Skip to content

Introduction to the various type of Exchange Online recipients | PowerShell cmdlets | Office 365 | Part 8#13

Addressing “recipient’s objects” in Exchange Online and Azure Active Directory environment for performing tasks such as looking for information about E-mail addresses could be realized as a challenging task.
In the current article, we will take a walk in the “thick forest” of Exchange Online and Azure Active Directory infrastructure, and learn about the various types of “entities” in the Office 365 environment.

To be able to address the various “recipient entities” in an Office 365 environment, we will need to answer the following questions:

Q1: Where are these “recipient entities” stored?
For example, the term “Office 365” can be translated into different infrastructure such as – Azure Active Directory, Exchange Online, Share point online, SkyDrive for business and so on.

It’s true that most of the time, we associate the term “recipient” to the Exchange Online environment but, in an Office 365 environment, the definition of the term “recipient” is more complex.

For example, Azure Active Directory store information about the E-mail addresses of Exchange Online recipients and the Office 365 login name (UPN name) is impacting the Exchange on-Premises Recipient Primary E-mail address.

Another scenario could be an Exchange Hybrid environment that “bind” Exchange on-premises Exchange environment + Exchange Online environment.
In this scenario, we will need to understand where are the “recipients” stored (Exchange on-premises or Exchange Online) and what is the difference between this recipient type.

Q2: Who are the different recipient and user object entities that we need to address?

For example, the Exchange Online environment includes many types of recipients such as – Mailbox recipient, contact recipients, Public Folder recipient, Group recipient and so on.

Q3: What are the PowerShell cmdlets that we use in addressing each of the different types of recipients?

For example

To address users stored in the Azure Active Directory we need to use different PowerShell cmdlets vs. the Exchange Online environment.

To address different type of Exchange Online recipient, we will need to use a “dedicated PowerShell cmdlets” for each type of recipient or use a “General purpose” PowerShell cmdlets such as the command Get-Recipient.

The challenges of searching E-mail addresses in Office 365 environment

At first glance, this task could seem to be quite simple. Our basic assumption is that the Office 365 ports or the Exchange Online admin center interface include some “graphic interface” that will help us to perform the required search.

In reality, the task of locating the E-mail address in Office 365 and Exchange Online can prove to be not that simple!

There are a couple of reasons the lead me to describe the above task as – “not a simple task”

1. Exchange Online admin – the lack of centralized E-mail address searches tool

Exchange Online (and Exchange) has many types of “recipients.” The E-mail address that we look for could be related to any type of recipient.

Exchange Online includes a web-based interface, that enables us to perform a search, looking for
E-mail address, but the main disadvantage of this interface is that the search interface is based on a “scope.”

For example, different search scope for “Exchange Online user mailbox object scope”, “Exchange Online shared mailbox scope” and so on.

In other words, we don’t have a tool that can perform a “wide E-mail address search” that is performed by query all the recipient’s types that exist in Exchange Online infrastructure.

2. Multiple “identities” that uses the E-mail address naming convention

The e-mail address is just a naming conviction that we use for describing the identity of someone.

An E-mail address can be described as a string structure that contains the left part which described as Alias, the “@” sign and the “right part” – organization name (domain mane suffix).

The structure of E-mail address and UPN name in Office 365 and Exchange Online

In Office 365 infrastructure, there are additional identities that use an identical naming
convention as an E-mail address.

For example, the login name of Office 365 described as UPN (user principal name), and the UPN has an identical structure to the E-mail address structure.

Most of the time the Office 365 UPN name is identical to the Exchange Online Primary E-mail address but sometimes they are different.

Another example is the SIP (Session Initiation Protocol) address.

Every Office 365 users whom his license includes Skype for a Business license, have a SIP address.
And again, the SIP address is based on the identical structure as the stature of the E-mail address.

When we say that we look for information about “E-mail address,” it’s important that we know if the information that we look for is indeed E-mail address or another type of identities such as SIP address or Office 365 user UPN name.

The e-mail address naming convention used by other Office 365 infrastructures

3. Office 365 as a complicated infrastructure

Office 365 is a logical container for many types of services and infrastructures.

The information about a specific Office 365 can “appears” in many infrastructures at the same time.

For example, each Office 365 users who have Exchange Online license appears at the same time as – Office 365 Azure Active Directory “user account entity,” and defined also in Exchange Online infrastructure as a user and as a “mailbox recipient.”

When we are looking for information about specific E-mail address or a specific type of E-mail address addresses, it’s important to know that we will need to define a “search scope” that includes the Office 365 (Azure Active Directory) infrastructure + the Exchange Online infrastructure.

The specific Office 365 infrastructure that we address -03

The solution + additional Challenges

The main tool that we can use for performing such type of “global search” is our dear friend – the PowerShell.

