifer in the Exchange address book but will not give her an Active Directory account.
This is commonly used for points of contact at vendors or at other partner organizations, contacts that need to be shared throughout the Exchange organization even though the recipient doesn't work for us and doesn't need access to any of our resources. Mail users and contacts are useful objects especially in businesses that employ contractors from other organizations or need to have consistent points of contact throughout their own company.
- Planning and configuring Active Directory (AD)
- Creating and configuring mailboxes
- Delegating mailboxes
- Mailbox and mailbox folder permissions
- Mail-enabled users
- Send as versus Send on Behalf
- Using public folders
- Managing public folder permissions
- RBAC versus AD split permissions
- Configuring user assignment policies
- Protecting Exchange content
- Message signing and encryption
- Troubleshooting IRM failure