As mentioned in my previous post “Top 5 Tools an Exchange Administrator should not be without”, ADModify is a tool that is used to bulk modify Active Directory objects. An example where you might use this tool would be if you have contacts in Active Directory for a partner company, and their company name changes (so does their SMTP domain name). Now you need to change these contact’s email addresses to reflect the new SMTP domain name. To modify these contacts you have the following three options:
1 Modify all contacts by hand
2 Create a script to modify
3 Use ADModify
Option 1 should not be an option if you have to modify any more than a few contacts, option 2 is a valid choice but if you have ADModify why bother.
This post details how to use ADModify to change the email address for contacts in your Active Directory, it assumes that all contacts to be change are located in the same OU, the SMTP domain will change (i.e. @companyname.com to @newcompanyname.new) your partner company uses a naming convention for their email addresses and the contact details are have been entered correctly (i.e. Given name, surname).
Note this post is more of a guide on using ADModify and not modifying contacts, the details contained with this post are accurate, but there may be problems implementing this solution if any of the above assumptions/conditions are not true.
When modifying contacts to point to a new SMTP domain, the following three attributes on each contact needs to be changed via ADModify:
Maps to in ADUC
|General Tab | E-mail Address|
|targetAddress||Exchange General tab | E-mail|
|proxyAddresses||E-mail Addresses tab|
Now not all object attributes are displayed in ADModify’s tabs, to modify these attributes there is the custom tab where you can specify the attribute name and value to be modified. In the case of the mail and proxyAddresses attributes these fields can be found in ADModify, but the targetAddress attribute does not and needs to be modified via the custom tab.
To modify a contacts address three attributes need to be modified, and another value from a multi valued attribute needs to be removed, these operations need to be done in two runs of the ADModify tool, below is an overview of the procedure.
• Change the mail attribute to the new address via the email field in the General tab
• Change the targetAddress attribute to the new address, this is done from the custom tab
• Add the new address to the multi valued attribute proxyAddresses via the email addresses tab
• Remove the old email address via the custom tab
Before beginning if you have not already, download ADModify .NET from the following location:
1. After downloading and extracting, Launch ADModify and select “Modify Attributes” see figure 1 below
Figure 1 “The ADModify .NET option window”
2. In the next window select your domain a domain controller from that domain then in the Show Only section ensure only the Contacts box is checked then click the green button with the arrow.
3. In the domain Tree List section navigate to and select the OU that contains contacts for the partner company, then click Add to List.
4. On the right had side of the window you will see all contacts within the selected OU. From here you can select all contacts or select a subset of contacts by clicking on each of them while holding the Ctrl key. Once you have selected all contacts to be modified click the Next >>> button. Figure 2 below shows this ADModify window:
5. The next steps involve selecting the attributes to be modified, first start by selecting the General tab, checking the box next to E-mail Addresses then enter the new address, remembering you can use variables such as %’mailNickName’%. You need to ensure you chose/use variables or a set of variables which matches the email address policy of your partner’s company. By default %’mailNickName’% is the variable used when the Default email recipient policy creates an address but it may have been changed to be %’givenName’%.%’sn% or any other set of variables, to suit the companies email address policy, I have entered the value of%’mailNickName’%@newPartnerName.com. Figure 3 below shows the General tab of the ADModify tool
Figure 3 “The ADModify .NET General Tab”
6. Now you need to set the targetAddress attribute. To do this click on the custom tab and check “Make a customized attribute modification”, in the Attribute Name field type targetAddress, in the Attribute Value field type the same value which you typed in the E-mail Address field from step 5 above. See figure 4 below:
7. You now need to add an additional value to the proxyAddresses multi valued attribute. To do this click on the E-mail Addresses tab check “Add SMTP Address” enter the value from step 5 & 6 above, and also check “Set as Primary”, see figure 5 below
Figure 5 “ADModify .NET’s Email Addresses Tab”
8. You have added the appropriate attribute values for the first run to take place, now click the Go! Button to modify the selected contacts. When processing is complete you should see a window similar to the one below in figure 6.
Figure 6 “The ADModify .NET operation status window”
9. Now we need to do the second run of ADModify as I mention above you need to remove the old address from the multi valued proxyAddresses attribute, you would have noticed there is an option in the E-mail Addresses tab (step 7 figure 5) “Remove SMTP Address” This has never worked for me so I use the custom tab instead but this time to remove the old address from this attribute. To do repeat steps 1-4 then enter the Custom tab, check “Make a customized attribute modification”, in the Attribute Name field type proxyAddresses, then in the Attribute Value field type smtp:%’mailNickName’%@oldCompanyname.com (or whatever value suits your senario), you will also need to check “Multivalued Remove”. Now Click Go! To remove this address from the contacts. See figure 7 below
Figure 7 “The ADModify .NET Custom tab removing an address”
You have now successfully updated the email addresses of your partner company’s contacts in your active directory.
Note: ADModify can still be used to modify objects even if they are located in various OUs or if different company objects are mixed in a common OU, to do this you would use the custom LDAP Query feature to filter objects based on Group/Department or any other AD attribute of an object.
Further Reading on ADModify
MSExchange.org – Using ADModify to Change Exchange Specific AD User Attributes in Bulk
Windows IT Pro – ADModify