Given that we decide to use PowerShell as a tool for getting information about E-mail address, SIP address or Office 365 UPN name, the main challenge that we face is – the need to be familiar with each type of Exchange Online recipient and the Office 365 “entity” that we need to address + the specific PowerShell cmdlets that we need to use for addressing this recipient or Office 365 entities.

Two common scenarios of – looking for E-mail address in Office 365

Real life scenarios examples

Scenario 1 – Removing a “registered domain name” from Office 365 tenant

In this type of scenario, Office 365 will “allow” us to remove a specific registered domain name only if no existing “entity” uses the specific domain name. The “entity” could be Office 365 user, Exchange Online recipient and more.

In addition, the domain name that we need to remove can appear as part of the Office 365 UPN name, recipient E-mail address or other attributes.

Only after we found all the entities that use the specific domain name, and we remove this domain name or replace it with another domain name, only then we can remove the domain name that was registered with Office 365 as the tenant domain.

Scenario 2 – searching for a “hidden” E-mail address

In this scenario, we would like to locate the existing Exchange Online recipient or Office 365 user who uses a specific E-mail address.

The main challenge, in this case, is, how to locate the specific E-mail address that could be “belong” to a variety of Exchange recipient types or to Office 365 user (the UPN username).

As mentioned, at the current time Exchange Online include a “search interface” but this search option is restricted to a specific type of recipient such as – Mailbox recipient, resources recipient and so on.

The Exchange recipient objects and Azure Active Directory “recipient objects”

When we say that we want to look for a specific “E-mail address,” it’s important that we also “declare” the specific Exchange “recipient type.”

Associatively we think that “recipient” is a User with a mailbox, but the reality is more complex because, in an Exchange-based environment, there are many types of additional recipients such as – mail contact, Public Folder, a different type of groups and so on.

To make thing even more complicated, in an Office 365 based environment the subject of “E-mail address” is not related only to the Exchange Online environment, but also to the Office 365 part, that manages and store Office 365 user accounts – the Azure Active Directory.

For example, Office 365 user login name (UPN – User Principal Name) is based on an “E-mail address” naming convention (Alias + Domain name suffix).

The task of – “searching” specific E-mail address in the Office 365 “space,” should include the information about the specific “Mail recipient object” and the specific environment such as Office 365 (Azure Active Directory) or Exchange Online.

The ability to review in detail each of the specific Exchange Online recipient type and their specific characters + each Office 365 (Azure Active Directory) object type, is beyond the scope of the current article.

Even though, I would like to provide a high-level review of the:

Different type of Exchange Online recipient, the PowerShell cmdlets that we use for getting information about the specific recipient type and the “Exchange Online classification” of the specific object.

As mentioned, Office 365 (Azure Active Directory) also includes information about the user account that uses the UPN name (identical structure as E-mail address) and includes information about groups and contacts.

Exchange Online recipient types

In the following section, I would like to review the PowerShell cmdlets that we use to address the various Exchange Online recipient type and the objects in the Azure Active Directory.

We will start with the Exchange Online based environment and in the next section, we review the Office 365 (Azure Active Directory) environment.

The following table includes a list of all the Exchange Online available recipient types and the PowerShell cmdlets that we use for getting information about each Exchange Online recipient type:

Exchange recipients
RecipientGet-Recipient
 * Remark 1
Mailbox recipient
MailboxGet-Mailbox
 * Remark 2
User object
UserGet-User
 * Remark 3
Contact recipient
ContactGet-Contact
 * Remark 4
Mail ContactGet-MailContact
 * Remark 4
MailUserGet-MailUser
 * Remark 5
Public Folder recipient – Mail enables Public Folder
Public FolderGet-MailPublicFolder
 * Remark 6
Group recipient
DistributionGroupGet-DistributionGroup
Dynamic Distribution GroupGet-DynamicDistributionGroup
Unified GroupGet-UnifiedGroup
 * Remark 7

Remark 1 | The PowerShell command Get-Recipient

We can relate to the PowerShell cmdlet Get-Recipient as a “super cmdlets” that we can use to get information about any type of existing Exchange Online recipient.

The rule of “all available Exchange Online recipient” is true beside two exceptions:

  • An exchange online mailbox that considered as soft deleted Get-Mailbox -SoftDeletedMailbox
  • Unified Exchange Online group Get-UnifiedGroup

In case that we want to look for a specific E-mail address or a specific domain name suffix, and we want to create a “search scope” that will include – all the available recipient’s objects in the Exchange Online based environment, we will need to use a combination of the three PowerShell cmdlets:

  1. Get-Recipient
  2. Get-UnifiedGroup
  3. Get-Mailbox -SoftDeletedMailbox

The PowerShell cmdlets Get-Recipient, display information about all the Exchange Online recipient types that appears in the diagram below.

