Friday, October 14, 2005
Outlook AutoComplete and LegacyExchangeDN
Recently, I've seen several posts referring to Outlook's autocomplete feature (Automatic Name Resolution) displaying incorrect information. Specifically, this information was stored in the legacyExchangeDN value assigned to a user account. OK, I'll correct the legacyExchangeDN value, you say.
Before you do that, however, be aware of the unintended consequences of doing such. Outlook actually still uses the legacyExchangeDN value for some things. For one, it uses the legacyExchangeDN when replying to messages sent by an internal user. You don't believe me? Well, it is sort of hard to find, but try this.
Download the MDB Viewer utility (MDBVu32) from Microsoft and open your mailbox and view a message that was sent by an internal user. Specifically, look at the PR_SENDER_EMAIL_ADDRESS property. Guess what that is :-) Yep - that's the legacyExchangeDN value on an account. Still don't believe me? Use ADSIEdit and go to the properties of the user account in question. Go down and view the legacyExchangeDN. You should see that it will match the PR_SENDER_EMAIL_ADDRESS property. Now, if you modify the legacyExchangeDN value for a user account, the message still has the OLD value listed - that doesn't get modified. So, when Outlook tries to reply to the message, it tells Exchange to send to the account with the OLD value, which no longer exists. Since that value no longer exists, an NDR will be generated. Not fun.
How do you get around this? There are 3 things that I can think of.
1. Don't rename/re-use user accounts. If you want the new account to be a member of the same groups as the old one, then simply Copy the account. At one point at a previous employer, we created "dummy" accounts that were only there so they could be copied. If you make a practice of creating a new account for each new user, you won't have to deal with incorrect legacyExchangeDN values.
2. Disable Outlook's Automatic Name Resolution feature. Ok, this may not be the most viable option, but by disabling ANR, you don't have to deal with Outlook caching and displaying incorrect information in it's autocomplete names. This will allow you to leave the legacyExchangeDN value intact and not worry about
3. If you MUST change the legacyExchangeDN value, make sure that you add the OLD legacyExchangeDN value as an X500 address on the user account. This will allow replies to still work because the address Outlook tells Exchange to use is still valid.
Links to this post:
Thank you for a no-nonsense answer to a really stupid feature of this product. Hiding a field away from administrators and making it visible to users is STUPID. Your option #3 was the straight forward answer I couldn't find an any KB article! Microsoft: FIX your products. Don't give us crap solutions that further break the product.Post a Comment
Links to this post: