Find any E-Mail Address or Proxy Address In Active Directory

Here is another common request for any Exchange or Unified Communications administrator. Someone will usually pop by and ask, “Who has this e-mail address?” The address could be one of many different types of objects. A user mailbox, shared mailbox, distribution list, public folder, contact or resource could all contain that specific e-mail address. The problem with the Exchange Management Console in Exchange 2010 does not allow you to find any e-mail address only the primary. The Exchange 2013 and Office 365 Exchange Admin Center do allow you to search through Advanced Search > EmailAddresses but it does not allow wild card searches and you must search each type (mailbox, group, resource, contact) separately. There may also be times where a duplicate address was assigned as direct access to Active Directory does allow for a duplicate e-mail address causing delivery failures. If you are looking from simply an Exchange perspective the Exchange commandlets will work fine. You may need to use the Active Directory commandlets which will search items not enabled within Exchange. Here are the examples along with a function example allowing you to quickly look for an e-mail address or e-mail addresses in the future.

Exchange Commandlets
Step #1: The following Exchange commandlet is the easiest method to find a specific e-mail address or portion of an e-mail address. This will find any object within Exchange that has an exact match to the e-mail address you place in the filter with -eq or email portion when using -like.

Get-Recipient email@yourdomain.com

Get-Recipient -Filter {EmailAddresses -like "*emailportion*"}

Step #2: The following examples highlight the individual commandlets that target and return the specific Exchange object types. You can substitute -eq with -like to include wild cards.

Get-Mailbox -Filter {EmailAddresses -eq "email@yourdomain.com" -or WindowsEmailAddress -eq "email@yourdomain.com"}

Get-MailboxContact -Filter {EmailAddresses -eq "email@yourdomain.com" -or WindowsEmailAddress -eq "email@yourdomain.com"}

Get-DistributionGroup -Filter {EmailAddresses -eq "email@yourdomain.com" -or WindowsEmailAddress -eq "email@yourdomain.com"}

Get-MailUser -Filter {EmailAddresses -eq "email@yourdomain.com" -or WindowsEmailAddress -eq "email@yourdomain.com"}

Active Directory Commandlets
Pre-Step: Before proceeding you may need to import the Active Directory commandlets on older versions of PowerShell. Check into Step #4 for the Exchange commandlets that will also work in Office 365.

Import-Module ActiveDirectory

Step #1A: The following example will find any active directory object that has an exact match to the e-mail address you place in the filter ie. email@yourdomain.com in this case.

Get-ADObject -Properties mail, proxyAddresses -Filter {mail -eq "email@yourdomain.com" -or proxyAddresses -eq "smtp:email@yourdomain.com"}

Step #1B: There may be times when you want to search just a portion of the e-mail address. Perhaps you don’t know the exact spelling or domain that is used and you want to grab each one that is similar. This filter will also grab not only smtp addresses but other types such as x500: eum: sip: etc.

Get-ADObject -Properties mail, proxyAddresses -Filter {mail -like "*emailportion*" -or proxyAddresses -like "*emailportion*"}

Step #1C: The third option is to use a LDAP query to find the matching object. The following LDAP query uses a | as an OR statement to look for the address in both the mail and proxyAddresses attributes.

Get-ADObject -LDAPFilter "(|(mail=email@yourdomain.com)(proxyAddresses=smtp:email@yourdomain.com))"

Step #1D: The following LDAP query adds a wild card to the search which also allows you to find a portion of the e-mail address if you do not know the specifics.

Get-ADObject -LDAPFilter "(|(mail=*emailportion*)(proxyAddresses=*emailportion*))"

Step #2: The next step I will show you is how to search the different type of email addresses that may exist. These types may be x500: eum: sip: etc. All you need to do is place the prefix and email portion in the proxyAddresses filter. This example looks for a sip address of email@yourdomain.com.

