Email addresses are an ever changing requirement for many organizations, particularly when mergers, acquisitions, or re-branding exercises are under way. Naturally this is something that falls on the Exchange administrator to solve. There’s a variety of scenarios that could be put in front of you, depending on whether it is all or just some of the users in the organization that require an email address change. It also varies depending on whether you’re running an on-premises Exchange Server organization, a Hybrid configuration, or are running purely in Exchange Online (Office 365).
Here’s a summary of the approaches you can use:
- For on-premises and Hybrid organizations, bulk email address changes (whether to all users or just a subset of users) can be managed with email address policies. You can also manually modify email addresses for individual recipients, or for multiple recipients using PowerShell.
- For cloud-only Office 365 organizations, bulk email address changes can be made when adding a new domain to your tenant, or at any time you can bulk add SMTP addresses to multiple mailboxes using PowerShell.
Let’s start at the beginning.
Adding a New Domain Name to Exchange Server or Exchange Online
Before your organization can accept email for a domain name the domain needs to be added to your config. For on-premises Exchange organizations this is managed as Accepted Domains.
There are three types of accepted domains to choose from:
- Authoritative – your organization is the only system that has recipients with email addresses in that domain.
- Internal Relay – your organization shares the domain name with another organization or system (also known as a shared SMTP namespace).
- External Relay – your organization has no recipients for that domain name, but will accept and route email for that domain to another destination.
For an Exchange Online (Office 365) tenant, a custom domain needs to be added. To prevent you from adding domains that you do not own or control, you’ll be required to verify the custom domain name by adding a specific DNS record to your public DNS zone. Note also that a custom domain can’t be added to more than one Office 365 tenant at the same time.
For Hybrid deployments the domain should be added to both the on-premises organization, and to the Office 365 tenant.
Adding Email Addresses to Recipients
After the domain has been added to your organization and/or tenant, you can begin adding email addresses to your recipients.
Adding Email Addresses to Multiple Recipients using Email Address Policies
For on-premises and Hybrid deployments you can use email address policies to achieve this. Every on-premises organization has at least one email address policy that is the default, and you can add more policies as needed. There are two parts to the policy. The first is the address format. You can choose from pre-canned formats such as “alias@domain.com”, or construct your own using variables. Note that you can’t use a domain name in a policy until it has been added to the organization as an accepted domain.
The second part is the filters or rules that control which recipients the email address policy will apply to. The default policy applies to all recipients, but you can be more granular for your additional policies as necessary to meet your needs.
Notice the sequence number as well? That allows you to control which policies take precedence over others. A recipient has a single policy applied to them at any time, so if there are multiple policies that match a recipient, it will be the highest priority match that is applied. The highest priority policy is the number 1, and the default policy is always the lowest priority.
Note that for Hybrid deployments you should first add the domain to both the on-premises organization and to the Office 365 tenant before you begin applying new email address policies.
Adding Email Addresses to Multiple Recipients when Adding a Custom Domain to Office 365
For Office 365 customers you can choose to add a new email address to multiple recipients during the process of adding a custom domain to the tenant.
Adding Email Addresses to Recipients Using PowerShell
For on-premises and Hybrid deployments we can use PowerShell to manage email addresses. For a recipient that is enabled for email address policies, we can use PowerShell to manage any additional (secondary) email addresses. If we want to manage the primary email address for the user, then they’ll need to be disabled for email address policies.
For more on this read the following article:
For Office 365 tenants there are no email address policies. Therefore all management of both primary and secondary email addresses can be performed using PowerShell. The same techniques shown in the link above can be used, or we can use a script to perform bulk changes.
Summary
In this article I’ve covered the various methods that can be used to add new email address to multiple users. You’ve seen that there are multiple techniques that can be used, depending on whether you are managing an on-premises, Hybrid, or cloud-only organization, and also depending on how many recipients you want to modify.
Hi Paul,
Interesting question to you 🙂
Scenario:
3 organisations are merging.
