XADM: Creating a Mail-Enabled User That Is a Windows 2000 Security Principal (233506)


The information in this article applies to:

  • Microsoft Exchange 2000 Server
This article was previously published under Q233506

SUMMARY

Simply defined, a mail-enabled object is a Microsoft Windows 2000 Active Directory object that has at least one e-mail address defined. An Exchange 2000 Contact is an example of a mail-enabled object because it has an e-mail address defined.

However, a mail-enabled user object in Windows 2000 can be of two types:

The user object is not a Windows 2000 Active Directory security principal (and therefore cannot log on) for example, a Contact.

-or-

The user object is a Windows 2000 Active Directory security principal and can log on (mostly used when the user has e-mail on a different system).

It is quite simple to create contacts through the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in but the process of creating a mail-enabled user that is a Windows 2000 security principal is not as straightforward. This article outlines the steps to create a mail-enabled user that is a Windows 2000 security principal.

MORE INFORMATION

This is a two-step process; the first step is the creation of a Windows 2000 user with no Exchange mailbox, and the second step is the process of assigning an e-mail address to the user.

Step I

  1. In the Active Directory Users and Computers MMC snap-in, click the Users container in the left-pane.
  2. Right-click it, click New, and then click User.
  3. In the Create New Object box, type the First name and Last name as well as the User logon name.
  4. Click Next.
  5. Type a password and then confirm the password for the user, and then click Next.
  6. Click to clear the Create an Exchange mailbox check box, which is checked by default.

    NOTE: If you leave this option checked, you create a mailbox-enabled user with a Home messaging database specified.
  7. Click Next, and then click Finish.
At this point, a Windows 2000 user is created. This user can log on but has no e-mail address or Exchange mailbox.

Step II

  1. In Active Directory Users and Computers MMC, click the Users container in the left pane, and look for the newly created user in the right pane.
  2. Click the newly created user, right-click, and then click Enable Exchange Mail.
  3. In the Enable Exchange Mail box, click Modify.
  4. In the New E-mail Address box, click an e-mail address type such as SMTP Address, and then click OK.
  5. In the Address properties box, type the e-mail address, and then click OK.
  6. Click OK in the Enable Exchange Mail box.
At this point, the newly created user has an e-mail address assigned. However, the user does not have an Exchange mailbox, making it a mail-enabled user object but NOT a mailbox-enabled user object. This type of mail-enabled user object is different from the Contact type of mail-enabled user object, in that it is Windows 2000 security principal, and therefore, can log on.
Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbhowto KB233506
©2004 Microsoft Corporation. All rights reserved.