Get-ADObject -Properties proxyAddresses -Filter {proxyAddresses -eq "sip:email@yourdomain.com"}

Step #3: Here we create a function that accepts input to find an e-mail address of any type. I utilize the -like and wildcards to catch all possible types. You can simply create the function in PowerShell to be able to check any address later with a lot less effort.

function Get-EmailAddress
{
	[CmdletBinding()]
	param
	(
		[Parameter(Mandatory = $True,
				   ValueFromPipeline = $True,
				   ValueFromPipelineByPropertyName = $True,
				   HelpMessage = 'What e-mail address would you like to find?')]
		[string[]]$EmailAddress
	)
	
	process
	{		
		foreach ($address in $EmailAddress)
		{
			Get-ADObject -Properties mail, proxyAddresses -Filter "mail -like '*$address*' -or proxyAddresses -like '*$address*'"
		}
	}
}

As with all of my posts, I look forward to any questions or scenarios that you have in your environment. If you have any questions please post below.

19 Responses

  1. Mohammad Afzal says:

    This is a nice post. I am trying to get specific proxyaddress with fistname.lastname variables.

    Get-Recipient {$_.emailaddress -like firstname.lastname@yourdomain.com}

    But, no success. Appreciate any help.

  2. Todd says:

    I have been looking for a solution to find out where in exchange/AD an email address is stored and stumbled on this. Thank you. Very useful scripts, Thank you, The email address remains to be found unfortunately. Everything is working; I just don’t like seeing his name heh.

    I have some offsite journaling happening and in the Queue it shows an email address in the “From Address” of an old admin, and I continue to fail to find where he is hiding.

    • Steve Parankewich says:

      Any application or service can display any “From:” address even if it doesn’t exist in Exchange. If you e-mail the address and it gets bounced than you know it doesn’t exist. mail and proxyaddresses should be the only attributes you need to search.

  3. Lee Davila says:

    Hi Steve, Very cool scripts! We have a number of external contacts who’ve switched their email domain. I’ve been able to ID them, with Get-Recipient -Filter {EmailAddresses -like “*emaildomain*”}, any idea on how I could then change their email domains en masse? Thanks in advance!

    • Steve Parankewich says:

      Definitely I have done this many times, I’ll get a post up on it.

      • Justin says:

        Did you ever post on how to change or remove a certain email address (one out of several users have) en masse? Filters are fine but can’t figure out how to manipulate just that one email address.

  4. Nate says:

    Excellent post. Thanks for all of the options.

  5. Tilo says:

    note, the Get-ADUser filter seems not support the case sensitive search (clike)

  6. Bob Gentry says:

    Steve,
    What if I have two domains (trust) and some users are in both and what I want to do is target users to add them to a group but if they have accounts in both domains I only want to add the account that has a SIP or SMTP address under “Proxy Addresses” in AD?
    Thanks!

    • Steve Parankewich says:

      I would use if then statements looking at proxyaddresses attribute. For example:
      $user = get-aduser user -server domain1 -properties proxyaddresses
      if ($user.proxyaddresses -like “*”) {add-adgroupmember -identity group -members $user}

  7. Gift says:

    I have a requirement that is similar to this:

    I will be receiving emails attachments from more than one sources into a common email:
    a@domain.com and b@domain.com
    into collections@mydomain.com

    I want to download the files location called C:\AFiles if the email is from a@domain.com and also into C:\BFiles if it is from b@domain.com

    finally Delete the files from collection@mydomain.com

    I have enabled AD Features installation under Server manager on my Server but my Exchange Server is less than 2010. These command are not working on my power shell with error that Get-recipient is not a recognizable cmdlet

    Any help or insight why this is happening?

    • Steve Parankewich says:

      You need to install the Exchange Administration Tools from the Exchange install media. 2010 will also include the EMC but 2013+ will only include the PowerShell commandlets. The other option is to import the commandlets by connecting remotely to your Exchange server.

  8. Gift says:

    Additional comment:

    Running Exchange 2010 SP3

  1. October 23, 2015

    […] commandlets, including LDAP query syntax, as well as the Exchange commandlets. Head on over to PowerShellBlogger.com for the full […]

  2. December 21, 2016

    […] Find any E-Mail Address or Proxy Address In Active Directory […]

  3. July 10, 2018
  4. October 9, 2018

    […] Source […]

Leave a Reply

Your email address will not be published. Required fields are marked *