Organisation A, B and C.
All organisations have their own Office 365 tenants.
Organisations A and B are part of one parent Office 365 tenant.
Organisation C has its own Office 365 domain and not part of the parent that A and B are part of.
The email domain for all 3 organisations are to be changed and will become a new email domain.
Since organisations A and B are already part of one parent domain, the change wont be dramatic, as the new email domain can be added as an alias and wont affect the logins for the users. Is that correct to assume ?
But how can the new email domain be integrated into Organisation C, without affecting the users ?
One way I can think of is having the new email domain hosted for Organisation C at the other parent domain and have the emails coming to the new domain forwarded onto the email domain at Organisation C. That will solve the incoming email issue once the new email domain is setup. but how can the users for organisation C respond to those emails using the new domain ?
Option of migrating the users’ mailboxes of organisation C, to the parent tenant owning orgs A and B are not an option, due to affect to org C users.
Please assist with your expertise.
But the
What if the mailbox for a user is only created in O365 (as not migrated from on prem) but I need to add other email addresses that I have on prem, can the email address policies on prem apply to mailboxes created in O365?
Hi Paul,
What if we need to find users that don’t have a certain domain as an alias or Primary SMTP address. When we do get-mailbox, it list’s all the email address of the user. I tried a filter with -notlike, but it seems to return all users again. Below is what I ran:
$Users = Get-User -RecipientTypeDetails UserMailbox -Resultsize Unlimited | Where {$_.useraccountcontrol -notlike “*accountdisabled*”} | Get-mailbox | where {$_.emailaddresses -notlike “*@domain.net”}
what I’m trying to do is find users missing @domain.net
Hello Paul, I have several domains at my office 365, there is list of employees which primary mail address are on @example.com, I want to add to these users (more than 200) other mail as alias same username and different domain @2nddomain.com, is there any script or somehow to do it easy way for all of them ?
Hi- I am currently in an office with 21 employees and 3 seperate email domains. We want to somehow create one Calendar for our Conference Room that can automatically integrate with everyones existing exchange calendar, to be able to see when the room is booked or not booked. There are big companies that do this for you but usually its for many different rooms and it is expensive. I have heard this might be possible using Powershell but I am not sure how to go about doing this. Do all the 365 admins have download powershell? Please help!
is possible to make an alias for the entire domain
for example
mo.po.ui
to have the same domain as an alias for mo2.po.ui?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
I don’t understand your question, sorry.
Hi Paul, please you assist. I need a command to add secondary smtp address on exchange 2007 for bulk users or entire environment
OK – so with O365 – I have a select number of employees that need multiple sending&receiving addresses. e.g. Our CEO is a founder/partner/owner of 5 different companies. There are certain groups within the business that follow his structure – e.g. shared resources – accounts/sales/marketing etc.
Ideally we can give him/them a single logon “identity” and then they will have multiple mailboxes. Whats the best way to do this without major hassle and 5 different logins/passwords and confusing number of mailboxes etc etc.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
If they need to send as different email addresses, the only way to do that is create separate mailboxes and give them send-as rights for each one. Shared mailboxes work fine for this purpose.
Unfortunately Exchange/Outlook still don’t allow us to choose an alias of our own mailbox to send as, it needs to be another mailbox.
OK – thanks Paul – Shared Mailboxes is the way to go on this – good to get your take on it.
Thanks as always –
BTW – looking forward to your new class on pluralsight!
Paul, I’m not clear if I will be able to reply using the different email addresses, ie depending on which email the mail was sent to could I reply with different email addresses?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
No, Exchange doesn’t work like that. Only the primary email address is used for emails that you send or reply to. Secondary email addresses are just for receiving email.
What if there is already the same alias for 1 user?
Will the policy skip or will there be an error?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
The policy will append a unique value (I think it’s a single digit but I can’t remember) to the email address if there’s already a recipient with that address.
I have used this is a shared user mailbox environment before.