Find any E-Mail Address or Proxy Address In Active Directory

Here is another common request for any Exchange or Unified Communications administrator. Someone will usually pop by and ask, “Who has this e-mail address?” The address could be one of many different types of objects. A user mailbox, shared mailbox, distribution list, public folder, contact or resource could all contain that specific e-mail address. The problem with the Exchange Management Console in Exchange 2010 does not allow you to find any e-mail address only the primary. The Exchange 2013 and Office 365 Exchange Admin Center do allow you to search through Advanced Search > EmailAddresses but it does not allow wild card searches and you must search each type (mailbox, group, resource, contact) separately.┬áThere may also be times where a duplicate address was assigned as direct access to Active Directory does allow for a duplicate e-mail address causing delivery failures. If you are looking from simply an Exchange perspective the Exchange commandlets will work fine. You may need to use the Active Directory commandlets which will search items not enabled within Exchange. Here are the examples along with a function example allowing you to quickly look for an e-mail address or e-mail addresses in the future.

Exchange Commandlets
Step #1: The following Exchange commandlet is the easiest method to find a specific e-mail address or portion of an e-mail address. This will find any object within Exchange that has an exact match to the e-mail address you place in the filter with -eq or email portion when using -like.

Step #2: The following examples highlight the individual commandlets that target and return the specific Exchange object types. You can substitute -eq with -like to include wild cards.

Active Directory Commandlets
Pre-Step: Before proceeding you may need to import the Active Directory commandlets on older versions of PowerShell. Check into Step #4 for the Exchange commandlets that will also work in Office 365.

Step #1A: The following example will find any active directory object that has an exact match to the e-mail address you place in the filter ie. in this case.

Step #1B: There may be times when you want to search just a portion of the e-mail address. Perhaps you don’t know the exact spelling or domain that is used and you want to grab each one that is similar. This filter will also grab not only smtp addresses but other types such as x500: eum: sip: etc.

Step #1C: The third option is to use a LDAP query to find the matching object. The following LDAP query uses a | as an OR statement to look for the address in both the mail and proxyAddresses attributes.

Step #1D: The following LDAP query adds a wild card to the search which also allows you to find a portion of the e-mail address if you do not know the specifics.

Step #2: The next step I will show you is how to search the different type of email addresses that may exist. These types may be x500: eum: sip: etc. All you need to do is place the prefix and email portion in the proxyAddresses filter. This example looks for a sip address of

Step #3: Here we create a function that accepts input to find an e-mail address of any type. I utilize the -like and wildcards to catch all possible types. You can simply create the function in PowerShell to be able to check any address later with a lot less effort.

As with all of my posts, I look forward to any questions or scenarios that you have in your environment. If you have any questions please post below.

Print Friendly, PDF & Email


  1. Pingback: Find any E-Mail Address or Proxy Address In Active Directory »

  2. Todd

    I have been looking for a solution to find out where in exchange/AD an email address is stored and stumbled on this. Thank you. Very useful scripts, Thank you, The email address remains to be found unfortunately. Everything is working; I just don’t like seeing his name heh.

    I have some offsite journaling happening and in the Queue it shows an email address in the “From Address” of an old admin, and I continue to fail to find where he is hiding.

    1. Steve Parankewich

      Any application or service can display any “From:” address even if it doesn’t exist in Exchange. If you e-mail the address and it gets bounced than you know it doesn’t exist. mail and proxyaddresses should be the only attributes you need to search.

  3. Hi Steve, Very cool scripts! We have a number of external contacts who’ve switched their email domain. I’ve been able to ID them, with Get-Recipient -Filter {EmailAddresses -like “*emaildomain*”}, any idea on how I could then change their email domains en masse? Thanks in advance!

      1. Justin

        Did you ever post on how to change or remove a certain email address (one out of several users have) en masse? Filters are fine but can’t figure out how to manipulate just that one email address.

  4. Pingback: A Christmas week link list - Savage Nomads

  5. Bob Gentry

    What if I have two domains (trust) and some users are in both and what I want to do is target users to add them to a group but if they have accounts in both domains I only want to add the account that has a SIP or SMTP address under “Proxy Addresses” in AD?

    1. Steve Parankewich

      I would use if then statements looking at proxyaddresses attribute. For example:
      $user = get-aduser user -server domain1 -properties proxyaddresses
      if ($user.proxyaddresses -like “*”) {add-adgroupmember -identity group -members $user}

  6. Gift

    I have a requirement that is similar to this:

    I will be receiving emails attachments from more than one sources into a common email: and

    I want to download the files location called C:\AFiles if the email is from and also into C:\BFiles if it is from

    finally Delete the files from

    I have enabled AD Features installation under Server manager on my Server but my Exchange Server is less than 2010. These command are not working on my power shell with error that Get-recipient is not a recognizable cmdlet

    Any help or insight why this is happening?

    1. Steve Parankewich

      You need to install the Exchange Administration Tools from the Exchange install media. 2010 will also include the EMC but 2013+ will only include the PowerShell commandlets. The other option is to import the commandlets by connecting remotely to your Exchange server.

Leave a Reply

Your email address will not be published. Required fields are marked *