Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-11-16

Use the New-MailUser cmdlet to create a mail-enabled user.

Syntax

New-MailUser -Name <String> -ExternalEmailAddress <ProxyAddress> [-Alias <String>] [-ArbitrationMailbox <MailboxIdParameter>] [-Confirm [<SwitchParameter>]] [-DisplayName <String>] [-DomainController <Fqdn>] [-ExternalDirectoryObjectId <String>] [-FirstName <String>] [-ImmutableId <String>] [-Initials <String>] [-LastName <String>] [-MacAttachmentFormat <BinHex | UuEncode | AppleSingle | AppleDouble>] [-MessageBodyFormat <Text | Html | TextAndHtml>] [-MessageFormat <Text | Mime>] [-ModeratedBy <MultiValuedProperty>] [-ModerationEnabled <$true | $false>] [-Organization <OrganizationIdParameter>] [-OrganizationalUnit <OrganizationalUnitIdParameter>] [-OverrideRecipientQuotas <SwitchParameter>] [-PartnerObjectId <Guid>] [-PrimarySmtpAddress <SmtpAddress>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SendModerationNotifications <Never | Internal | Always>] [-SKUAssigned <$true | $false>] [-SKUCapability <None | BPOS_S_Deskless | BPOS_S_Standard | BPOS_S_Enterprise | BPOS_S_Archive | BPOS_L_Standard | BPOS_B_Standard | TOU_Signed | FederatedUser | Partner_Managed | MasteredOnPremise | ResourceMailbox | ExcludedFromBackSync | UMFeatureRestricted | RichCoexistence>] [-UsageLocation <CountryInfo>] [-UsePreferMessageFormat <$true | $false>] [-WhatIf [<SwitchParameter>]]
New-MailUser -Name <String> -ExternalEmailAddress <ProxyAddress> -Password <SecureString> -UserPrincipalName <String> [-Alias <String>] [-ArbitrationMailbox <MailboxIdParameter>] [-Confirm [<SwitchParameter>]] [-DisplayName <String>] [-DomainController <Fqdn>] [-ExternalDirectoryObjectId <String>] [-FirstName <String>] [-ImmutableId <String>] [-Initials <String>] [-LastName <String>] [-MacAttachmentFormat <BinHex | UuEncode | AppleSingle | AppleDouble>] [-MessageBodyFormat <Text | Html | TextAndHtml>] [-MessageFormat <Text | Mime>] [-ModeratedBy <MultiValuedProperty>] [-ModerationEnabled <$true | $false>] [-Organization <OrganizationIdParameter>] [-OrganizationalUnit <OrganizationalUnitIdParameter>] [-OverrideRecipientQuotas <SwitchParameter>] [-PartnerObjectId <Guid>] [-PrimarySmtpAddress <SmtpAddress>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SendModerationNotifications <Never | Internal | Always>] [-SKUAssigned <$true | $false>] [-SKUCapability <None | BPOS_S_Deskless | BPOS_S_Standard | BPOS_S_Enterprise | BPOS_S_Archive | BPOS_L_Standard | BPOS_B_Standard | TOU_Signed | FederatedUser | Partner_Managed | MasteredOnPremise | ResourceMailbox | ExcludedFromBackSync | UMFeatureRestricted | RichCoexistence>] [-UsageLocation <CountryInfo>] [-UsePreferMessageFormat <$true | $false>] [-WhatIf [<SwitchParameter>]]
New-MailUser -Name <String> -Password <SecureString> -WindowsLiveID <WindowsLiveId> [-Alias <String>] [-ArbitrationMailbox <MailboxIdParameter>] [-Confirm [<SwitchParameter>]] [-DisplayName <String>] [-DomainController <Fqdn>] [-EvictLiveId <SwitchParameter>] [-ExternalDirectoryObjectId <String>] [-ExternalEmailAddress <ProxyAddress>] [-FirstName <String>] [-ImmutableId <String>] [-Initials <String>] [-LastName <String>] [-ModeratedBy <MultiValuedProperty>] [-ModerationEnabled <$true | $false>] [-Organization <OrganizationIdParameter>] [-OrganizationalUnit <OrganizationalUnitIdParameter>] [-OverrideRecipientQuotas <SwitchParameter>] [-PartnerObjectId <Guid>] [-PrimarySmtpAddress <SmtpAddress>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SendModerationNotifications <Never | Internal | Always>] [-SKUAssigned <$true | $false>] [-SKUCapability <None | BPOS_S_Deskless | BPOS_S_Standard | BPOS_S_Enterprise | BPOS_S_Archive | BPOS_L_Standard | BPOS_B_Standard | TOU_Signed | FederatedUser | Partner_Managed | MasteredOnPremise | ResourceMailbox | ExcludedFromBackSync | UMFeatureRestricted | RichCoexistence>] [-UsageLocation <CountryInfo>] [-WhatIf [<SwitchParameter>]]
New-MailUser -Name <String> -UseExistingLiveId <SwitchParameter> -WindowsLiveID <WindowsLiveId> [-Alias <String>] [-ArbitrationMailbox <MailboxIdParameter>] [-BypassLiveId <SwitchParameter>] [-Confirm [<SwitchParameter>]] [-DisplayName <String>] [-DomainController <Fqdn>] [-ExternalDirectoryObjectId <String>] [-ExternalEmailAddress <ProxyAddress>] [-FirstName <String>] [-ImmutableId <String>] [-Initials <String>] [-LastName <String>] [-ModeratedBy <MultiValuedProperty>] [-ModerationEnabled <$true | $false>] [-NetID <NetID>] [-Organization <OrganizationIdParameter>] [-OrganizationalUnit <OrganizationalUnitIdParameter>] [-OverrideRecipientQuotas <SwitchParameter>] [-PartnerObjectId <Guid>] [-PrimarySmtpAddress <SmtpAddress>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SendModerationNotifications <Never | Internal | Always>] [-SKUAssigned <$true | $false>] [-SKUCapability <None | BPOS_S_Deskless | BPOS_S_Standard | BPOS_S_Enterprise | BPOS_S_Archive | BPOS_L_Standard | BPOS_B_Standard | TOU_Signed | FederatedUser | Partner_Managed | MasteredOnPremise | ResourceMailbox | ExcludedFromBackSync | UMFeatureRestricted | RichCoexistence>] [-UsageLocation <CountryInfo>] [-WhatIf [<SwitchParameter>]]
New-MailUser -Name <String> -ImportLiveId <SwitchParameter> -WindowsLiveID <WindowsLiveId> [-Alias <String>] [-ArbitrationMailbox <MailboxIdParameter>] [-Confirm [<SwitchParameter>]] [-DisplayName <String>] [-DomainController <Fqdn>] [-ExternalDirectoryObjectId <String>] [-ExternalEmailAddress <ProxyAddress>] [-FirstName <String>] [-ImmutableId <String>] [-Initials <String>] [-LastName <String>] [-ModeratedBy <MultiValuedProperty>] [-ModerationEnabled <$true | $false>] [-Organization <OrganizationIdParameter>] [-OrganizationalUnit <OrganizationalUnitIdParameter>] [-OverrideRecipientQuotas <SwitchParameter>] [-PartnerObjectId <Guid>] [-PrimarySmtpAddress <SmtpAddress>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SendModerationNotifications <Never | Internal | Always>] [-SKUAssigned <$true | $false>] [-SKUCapability <None | BPOS_S_Deskless | BPOS_S_Standard | BPOS_S_Enterprise | BPOS_S_Archive | BPOS_L_Standard | BPOS_B_Standard | TOU_Signed | FederatedUser | Partner_Managed | MasteredOnPremise | ResourceMailbox | ExcludedFromBackSync | UMFeatureRestricted | RichCoexistence>] [-UsageLocation <CountryInfo>] [-WhatIf [<SwitchParameter>]]
New-MailUser -Name <String> -FederatedIdentity <String> -WindowsLiveID <WindowsLiveId> [-Alias <String>] [-ArbitrationMailbox <MailboxIdParameter>] [-Confirm [<SwitchParameter>]] [-DisplayName <String>] [-DomainController <Fqdn>] [-EvictLiveId <SwitchParameter>] [-ExternalDirectoryObjectId <String>] [-ExternalEmailAddress <ProxyAddress>] [-FirstName <String>] [-ImmutableId <String>] [-Initials <String>] [-LastName <String>] [-ModeratedBy <MultiValuedProperty>] [-ModerationEnabled <$true | $false>] [-NetID <NetID>] [-Organization <OrganizationIdParameter>] [-OrganizationalUnit <OrganizationalUnitIdParameter>] [-OverrideRecipientQuotas <SwitchParameter>] [-PartnerObjectId <Guid>] [-PrimarySmtpAddress <SmtpAddress>] [-RemotePowerShellEnabled <$true | $false>] [-ResetPasswordOnNextLogon <$true | $false>] [-SamAccountName <String>] [-SendModerationNotifications <Never | Internal | Always>] [-SKUAssigned <$true | $false>] [-SKUCapability <None | BPOS_S_Deskless | BPOS_S_Standard | BPOS_S_Enterprise | BPOS_S_Archive | BPOS_L_Standard | BPOS_B_Standard | TOU_Signed | FederatedUser | Partner_Managed | MasteredOnPremise | ResourceMailbox | ExcludedFromBackSync | UMFeatureRestricted | RichCoexistence>] [-WhatIf [<SwitchParameter>]]

Detailed Description

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Recipient Provisioning Permissions" section in the Mailbox Permissions topic.

