Blog: LDAP

Recently I was cleaning up some Exchange mail-enabled contacts and moving them to different OU’s.  I had to create a new contact and kept getting an error for a duplicate email address.  I couldn’t find the duplicate using the normal search methods, so after some digging I found this site that provided a custom LDAP query: [more]

http://www.danlance.co.uk/index.cfm/2007/11/14/How-to-find-the-user--entity-an-email-address-is-associated-with-in-Exchange-2003

Basically you search for attribute “(proxyAddresses=smtp:user@domain.com)” to give you the object with this email address.


 

Microsoft has changed the query syntax for creating Exchange Address Lists and Email Address Policies in Exchange 2007. In Exchange 2003, all recipient filters were created with LDAP queries. In Exchange 2007, a new filter syntax called OPATH has been introduced. OPATH is easier to write and makes queries easier to understand, but any ALs or EAPs that are carried over as part of a migration from Exchange 2k/2k3 to 2k7 must be updated to use OPATH instead of LDAP. Here is an example of such a conversion:

LDAP: 
(&(&(&(&(mailnickname=*)(|(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))))))
(objectCategory=user)(physicalDeliveryOfficeName=morton*)))

OPATH:
( ( ( Alias -ne $null ) -and ( ( ObjectCategory -like 'person' ) -and ( ObjectClass -eq 'user' ) -and ( recipientType -eq 'UserMailbox' ) ) ) -and ( ObjectCategory -like 'user' ) -and ( Office -like 'morton*' ) )

To save a lot of time by avoiding doing these conversions by hand you can use the LDAP to OPATH filter conversion script script provided by the Microsoft Exchange Team.