Exchange 2010 Remote Powershell - New-Mail integration with Active Directory Add User RRS feed

  • Question

  • I am struggling with how to create a new Exchange Mailbox, using the Exchange 2010 Remote Powershell New-Mail cmdlet and assign the user to a specific OragizationUnit (ie. OU).  Can this be done?  If so how?
    Using the #1 code sample below, I can create a mailbox in Exchange but there is no way to set the AD OU when it is creates the AD user, even when setting the UPN to the entire email address.
    Alternately, using the #2 code sample below, I can create an AD User in the proper AD OU, but I cannot then create a mailbox in Exchange and link it to that AD User.
      #1 Exchange 2010 Remote Powershell New-Mail sample:
       using (Runspace runspace = RunspaceFactory.CreateRunspace(connectionInfoExchange))
        using (PowerShell powershell = PowerShell.Create())
         powershell.AddParameter("UserPrincipalName", emailaddress);    // unique in Exchange Account to login & read email
         powershell.AddParameter("Alias", alias);            // Exchange Alias
         powershell.AddParameter("Name", useraccount);         // unique in AD User account name
         powershell.AddParameter("Password", ToSecureString(password));
         powershell.AddParameter("PrimarySmtpAddress", emailaddress);
         powershell.AddParameter("Database", "MigrationProject");
         powershell.AddParameter("FirstName", firstname);
         powershell.AddParameter("LastName", lastname);
         powershell.AddParameter("DisplayName", firstname + " " + lastname); // Exchange general
         powershell.AddParameter("ResetPasswordOnNextLogon", false);
         powershell.Runspace = runspace;
         Collection<PSObject> results = powershell.Invoke();
         foreach (PSObject result in results)
          Console.WriteLine("UserPrincipalName = " + result.Properties["UserPrincipalName"].Value.ToString());
          Console.WriteLine("DisplayName = " + result.Properties["DisplayName"].Value.ToString());

      #2 Active Directory create User in OraganizationUnit sample:
         DirectoryEntries activeDirectory = new DirectoryEntry("LDAP://soniceaglehq/OU=" + organizationunit + ",DC=soniceaglehq,DC=com", "xxxx", "xxxx!").Children;
         DirectoryEntry addUser = activeDirectory.Add("CN=" + accountname, "User");
         addUser.Properties["userPrincipalName"].Value = emailaddress;
         addUser.Properties["givenName"].Value = firstname;
         addUser.Properties["sn"].Value = lastname;
         addUser.Properties["displayName"].Value = firstname + " " + lastname;
         addUser.Properties["samAccountName"].Value = accountname;
         addUser.Properties["mail"].Value = emailaddress;
         addUser.Properties["company"].Value = organizationunit;
         addUser.Properties["description"].Value = "Created " + DateTime.Now.ToLongDateString() + " by Exchange Migration";
         if (Guid.TryParse(addUser.Guid.ToString(), out userGuid))
          addUser.Invoke("SetPassword", new object[] { password });
        catch (Exception)
         Console.WriteLine("Failed to create the Active Directory account for '" + emailaddress + "'");

    Tuesday, August 30, 2011 5:24 PM

All replies

  • The New-Mailbox cmdet has an OrganizationalUnit parameter. That cmdlet will create the AD user account and mailbox enable it. If the user has already been created, use the Enable-Mailbox cmdlet to mailbox enable the account.


    Mike Pfeiffer | blog: | twitter: @mike_pfeiffer
    Tuesday, August 30, 2011 6:20 PM
  • Mike, First, thank you for your help... much appreciate!
    I was hopeful but this doesn't work and here's why:  The New-Mailbox cmdlet DOES have an OrganizationalUnit parameter, but it is a "Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter" data type, not a String.  I can't seem to find the assembly containing this namespace.  If you know that, I own you big time :)
    And, I tried the Enable-Mailbox and it cannot enable a nonexistant Exchange mailbox... 
    So to recap; I can create an AD User in an OU=Company with an email address like  After that, if I call New-Mailbox with the UPN= then no mailbox is created.  However,  if I call New-Mailbox with the UPN= bubba the a new mailbox is created but in the default OU=Users --- not what I want.  Similarly, if I simply call New-Mailbox fist, without creating the AD User with the UPN=, the mailbox is created but again the AD User is not assigned in the right OU.
    Setting the OrganizationalUnit parameter seems key.  Seems like it should be able to take a string data type, instead of a "Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter" type.  Like 
        powershell.AddParameter("OrganizationUnit", "Company")
    but no it doesn't.   I even tried Set-MailBox but again doesn't let me do what I need.
    • Edited by mangia Tuesday, September 6, 2011 7:18 PM
    Tuesday, August 30, 2011 6:50 PM
  • That parameter will accept a string value, you can verify that through testing it out in the shell. I just tested this code to create a mailbox and it worked fine:

    powershell.AddParameter("Name", "Nigel Jones");
    powershell.AddParameter("UserPrincipalName", "njones@uss.local");
    powershell.AddParameter("Password", toSecureString("P@ssword01"));
    powershell.AddParameter("OrganizationalUnit", "uss.local/sales");

    Try using the canonical or distinguished name of the OU to see if that resolves your issue. To answer your other question though, I think most of those types are in the assembly that gets installed in the bin folder on a machine where you install the Exchange 2010 tools.

    Mike Pfeiffer | blog: | twitter: @mike_pfeiffer
    Saturday, September 3, 2011 6:03 PM
  • Hi Chris

    Try this

    A bit different but hope this helps

    • Proposed as answer by Daffy777 Tuesday, September 6, 2011 5:21 AM
    Tuesday, September 6, 2011 5:20 AM
  • Daffy777

    Yes, this approach works and is what I needed, but I still don't understand why this other, much cleaner approach doesn't work.


    Tuesday, September 6, 2011 7:23 PM
  • Mike,
    I appreciate the suggestion but the inteface wants a "Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter" type, not a string.
    But the plot thickens ... (does anyone but me ever get the feeing your the only one trying to do something like this?? :)
    I retried adding a reference to the Microsoft.Exchange.Configuration.Objectmodel.dll assembly like suggested and this lead me down a new path:
    In order to instanciate a new Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter data type, I needed to add references to (all found in the Exchange 2010 bin folder as suggested):
    I create a OrganizationalUnitIdParameter providing a string 'Identity', using either the 'emailaddress' or the 'organizationunit'  .  Using your example where the emailaddress = njones@uss.local, or organizationunit =  'uss.local'
    Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter organizationalUnitIdParameter = 
    new Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter(emailaddress); : powershell.AddParameter("OrganizationalUnit", organizationalUnitIdParameter); :
    I now get a deserializing error message:
    Cannot process argument transformation on parameter 'OrganizationalUnit'. Cannot convert the "interorealestate-beta" value of type "Deserialized.Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter" to type "Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter".

    I saw some other post ( taking about this type is not sorrport on 'On-Premise' installations : "This parameter is available for multi-tenant deployments. It isn't available for on-premises deployments". 
    Could this be the reason?  Any other ideas?

    • Edited by mangia Wednesday, September 7, 2011 5:28 PM updated & revised nformation
    Tuesday, September 6, 2011 7:25 PM