As mentioned, the PowerShell cmdlets Get-Recipient, will not display soft deleted Exchange Online mailboxes, and will not display information about the Exchange Online recipient who described as “Unified groups.”

Exchange Online infrastructure - Get information about various Exchange Online mail recipients

View the different type of Exchange Online recipients, when using the Get-Recipient cmdlet

To be able to know what are the Exchange Online recipients type that the PowerShell cmdlet
Get-User, get” for us, we can the PowerShell cmdlet Get-Recipient + the parameter Group.
The Group parameter creates a “grouped display” of the different type Exchange Online recipients.

For example:

Get-Recipient | Group RecipientTypeDetails | Select name, count

In the results, under the “name” column, we can see all the different type of Exchange Online recipients that the PowerShell cmdlets Get-Recipient “get.”

PS C:\> Get-Recipient | Group RecipientTypeDetails | Select name,count

Name                            Count
----                            -----
MailUniversalDistributionGroup  23
UserMailbox                     54
MailContact                     14
MailUniversalSecurityGroup      14
DiscoveryMailbox                1
SharedMailbox                   13
DynamicDistributionGroup        5
MailUser                        13
EquipmentMailbox                1
PublicFolder                    5
RoomMailbox                     7
RoomList                        1

To summarize the information, we can say that if we want to look for a specific recipient in Exchange Online based environment, we will need to use the combination of the following three PowerShell cmdlets.

The complete search scope of recipients in Exchange Online environment

Remark 2 | The Exchange Online PowerShell cmdlets – Get-Mailbox

In an Exchange environment, the term “mailbox,” relates to a mailbox that is associated with a “user account.” In other words, Exchange user who “owns” (mailbox owner) an Exchange mailbox.

The PowerShell cmdlet Get-Mailbox relates to 5 types of mailboxes:

  • User mailbox
  • Shared mailbox
  • Room mailbox
  • Equipment
  • Soft Deleted mailbox

When we use the PowerShell command Get-Mailbox, we will get information about all the different type of Exchange Online mailboxes, besides the exception of -Soft Deleted Exchange Online mailboxes.

To be able to view Soft Deleted Exchange Online mailboxes, we will need to add an additional parameter to the original Get-Mailbox cmdlet.

In case we want to get information about specific types of Exchange Online mailbox such as – user mailbox, Shared mailbox, Room mailbox and so on, we will need to use
the PowerShell command Get-Mailbox + filter.

Attached an example of the way that we use the Get-Mailbox cmdlet + a filter (we implement the filter by using PowerShell where statement) for getting information about a specific type of “Exchange mailbox.”

Exchange Online mailboxes by “type”

Display information only about Exchange Online mailboxes considered as “User mailbox.”

PowerShell command example:

Get-Mailbox | Where {$_.RecipientTypeDetails -eq "UserMailbox"}

Display information only about Exchange Online mailboxes considered as “Room mailbox.”

PowerShell command example:

Get-Mailbox | Where {$_.RecipientTypeDetails -eq "RoomMailbox"}

Display information only about Exchange Online mailboxes considered as “Shared mailbox.”

PowerShell command example:

Get-Mailbox | Where {$_.RecipientTypeDetails -eq "SharedMailbox"}

Display information only about Exchange Online mailboxes considered as “Equipment mailbox.”

PowerShell command example:

Get-Mailbox | Where {$_.RecipientTypeDetails -eq "EquipmentMailbox"}

Soft Deleted Exchange Online mailboxes

As mentioned, the PowerShell cmdlets Get-Mailbox, will not display Exchange Online mailboxes that considered as “deleted mailboxes.”

In the Exchange Online environment, there are two type or two classifications of “deleted mailboxes”

  1. “Standard” Soft Deleted Exchange Online mailbox
    Each Exchange Online mailbox that we deleted considered as Soft Deleted mailboxes.
  2. The Soft Deleted mailbox stay in the Exchange Online recycle bin for a period of 30 days.

In case we want to get a list of Soft Deleted Exchange Online mailboxes, we can use the following PowerShell syntax:

Get-Mailbox -SoftDeletedMailbox

2. Inactive mailbox

This is a special type of Soft Deleted Exchange Online mailboxes that are kept in the Exchange Online recipient for a long period based on the litigation Hold period that was assigned to the specific Exchange Online mailbox.

The PowerShell command Get-Mailbox SoftDeletedMailbox display information about the “standard” Soft Deleted + inactive Exchange Online mailboxes.

In case we want to display information only about Soft Deleted Exchange Online mailboxes that considered as “inactive mailboxes”, we can use the PowerShell command:

Get-Mailbox -InactiveMailboxOnly
Get information about Exchange Online mailbox recipients

View the different type of Exchange Online recipients, when using the Get-Mailbox cmdlet

To be able to know what are the Exchange Online recipients type, that the PowerShell cmdlet Get-User “get” for us, we can the PowerShell cmdlet Get-Mailbox + the parameter Group.

