Search AD for E-mail Address
2011-02-12 Updated
2010-03-08 Initial Post
As simple as it seems, I'm not aware of a quick and easy way using the built-in AD (2003) or Exchange (2003) GUIs to search for which object has a particular e-mail address. If I wanted to find out which object (it could be a group, mailbox, or public folder) has the e-mail address techsupport@my-corp.com, I could find it by entering the address in Outlook and letting Outlook resolve it through the Global Address List. But if the object is hidden, it won't be in the GAL, so that wouldn't work.
One way to perform a quick search is to use LDAP through ADUC. You can also perform an LDAP search with LDP or some other LDAP tool, but it's just as easy to use ADUC. At the bottom of this post are instructions from MS for using an LDAP query in ADUC. If you want to search for which object has a particular e-mail address, use this search string (it's not case-sensitive):
(&(objectclass=*)(proxyaddresses=smtp:some-address@your-domain.com))
You could also add an * as a wildcard in part of the e-mail address, eg,
(&(objectclass=*)(proxyaddresses=smtp:*some-address@your-domain.com))
You'd want to search for the proxyaddresses attribute because searching for the mail attribute only searches for the primary e-mail address, so secondary (proxy) e-mail addresses would get skipped. It looks like LDAP queries within ADUC are limited to 255 characters or so. I had a long query from a CSVDE file and was not able to paste it into ADUC; I was able to paste shorter queries like the examples above.
I tried making a saved query for this within Active Directory Users and Computers --> Saved Queries and could not get it to work. I experimented by exporting another query to XML and then edited that XML file to use the query above and imported it back to Saved Queries and that did work fine. But after I edited the query in ADUC, it stopped working. A whole bunch of other parameters got added into the query string after I saved the changes, which rendered the saved query useless. If it isn't obvious, the reason you'd want to edit the saved query is to search for different e-mail addresses. So thus far, using ADUC Saved Queries is not an option.
Note that the XML file changes the ampersand symbol from & to &. So
(&(objectclass=*)(proxyaddresses=smtp:some-address@your-domain.com))
becomes
(&(objectclass=*)(proxyaddresses=smtp:some-address@your-domain.com))
From http://technet.microsoft.com on 2010-03-08:
Using the Find Command in Active Directory Users and Computers
You also can use an LDAP query to search a container without applying a filter to the container. To create an LDAP query to display only specific objects in a container, use the Find option on the container shortcut menu, as described in the following procedure.
To use Find to search a container by using an LDAP query
- In Active Directory Users and Computers, right-click the container you want to search, and then click Find .
- In the Find box, click Custom search , and then click the Advanced tab.
- In the Enter LDAP query box, type an LDAP query string, for example:
(&(objectCategory=user)(whenCreated=991122000000Z)) - Click Find Now to display the search results.
Tags: Active Directory, Active Directory Users and Computers, find e-mail address