Parameters

Parameter Required Type Description

Name

Required

System.String

The Name parameter specifies the common name (CN) of the mail-enabled user.

ExternalEmailAddress

Required

Microsoft.Exchange.Data.ProxyAddress

The ExternalEmailAddress parameter specifies an e-mail address outside of the organization. E-mail messages sent to the mail-enabled user are sent to this external address.

FederatedIdentity

Required

System.String

This parameter applies to objects in the cloud-based service. It isn’t available for on-premises deployments.

The FederatedIdentity parameter associates an on-premises Active Directory user with a user in the cloud.

ImportLiveId

Required

System.Management.Automation.SwitchParameter

This parameter applies to objects in the cloud-based service. It isn’t available for on-premises deployments.

The ImportLiveID parameter imports an unmanaged Windows Live ID into the cloud-based domain. An unmanaged Windows Live ID was created in the domain before the domain was enrolled in the cloud-based service.

Importing a Windows Live ID into the domain lets you save any settings that are associated with the Windows Live ID, like instant messaging contacts. However, the Windows Live ID is now subject to the security and privacy policies of the organization.

Password

Required

System.Security.SecureString

The Password parameter specifies the password used by the mail user to secure his or her account.

UseExistingLiveId

Required

System.Management.Automation.SwitchParameter

This parameter applies to objects in the cloud-based service. It isn’t available for on-premises deployments.

The UseExistingLiveId parameter uses the specified Windows Live ID that already exists in the cloud-based domain. The specified Windows Live ID can't have a mail user associated with it.

UserPrincipalName

Required

System.String

The UserPrincipalName parameter defines the name of a system user in an e-mail address format (for example, ed@contoso.com).

WindowsLiveID

Required

Microsoft.Exchange.Data.WindowsLiveId

This parameter applies to objects in the cloud-based service. It isn’t available for on-premises deployments.

The WindowsLiveID parameter creates a Windows Live ID that's associated with the mail user.

Alias

Optional

System.String

The Alias parameter specifies the alias of the user. An alias can contain letters, numbers, and the following punctuation marks and symbols:

  • !

  • #

  • $

  • %

  • ^

  • &

  • *

  • +

  • -

  • .

  • /

  • =

  • ?

  • _

  • {

  • }

  • |

  • ~

ArbitrationMailbox

Optional

Microsoft.Exchange.Configuration.Tasks.MailboxIdParameter

The ArbitrationMailbox parameter specifies the mailbox used to manage the moderation process.

This parameter accepts the following values:

  • Alias

    Example: JPhillips

  • Canonical DN

    Example: Atlanta.Corp.Contoso.Com/Users/JPhillips

  • Display Name

    Example: Jeff Phillips

  • Distinguished Name (DN)

    Example: CN=JPhillips,CN=Users,DC=Atlanta,DC=Corp,DC=contoso,DC=com

  • Domain\Account

    Example: Atlanta\JPhillips

  • GUID

    Example: fb456636-fe7d-4d58-9d15-5af57d0354c2

  • Immutable ID

    Example: fb456636-fe7d-4d58-9d15-5af57d0354c2@contoso.com

  • Legacy Exchange DN

    Example: /o=Contoso/ou=AdministrativeGroup/cn=Recipients/cn=JPhillips

  • SMTP Address

    Example: Jeff.Phillips@contoso.com

  • User Principal Name

    Example: JPhillips@contoso.com

BypassLiveId

Optional

System.Management.Automation.SwitchParameter

This parameter is reserved for internal Microsoft use.

Confirm

Optional

System.Management.Automation.SwitchParameter

The Confirm switch causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm switch.

DisplayName

Optional

System.String

The DisplayName parameter specifies the name displayed in Microsoft Outlook for the mail user.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.

EvictLiveId

Optional

System.Management.Automation.SwitchParameter

This parameter applies to objects in the cloud-based service. It isn’t available for on-premises deployments.