The Group parameter creates a “grouped display” of the different type Exchange Online recipients.

For example:

Get-Mailbox | Group RecipientTypeDetails | Select name,count

In the results, under the “name” column, we can see all the different type of Exchange Online recipient that the PowerShell cmdlets Get-Recipient get.

Notice that there is no specific classification of “Soft Deleted mailbox” because this is a special category. Each type of Exchange Online mailboxes such as User mailbox or shared mailbox can be considered as a Soft Deleted Mailbox.

PS C:\> Get-Mailbox | Group RecipientTypeDetails | Select name,count

Name               Count
----               -----
UserMailbox        54
DiscoveryMailbox   1
SharedMailbox      13
EquipmentMailbox   1
RoomMailbox        7

Remark 3 | The Exchange Online PowerShell cmdlets – Get-user

In the Exchange Online environment, the term “User,” relates to Exchange recipient who has a user account.

For example, an Exchange “contact object” doesn’t have a “User account.”

The PowerShell command Get-User relates to all types of Exchange Online recipient who have a user account with an Exchange Online mailbox and without Exchange Online mailbox.

View the different type of Exchange Online recipients, when using the Get-User cmdlet

To be able to know what are the Exchange Online recipients type that the PowerShell cmdlet Get-User “get” for us, we can the PowerShell cmdlet Get-User + the parameter Group.
The Group parameter creates a “grouped display” of the different type Exchange Online recipients.

For example:

Get-Mailbox | Group RecipientTypeDetails | Select name, count

In the results, under the “name” column, we can see all the different type of Exchange Online recipient that the PowerShell cmdlets Get-User “get.”

PS C:\> Get-User | Group RecipientTypeDetails | Select name,count

Name               Count
----               -----
User               13
UserMailbox        54
DiscoveryMailbox   1
SharedMailbox      13
MailUser           13
EquipmentMailbox   1
RoomMailbox        7

Remark 4 | The Exchange Online PowerShell cmdlets: Get-Contact vs. Get-MailContact

Exchange Online contacts or a synchronized contact from On-Premise Active Directory.

The PowerShell command Get-MailContact and Get-Contact will “fetch” the same type of contact recipients.

In other words, there is no difference between the number of contact recipients who will be displayed.

The difference between these two commands is the properties that we displayed for the “contact recipient object.”

The Exchange Online PowerShell cmdlets – ?Get-Contact versus Get-MailContact

For example, looking at the result of using the PowerShell commands Get-MailContact
and Get-Contact, we can see that we get the same number of recipients.

PS C:\> Get-MailContact | Group RecipientTypeDetails | Select name, count

Name          Count
----          -----
MailContact   14

PS C:\> Get-Contact | Group RecipientTypeDetails | Select name, count
Name          Count
----          -----
MailContact   14

Remark 5 | MailUser (Get-MailUser) Exchange Hybrid environment

The Exchange Online recipient MailUser

Mail users are similar to mail contacts. Both have external email addresses, and both contain information about people outside your Exchange or Exchange Online organization that can be displayed in the shared address book and other address lists. However, unlike a mail contact, a mail user has login credentials in your Exchange or Office 365 organization and can access resources.

Technically speaking, we can create “MailUser recipient” in Exchange Online but the use of such recipient is quite rare.

In Exchange Online based environment, the most common use of “MailUser recipients” is realized in an Exchange Hybrid environment.

In Exchange Hybrid environment (Directory synchronization environment), the “MailUser recipient” representative – Exchange on-Premises recipient with a mailbox such as – Exchange on-premises user mailbox, shared mailbox, room mailbox.

The Exchange on-Premises users don’t have “Exchange Online mailbox” but Exchange Online “understand” that these are special recipients, that were synchronized to the cloud from On-Premise Active Directory, and this recipient are Exchange on-Premises recipient with a mailbox.

Mail objects synchronized ?from On-Premise - Exchange on-Premises mailbox users -Get-MailUser

Remark 6 | Public Folder recipient – Mail enables Public Folder

By default, Exchange Online Public Folder doesn’t consider as a “recipient object.” Only in the case that we configure Exchange on-Premises Public Folder as “mail-enabled,” the Exchange Online Public Folder will be considered as a “recipient.”

The PowerShell command Get-Recipient display information about Exchange Online mail enabled Public Folders.

In case that we want to get information only about “mail enabled Public Folder recipients,” we use the PowerShell command Get-MailPublicFolder.

Remark 7 | Group recipient

The PowerShell command Get-Group, will display information about all the type of Exchange Online groups beside one exception – “Dynamic Distribution Group.”

