My company just sold off a couple of its business units and the sales agreement says offboarding users must keep their legacy email access for 6 months. But, they also need messages forwarded to their new (external) email addresses.
Normally, you could do this by OU (Organizational Unit) but in my case, not everyone in that OU is leaving and management didn't want to create a new OU since GPOs and ACLs are already linked to said OU.
So, we need to be able to import a CSV of those specific users and set the forwarding in one shot...I have about 450 users in my list, that would take a long time doing it manually :)
Create A New Send Connector
First, we need to create a dedicated Send Connector going out to the new external domain. This allows us to forward without creating External Contacts for all of the users - much easier:
In the EAC, navigate to Mail Flow, Send Connectors, +
In the New Send Connector window, give it a name like "External Forward" and click Next
Leave MX record selected and click Next
Click the + and under the FQDN type the domain name for the external contact, click Save, and Next
For the Source Server, click the + and select your Edge server if you have one, or your Mailbox servers (all of them) and click Ok, then Finish
Enable Verbose Logging on the Connector:
You'll want full logging on the connector so you can check the SMTPSend protocol logs later to verify successful sending.
In the Exchange Management Shell (EMS), run the following:
Set-SendConnector "External Forward" -ProtocolLoggingLevel Verbose
Optional:
If the external domain requires it, you'll need to enable forced TLS, else messages will be dropped.
In the EMS run the following:
Get-SendConnector "External Forward" | Set-SendConnector -RequireTLS $true
Create New Remote Domain
Next, we need to create a new Remote Domain in Exchange - this will allow incoming messages to hit our Exchange servers and forward/relay on to the new, external domain.
Fire up the Exchange Management Shell (EMS) and run:
New-RemoteDomain -DomainName *.externaldomain.com -Name ExternalDomain
**Note** Change "*.externaldomain.com" to the SMTP domain name of the external domain (using the wildcard will ensure any subdomains are included) and change "ExternalDomain" to the name of the external domain
Next, we need to allow messages to be forwarded to the new remote domain, by running:
Set-RemoteDomain "ExternalDomain" -AutoForwardEnabled $True
**Note** Change "ExternalDomain" to the name you gave it in the earlier cmdlet
Set Forwarding
Now, we'll create our CSV with Email and Forward as the headers and the users' current email and new external email address under like so:
Lastly, we'll run the cmdlet to set the forwarding on the user in the CSV:
$users=Import-csv C:\Temp\emails.csv
ForEach($user in $users){Set-Mailbox $user.email -DeliverToMailboxAndForward $false -ForwardingSMTPAddress $user.forward}
**Note** This cmdlet sets the ForwardingSMTPAddress switch, NOT ForwardingAddress. You can refer to my previous post to see the difference between those, but in a nutshell ForwardingSMTPAddress is what you use when using a dedicated Send Connector and Remote Domain.
**Note** This will set the messages to be forwarded but not delivered to the current mailboxes, which is what we want since those people are leaving the company.
Now, all incoming messages to those users will be routed to their new external domain without landing in their current mailboxes!
No comments:
Post a Comment