Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-11-08

Use the Update-Recipient cmdlet to add Microsoft Exchange Server 2010 attributes to recipient objects created by the global address list (GAL) synchronization management agent in Identity Lifecycle Manager (ILM) 2007. The recipient objects you modify using this cmdlet must reside on a server running Exchange 2010.


Update-Recipient -Identity <RecipientIdParameter> [-Confirm [<SwitchParameter>]] [-Credential <PSCredential>] [-DomainController <Fqdn>] [-WhatIf [<SwitchParameter>]]

Detailed Description

Because of mergers, acquisitions, or legal requirements, customers may need to deploy Exchange in a multiple Exchange forest topology. These deployments require the synchronization of recipient objects across disparate Active Directory forests.

Microsoft provides the GAL synchronization management agent for synchronizing recipient objects. The version of the GAL synchronization management agent included in Microsoft Identity Integration Server (MIIS) 2003 was designed to work with Exchange Server 2003 and relied on the Recipient Update Service (RUS). Because RUS is a deprecated feature and is no longer required, the new GAL synchronization management agent included in ILM 2007 is designed to function without RUS.

As part of the synchronization process, the ILM 2007 GAL synchronization management agent creates recipient objects in both Active Directory forests. After the recipients are created, the management agent uses the Update-Recipient cmdlet to add the attributes required by Exchange 2010 or Exchange 2007 to complete the provisioning of these recipients.

In Exchange 2010, before you can run the Update-Recipient cmdlet to convert an Active Directory user object into an Exchange 2010 mailbox, you must stamp the user object with the following three mandatory Exchange attributes:

  • homeMDB

  • mailNickname

  • msExchHomeServerName

If you're using MIIS 2003, you must run various cmdlets to complete the provisioning process of the mail contacts created by the GAL synchronization management agent. The Update-Recipient cmdlet provides an alternate and more efficient method to do this. You can run the Update-Recipient cmdlet against the recipient objects created by the MIIS 2003 GAL synchronization management agent to complete the provisioning process.

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Recipient Provisioning Permissions" section in the Mailbox Permissions topic.


Parameter Required Type Description




The Identity parameter specifies the recipient.

This parameter accepts the following values:

  • Alias

    Example: JPhillips

  • Canonical DN

    Example: Atlanta.Corp.Contoso.Com/Users/JPhillips

  • Display Name

    Example: Jeff Phillips

  • Distinguished Name (DN)

    Example: CN=JPhillips,CN=Users,DC=Atlanta,DC=Corp,DC=contoso,DC=com

  • Domain\Account

    Example: Atlanta\JPhillips

  • GUID

    Example: fb456636-fe7d-4d58-9d15-5af57d0354c2

  • Immutable ID


  • Legacy Exchange DN

    Example: /o=Contoso/ou=AdministrativeGroup/cn=Recipients/cn=JPhillips

  • SMTP Address


  • User Principal Name





The Confirm switch causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm switch.




The Credential parameter specifies the user name and password to use to access Active Directory.

This parameter requires the creation and passing of a credential object. This credential object is created by using the Get-Credential cmdlet. For more information, see Get-Credential.




The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.




The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch.

Input Types

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

Return Types

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.



This example adds Exchange 2010 attributes to the mail contact that represents John Smith's mailbox.

Copy Code
Update-Recipient -Identity "John Smith"


This example updates all contacts in a specific organizational unit (OU). This example assumes that recipients are synchronized between two forests, and, and all the synchronized recipients from the domain are stored in a specific OU called Users in the domain.

Copy Code
Get-MailContact -OrganizationalUnit " Users" | Update-Recipient