Using the PowerShell command Get-Group, we can get information about Distribution Group, Mail-enabled security groups, and unified groups.

Regarding the subject of Mail-enabled security groups, there is no special PowerShell command.

To be able to get information only about Mail-enabled security groups, we will need to use the PowerShell command Get-DistributionGroup + Filter.

For example:
Get-Group | Where {$_.GroupType -like “security“}

The Exchange Online PowerShell cmdlets – ?Get-Group

Exchange Online recipients classification and PowerShell cmdlets

In the following section, we get an additional view of the various Exchange Online recipients type.

This time, I would like to add additional information that relates to the following parameters

1. PowerShell cmdlets
What are the PowerShell cmdlets that we can use for view information about a specific Exchange Online recipient type?

For example, to get information about Exchange Online recipient who considers as “mailbox user” (Exchange Online + Exchange Online mailbox), we can use the following PowerShell commands:

Get-Recipient: the PowerShell command Get-Recipient, get information about various types of Exchange Online recipient, including Exchange Online mailbox user because Exchange Online mailbox user is actually one type of Exchange Online recipient.

Get-Mailbox: the PowerShell command Get-Mailbox, get information only for Exchange Online recipients that have a mailbox.

We can say that the PowerShell command Get-Mailbox is a derivative of the PowerShell command Get-Recipient

2. RecipientType and RecipientTypeDetails

The Exchange Online recipient properties RecipientType and RecipientTypeDetails define the specific classification of the mail recipient.

For example, the RecipientType Shared mailbox is UserMailbox, because Shared mailbox is realized as a user account that is associated with Exchange Online mailbox.
The RecipientTypeDetails of a Shared mailbox is –“ Shared Mailbox,” because Shared mailbox is a special type of mailbox.

For example, in an Office 365 based environment the user account that is associated with the shared mailbox doesn’t have any user license (shared mailbox in Office 365 are free).

PS C:\> Get-mailbox Shared-MB01 | select Name, RecipientType,RecipientTypeDetails

Name          RecipientType   RecipientTypeDetails
----          -------------   --------------------
Shared-MB01   UserMailbox     SharedMailbox

3. Exchange Online admin center interface

In this section, I mention where we can see the “location” of the various types of Exchange Online recipients when using the Exchange Online admin center.

In the following screenshot, we can see an example of the “classification” that Exchange Online uses for relating to the different type of Exchange Online recipients.

The location of the various type of Exchange Online recipients

Exchange Online infrastructure

The following section, include summary tables for each Exchange Online recipient type.

The table includes the following sections:

  • The PowerShell cmdlet that we use for getting information about the specific recipient type.
  • The classification of the Exchange Online recipient (RecipientType and RecipientTypeDetails).
  • The “location” of the Exchange Online recipient when using the Exchange Online admin center web interface.

Recipients object type | Mailbox

Exchange Online | User mailbox | Get-Mailbox
PowerShell cmdletsGet-Recipient
Get-Mailbox
RecipientTypeUserMailbox
RecipientTypeDetailsUserMailbox
Exchange Online admin center interface | appear in “mailboxes
Exchange Online | Shared mailbox | Get-Mailbox
PowerShell cmdletsGet-Recipient
Get-Mailbox
RecipientTypeUserMailbox
RecipientTypeDetailsSharedMailbox
Exchange Online admin center interface | appear in “shared
Exchange Online | Room mailbox | Get-Mailbox
PowerShell cmdletsGet-Recipient
Get-Mailbox
RecipientTypeUserMailbox
RecipientTypeDetailsRoomMailbox
Exchange Online admin center interface | appear in “resources
Exchange Online | Equipment mailbox | Get-Mailbox
PowerShell cmdletsGet-Recipient
Get-Mailbox
RecipientTypeUserMailbox
RecipientTypeDetailsEquipmentMailbox
Exchange Online admin center interface | appear in “resources
Exchange Online | Soft deleted mailbox | Get-Mailbox
PowerShell cmdletsGet-Mailbox -SoftDeletedMailbox

Recipients object type | Contact

Exchange Online | Contact | Get-Contact
PowerShell cmdletsGet-Recipient
Get-Contact
RecipientTypeMailContact
RecipientTypeDetailsMailContact
Exchange Online admin center interface | appear in “contacts
Exchange Online | Mail user | Get-MailContact
PowerShell cmdletsGet-Recipient
Get-MailContact
RecipientTypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Recipients object type | Mail user

Exchange Online | Mail user | Get-User
PowerShell cmdletsGet-Recipient
Get-User
RecipientTypeUserMailbox
RecipientTypeDetailsUserMailbox
The PowerShell command Get-User relate to all type of Exchange Online recipient that have a user account with Exchange Online mailbox and without Exchange Online mailbox

