I recently found myself in a spot where I needed to troubleshoot a delegate issue--a user was set as a delegate but no longer was with the company and didn't have a mailbox anymore, so periodic NDRs were being generated for mail destined for the delegate.
To discover all of the mailbox for which this person had been a delegate, I ran the command (on a domain controller or machine that had ldifde.exe):
ldifde -f delegates.txt -d "dc=domain,dc=com" -r "(publicDelegatesBL=CN=First Last,OU=AppropriateOU,dc=domain,dc=com)" -l name,publicDelegatesBL
Active Directory holds delegate information in two attributes--publicDelegates (listing which users are delegates of "n" mailbox) and publicDelegatesBL (listing which users "n" mailbox is a delegate of).
To find out all of the the mailbox of Aaron Guilmette in OU=Home,DC=aaronguilmette,DC=com:
ldifde -f delegates.txt -d "dc=domain,dc=com" -r "(publicDelegates=CN=Aaron Guilmette,OU=Home,DC=aaronguilmette,DC=com)" -l name,publicDelegates
To find out all of the mailboxes for which Aaron Guilmette in OU=Home,DC=aaronguilmette,DC=com is a delegate:
ldifde -f delegates.txt -d "dc=domain,dc=com" -r "(publicDelegatesBL=CN=Aaron Guilmette,OU=Home,DC=aaronguilmette,DC=com)" -l name,publicDelegatesBL
To find out all of the delegate relationships for a domain:
ldifde -f delegates.txt -d "dc=domain,dc=com" -r "((publicDelegates=*)(publicDelegatesBL=*))" -l name,publicDelegates,publicDelegatesBL
Hope this is helpful to some of you.
No comments:
Post a Comment