The EvictLiveId parameter removes an unmanaged Windows Live ID from the cloud-based domain. An unmanaged Windows Live ID was created in the domain before the domain was enrolled in the cloud-based service. Evicting a Windows Live ID from the domain lets you save any settings that are associated with the Windows Live ID, like instant messaging contacts.

ExternalDirectoryObjectId

Optional

System.String

This parameter is reserved for internal Microsoft use.

FirstName

Optional

System.String

The FirstName parameter specifies the first name of the mail user.

ImmutableId

Optional

System.String

The ImmutableId parameter is used by GAL synchronization (GALSync) and specifies a unique and immutable identifier in the form of an SMTP address for an Exchange mailbox that's used for federated delegation when requesting Security Assertion Markup Language (SAML) tokens. If federation is configured for this mailbox and you don't set this parameter when you create the mailbox, Exchange will create the value for the immutable ID based upon the mailbox's ExchangeGUID and the federated account namespace, for example, 7a78e7c8-620e-4d85-99d3-c90d90f29699@mail.contoso.com. You must set the ImmutableId parameter if Active Directory Federation Services (AD FS) is deployed to allow single sign-on into an off-premises mailbox and AD FS is configured to use a different attribute than ExchangeGUID for sign-on token requests. Both, Exchange and AD FS must request the same token for the same user to ensure proper functionality for a cross-premise Exchange deployment scenario.

Initials

Optional

System.String

The Initials parameter specifies the initials of the mail user.

LastName

Optional

System.String

The LastName parameter specifies the last name of the mail user.

MacAttachmentFormat

Optional

Microsoft.Exchange.Data.Directory.Recipient.MacAttachmentFormat

The MacAttachmentFormat parameter specifies the Apple Macintosh operating system attachment format for messages sent to the mail user. The valid values for this parameter are:

  • BinHex

  • UuEncode

  • AppleSingle

  • AppleDouble

By default, this parameter is set to BinHex. The acceptable values for the MacAttachmentFormat parameter are dependent on the MessageFormat parameter. If the MessageFormat parameter is set to Text, you can only use BinHex or UuEncode values for this parameter. If the MessageFormat parameter is set to Mime, you can only use BinHex, AppleSingle, or AppleDouble values for this parameter.

MessageBodyFormat

Optional

Microsoft.Exchange.Data.Directory.Recipient.MessageBodyFormat

The MessageBodyFormat parameter specifies the message body format for messages sent to the mail user. The valid values for this parameter are:

  • Text

  • Html

  • TextAndHtml

By default, this parameter is set to TextAndHtml.

The MessageFormat and MessageBodyFormat parameters are interdependent. If the MessageFormat parameter is set to Mime, the MessageBodyFormat parameter can be set to any valid value. However, if the MessageFormat parameter is set to Text, the MessageBodyFormat parameter can only be set to Text. Therefore, if you want to set this parameter to Html or TextAndHtml, you must also set the MessageFormat parameter to Mime.

MessageFormat

Optional

Microsoft.Exchange.Data.Directory.Recipient.MessageFormat

The MessageFormat parameter specifies the message format for messages sent to the mail user.

The valid values for this parameter are:

  • Text

  • Mime

By default, this parameter is set to Mime.

The MessageFormat and MessageBodyFormat parameters are interdependent. If the MessageFormat parameter is set to Mime, the MessageBodyFormat parameter can be set to any valid value. However, if the MessageFormat parameter is set to Text, the MessageBodyFormat parameter can only be set to Text. Therefore, if you want to change the MessageFormat parameter from Mime to Text, you must also change the MessageBodyFormat parameter to Text.

ModeratedBy

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The ModeratedBy parameter specifies the users responsible for moderating the messages sent to this mail user. To designate more than one user, separate the users with commas.

This parameter is required if you set the ModerationEnabled parameter to $true. If you leave this parameter blank and there is a user already specified as the manager of this mail user, the ModeratedBy parameter is automatically set by the ManagedBy parameter of the mail user. Otherwise, an error is returned.

ModerationEnabled

Optional

System.Boolean

The ModerationEnabled parameter specifies whether to enable or disable moderation for the mail user. The two possible values for this parameter are $true or $false. To enable moderation, set this parameter to $true. To disable moderation, set this parameter to $false.

The default value is $false.

NetID

Optional

Microsoft.Exchange.Data.NetID

This parameter is reserved for internal Microsoft use.

Organization

Optional

Microsoft.Exchange.Configuration.Tasks.OrganizationIdParameter

This parameter is available for multi-tenant deployments. It isn't available for on-premises deployments. For more information about multi-tenant deployments, see Multi-Tenant Support.