Store Exchange Hybrid objects

Exchange Online | Mail user | Get-MailUser
PowerShell cmdletsGet-Recipient
Get-MailUser
RecipientTypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Recipients object type | Mail enabled Public Folder

Exchange Online | Mail enabled Public Folder | Get-MailPublicFolder
PowerShell cmdletsGet-Recipient
Get-MailPublicFolder
RecipientTypePublicFolder
RecipientTypeDetailsPublicFolder
Exchange Online admin center interface | appear in “Public Folders

Recipients object type | Mail enabled Group

Exchange Online | Distribution Group | Get-DistributionGroup
PowerShell cmdletsGet-Recipient
Get-DistributionGroup
RecipientTypeMailUniversalDistributionGroup
RecipientTypeDetailsMailUniversalDistributionGroup
GroupTypeUniversal
Exchange Online admin center interface | appear in “Groups
Exchange Online | Security mail enabled Group | Get-DistributionGroup
PowerShell cmdletsGet-Recipient
Get-DistributionGroup
RecipientTypeMailUniversalSecurityGroup
RecipientTypeDetailsMailUniversalSecurityGroup
GroupTypeUniversal, SecurityEnabled
Exchange Online admin center interface | appear in “Groups
Exchange Online | Dynamic Distribution Group | Get-DynamicDistributionGroup
PowerShell cmdletsGet-Recipient
Get-DynamicDistributionGroup
RecipientTypeDynamicDistributionGroup
RecipientTypeDetailsDynamicDistributionGroup
GroupTypeNA
Exchange Online admin center interface | appear in “Groups
Exchange Online | Unified Group | Get-UnifiedGroup
PowerShell cmdletsGet-UnifiedGroup
RecipientTypeMailUniversalDistributionGroup
RecipientTypeDetailsGroupMailbox
GroupTypeUniversal
Exchange Online admin center interface | appear in “Groups

Office 365 (Azure Active Directory) infrastructure

In office 365 environments, some of the information about Exchange Online recipients, “appear” also in the Office 365 infrastructure (Azure Active Directory).

Although Azure Active Directory includes information about Exchange Online recipients, most of the time, the task of looking for a specific E-mail of a specific recipient, will be performed by addressing the Exchange Online infrastructure, and not by addressing the Azure Active Directory infrastructure.

For example, the number of the Azure Active Directory PowerShell cmdlets, that “get’” information about “recipients” object vs. the available PowerShell cmdlets in Exchange Online is far below.

The main reason in which we address the Azure Active Directory, looking for a specific E-mail address is – the Office 365 user UPN (User Principal Name) name.

As mentioned, the Office 365 user login name described as UPN, is based on a “naming structure” identical to the naming structure of standard email addresses.

In a scenario in which we look for a “lost \ hidden” E-mail address that we need to locate or get information about Office 365 user UPN.

The Similarities between Office 365 user UPN name versus Exchange Online E-mail address

The main PowerShell cmdlets that we use for “query” Office 365 UPN names and E-mail addresses is the Get-Msoluser.

The main PowerShell command that we use for get information about E-mail addresses Get-Msoluser -01

Azure Active Directory and Exchange Online recipients

Azure Active Directory infrastructure, include information about the following types of recipients

  1. Exchange Online recipients crated in Exchange Online infrastructure.
  2. In Directory synchronization environment, recipient object that is synchronized from On-Premise Active Directory and Exchange on-Premises recipients.

To be able to get information about “group recipient” in an Azure Active Directory environment, we use the PowerShell cmdlets Get-MsolGroup.

To be able to get information about “contact recipient” in an Azure Active Directory environment, we use the PowerShell cmdlets Get-MsolContact.

How Azure Active Directory sees Mail objects synchronized ?from On-Premise -02

Office 365 (Azure Active Directory) objects

The following table includes a list of all the Azure Active Directory available User account + recipient types, and the PowerShell cmdlets that we use for getting the information user account and recipients.

Azure Active Directory | User account
RecipientGet-Msoluser
 * Remark 1
Azure Active Directory | Group account
MailboxGet-MsolGroup
 * Remark 2
Azure Active Directory | Contact account
UserGet-MsolContact
 * Remark 3

Remark 1 | Azure Active Directory | User account | Get-MsolUser

Using the PowerShell cmdlet Get-Msoluser, we can get information about the Azure Active Directory (Office 365) user account.

The information about Office 365 user UPN is stored in a property named UserPrincipalName.

The information about Office 365 user E-mail addresses is stored in a property named ProxyAddresses.

In addition, each Office 365 users have a property named SignInName.

To get information about this Office 365 user account properties, we can use the following PowerShell command:

Get-MsolUser -UserPrincipalName bob@o365info.com | fl DisplayName,ProxyAddresses,SignInName,UserPrincipalName

PowerShell console output example

PS C:\> Get-MsolUser -UserPrincipalName bob@o365info.com | fl DisplayName,ProxyAddresses,SignInName,UserPrincipalName

DisplayName : Bob marley
ProxyAddresses : {smtp:bob2@o365pilot.com, SMTP:bob@o365info.com, smtp:bob@o365info2.onmicrosoft.com}
SignInName : bob@o365info.com
UserPrincipalName : bob@o365info.com

View information about E-mail address and UPN names of Soft Deleted Office 365 user account

n a scenario in which we look for infrastructure about Office 365 user UPN name or E-mail address, the “standard” Get-Msoluser PowerShell cmdlet, will not display information about Soft Deleted Office 365 user account.

To be able to get information about the Soft Deleted user account that is stored in the Azure Active Directory recycle bin, we will need to use the Get-Msoluser PowerShell cmdlet with an additional parameter in the following way: Get-MsolUser -ReturnDeletedUsers

Remark 2 | Azure Active Directory | Group account | Get-MsolGroup

The Azure Active Directory PowerShell cmdlet Get-MsolGroup displays information about:

  1. An Azure Active Directory group that doesn’t appear in Exchange Online – we can relate to this type of groups as “system group” and the scenario in which we look for information about this group is quite rare.
  2. Exchange Online groups – Exchange group recipient who was created in Exchange Online infrastructure.
  3. Synchronized group from On-Premise infrastructure – In case that the Office 365 is Directory synchronization services, the PowerShell cmdlet Get-MsolGroup display information about the group that was synchronized from On-Premise Active Directory and Exchange on-Premises.

Remark 3 | Azure Active Directory | contact account | Get-MsolContact

The Azure Active Directory PowerShell cmdlet Get-MsolContact displays information about:
Exchange Online contacts – Exchange contacts recipient who was created in Exchange Online infrastructure.

Synchronized group from On-Premise infrastructure – In case that the Office 365 is Directory synchronization services, the PowerShell cmdlet Get-MsolContact display information about contacts that was synchronized from On-Premise Active Directory and Exchange on-Premises.

Exchange Online environment and Exchange Online

In this section, I would like to review the infrastructure described as “Directory synchronization environment”.

In this type of environment, user object and Exchange On-Premises recipient are synchronized to the “cloud” meaning Azure Active Directory and Exchange Online.

In the environment, such as Exchange Hybrid environment, Exchange Online host “his recipients,” but in addition, “host” Exchange on-premises recipients who are synchronized from the On-Premise environment (Exchange on-Premises).

In the following diagram, we can see the concept in which Exchange On-Premises “recipient objects” are synchronized to the “cloud,” Exchange Online in our example.

How Exchange Online sees Mail objects synchronized from On-Premise-01

The main question in the scenario of Exchange Hybrid is – how Exchange Online relates to “recipient objects” that he “gets” from Exchange on-Premises?

As mentioned, in Exchange Hybrid, Exchange Online must be “familiar” with this recipient

The “thing” is that Exchange Online classifies this type of recipient objects in a different way.

It’s important that we will be familiar with the Exchange Online “classification” so in a scenario in which need to distinguish between “original Exchange Online recipient “ vs. recipient who was synchronized from Exchange on-Premises; we need to a way to identify this “Exchange on-premises recipients.”

How Exchange Online sees Mail objects synchronized from On-Premise-02

To simplify the concept in which Exchange Online relates to Exchange on-premises synchronized recipient, we will divide the Exchange on-premises recipients into three categories.

  • Exchange on-Premises “mailbox users recipients.”
  • Exchange Online “contact recipients.”
  • Exchange Online “Group recipients.”

In the following diagram, we can see an example of the Exchange Online “logic” regarding recipients synchronized from Exchange on-Premises.

  1. Exchange on-Premises “mailbox user” recipients who are synchronized with Exchange Online, are configured as “Mailuser” in Exchange Online.
  2. Exchange on-Premises “contact” recipients who are synchronized with Exchange Online, are configured as “Mailcontact” in Exchange Online.
  3. Exchange on-Premises “group” recipients who are synchronized with Exchange Online, are configured as “Group recipient” in Exchange Online.
How Exchange Online sees Mail objects synchronized from On-Premise-03

What are the “recipient objects” that are not synchronized to the “cloud” (Exchange Online)?

Additional information that I would like to mention regarding the Exchange on-premises recipients that are synchronized with Exchange Online, is that the synchronization doesn’t apply to all the recipient type.

In the Exchange Hybrid environment, the following two recipient object is not synchronized from Exchange on-Premises to the “cloud”:

  1. Public Folder mail enabled folder.
  2. Dynamic Distribution Group
What are the recipient object that are not synchronized to the cloud Exchange Online

Exchange on-Premises recipient object that is synchronized to Exchange Online

The following section, include summary tables for each Exchange On-Premises recipient type, that is synchronized to Exchange Online.