The Organization parameter specifies the organization in which you'll perform this action. This parameter doesn't accept wildcard characters, and you must use the exact name of the organization.

OrganizationalUnit

Optional

Microsoft.Exchange.Configuration.Tasks.OrganizationalUnitIdParameter

The OrganizationalUnit parameter specifies the organizational unit (OU) in which the new user is added (for example, redmond.contoso.com/contacts).

OverrideRecipientQuotas

Optional

System.Management.Automation.SwitchParameter

This parameter is available for multi-tenant deployments. It isn't available for on-premises deployments. For more information about multi-tenant deployments, see Multi-Tenant Support.

PartnerObjectId

Optional

System.Guid

This parameter is reserved for internal Microsoft use.

PrimarySmtpAddress

Optional

Microsoft.Exchange.Data.SmtpAddress

The PrimarySmtpAddress parameter specifies the primary SMTP address for the mail user. By default, the primary SMTP address is generated based on the default e-mail address policy. If you specify a primary SMTP address by using this parameter, the command sets the EmailAddressPolicyEnabled attribute of the mail user to $false, and the e-mail addresses of this mail user aren't automatically updated based on e-mail address policies.

RemotePowerShellEnabled

Optional

System.Boolean

The RemotePowerShellEnabled parameter specifies whether the user can use Remote PowerShell. Remote PowerShell is required to open the Exchange Management Shell or the Exchange Management Console on Mailbox, Hub Transport, Unified Messaging, and Client Access servers. Access to Remote PowerShell is required even if you're trying to open the Shell or the console on the local server.

The valid values are $True and $False. The default value depends on the management role groups assigned to the user. For more information, see Overview of Exchange Management Shell.

ResetPasswordOnNextLogon

Optional

System.Boolean

The ResetPasswordOnNextLogon parameter specifies whether the user must change the password at the next logon. If this parameter is set to $true, the user must change the password at the next logon.

SamAccountName

Optional

System.String

The SamAccountName parameter defines the logon name used to support clients and servers running older versions of the operating system. This attribute must contain fewer than 20 characters. An account name can contain letters, numbers, and the following punctuation marks and symbols:

  • !

  • #

  • $

  • %

  • ^

  • &

  • -

  • .

  • _

  • {

  • }

  • |

  • ~

SendModerationNotifications

Optional

Microsoft.Exchange.Data.Directory.Recipient.TransportModerationNotificationFlags

The SendModerationNotifications parameter specifies whether status notifications are sent to users when they send a message to the moderated distribution group. You can specify one of the following values:

  • Always

  • Internal

  • Never

Set this parameter to Always if you want notifications to be sent to all senders.

Set this parameter to Internal if you want notifications to be sent only to the senders who are internal to your organization.

Set this parameter to Never to disable all status notifications.

The default value is Never.

Note:
The sender is always notified if the message is rejected by the moderators, regardless of the value of this parameter.

SKUAssigned

Optional

System.Boolean

This parameter is reserved for internal Microsoft use.

SKUCapability

Optional

Microsoft.Exchange.Data.Directory.Capability

This parameter is reserved for internal Microsoft use.

UsageLocation

Optional

Microsoft.Exchange.Data.Directory.CountryInfo

This parameter is reserved for internal Microsoft use.

UsePreferMessageFormat

Optional

System.Boolean

The UsePreferMessageFormat parameter specifies whether the message format settings configured for the mailbox override the global settings configured for the domain. Set this parameter to $true to have the message format settings configured for the mailbox to override any global settings.

WhatIf

Optional

System.Management.Automation.SwitchParameter

The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch.

Input Types

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

Return Types

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.

Examples

EXAMPLE 1

The following example consists of two commands.

In the first command, a password ($password) of the type System.Security.SecureString is created. When the command is executed, the prompt "Enter password" is displayed. The string entered by the user becomes the new password string, $password.

The second command creates the mail-enabled user object Ed Meadows and assigns the newly created password to the object by means of the Password parameter. Ed is an employee at Tailspin Toys, but because he works closely with employees at Contoso, Ltd, he's being given an e-mail address at contoso.com. Ed doesn't have a mailbox on the server running Exchange at Contoso. E-mail messages sent to Ed's contoso.com e-mail address are sent to his external e-mail address, Ed@tailspintoys.com.

Copy Code
$password = Read-Host "Enter password" -AsSecureString
New-MailUser -Name "Ed Meadows" -Password $password -ExternalEmailAddress ed@tailspintoys.com -UserPrincipalName ed@contoso.com -OrganizationalUnit contoso.com