The table includes the following sections:

  • The PowerShell cmdlet that we use for getting information about the specific recipient type.
  • The classification of the Exchange Online recipient (RecipientType and RecipientTypeDetails). In other words, how Exchange Online “see” the synchronized recipient.
  • The “location” of the Exchange Online recipient when using the Exchange Online admin center web interface.

Recipients object type | Exchange on-Premises User Mailbox

Exchange on-Premises User Mailbox, is “represented” in Exchange Online infrastructure as “mail user.”

Exchange Online | User mailbox
PowerShell cmdletsGet-Recipient,Get-MailUser
Recipient TypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Exchange on-Premises Shared Mailbox, is “represented” in Exchange Online infrastructure as “mail user”.

Exchange Online | Shared mailbox
PowerShell cmdletsGet-Recipient,Get-MailUser
Recipient TypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Exchange on-Premises Room Mailbox, is “represented” in Exchange Online infrastructure as “mail user”.

Exchange Online | Room mailbox
PowerShell cmdletsGet-Recipient,Get-MailUser
Recipient TypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Exchange on-Premises Equipment Mailbox, is “represented” in Exchange Online infrastructure as “mail user”.

Exchange Online | Equipment mailbox
PowerShell cmdletsGet-Recipient,Get-MailUser
Recipient TypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Recipients object type | Exchange on-Premises Groups

Exchange on-Premises Distribution group

Exchange on-Premises Distribution group is “represented” in Exchange Online infrastructure as “MailUniversalDistributionGroup”.

Exchange Online
PowerShell cmdletsGet-Recipient,Get-DistributionGroup
Recipient TypeMailUniversalDistributionGroup
RecipientTypeDetailsMailUniversalDistributionGroup
Exchange Online admin center interface | appear in “groups

Exchange on-Premises Distribution group, is “represented” in Exchange Online infrastructure as “MailUniversalSecurityGroup”.

Exchange Online | Security mail enabled Group
PowerShell cmdletsGet-Recipient,Get-DistributionGroup
Recipient TypeMailUniversalSecurityGroup
RecipientTypeDetailsMailUniversalSecurityGroup
GroupTypeUniversal, SecurityEnabled
Exchange Online admin center interface | appear in “groups

Recipients object type | Contact

Exchange Online | Contact
PowerShell cmdletsGet-Recipient,Get-MailContact
Recipient TypeMailContact
RecipientTypeDetailsMailContact
Exchange Online admin center interface | appear in “contacts
Exchange Online | Mail user
PowerShell cmdletsGet-Recipient,Get-MailContact
Recipient TypeMailUser
RecipientTypeDetailsMailUser
Exchange Online admin center interface | appear in “contacts

Get information about Exchange on-Premises synchronized recipients

When using the Exchange Online admin interface, the task of differentiating between “original Exchange Online recipient” and Exchange on-Premises recipient who were synchronized to the cloud is not so simple.

For example, when we look at the Exchange Online admin interface under the “group” section, is not easy to under which are the group consider as “Exchange Online native group” and, which form the group is synchronized from Exchange On-Premises.

The good news is that we can use a little trick that will enable us to “reveal” this type of recipients (recipients synchronized from Exchange on-Premises).

Each of the Exchange Online recipients has a property named Capabilities

Regarding recipient objects that are synchronized from Exchange on-Premises, the value of the Capabilities property is MasteredOnPremise

To be able to get a “filter list” that includes only Exchange on-Premises recipient’s objects we can use the following PowerShell command syntax:

Get-Recipient | Where {$_.Capabilities -like "*MasteredOnPremise"} | FL DisplayName,EmailAddresses

In case that we need to get a “high-level view” of the recipients, we can use the same PowerShell command with additional parameter Group-Object.

The Group-Object parameter, enable us as the name implies, to group the “objects” (the recipients in our example) by a specific property.

In our case, we ask from PowerShell to “group” the recipient by using the property RecipientTypeDetails.

PowerShell command example:

Get-Recipient | Where {$_.Capabilities -like "*MasteredOnPremise"} | Group-Object -Property RecipientTypeDetails |select Count, Name

PowerShell console output example:

PS C:\> Get-Recipient | Where {$_.Capabilities -like "*MasteredOnPremise"} | Group-Object -Property RecipientTypeDetails |select Count, Name

Count  Name
-----  ----
21     UserMailbox
2      MailContact
11     MailUser
2      MailUniversalDistributionGroup
3      RoomMailbox
4      SharedMailbox
1      MailUniversalSecurityGroup

The next article in the current article series

Searching for an Email addresses using PowerShell | Where Filter | Office 365 | Part 9#13

o365info Team

o365info Team

This article was written by our team of experienced IT architects, consultants, and engineers.