Install and use Exchange 2019 CU12 Recipient Management PowerShell

Andres Bohren

2022-04-27

Hi All,

With the recent Release of Exchange Server 2019 CU12 Microsoft Announced the Exchange Recipient Management without Exchange Server.

Manage recipients in Exchange Hybrid environments using Management tools

https://docs.microsoft.com/en-us/Exchange/manage-hybrid-exchange-recipients-with-management-tools

In my LAB Environement i've removed Exchange a while ago.

Now i will install only the Management Tools to see how we can manage Exchange Recipients

Cumulative Update 12 for Exchange Server 2019 (KB5011156)

https://www.microsoft.com/en-us/download/details.aspx?id=104131

It should be clear, but you can't install the Management Tools on a Server where already another Version of Exchange is installed

I've downloaded the Exchange Server 2019 CU 12, mounted the ISO File and started setup.exe in a elevated Command Prompt

As there does not exist any Exchange Organization the Schema and Active Directory has to be prepared.

As expected only the Management Tools have been installed

But the Exchange Management Shell (EMS) does not work, due there is no Exchange Server to Connect

Same applies to the Exchange Toolbox MMC - no Exchange Server to Connect

If you have an Exchange installation. Do not uninstall it - this will delete all Exchange Schema Properties and therefore sync the deletion to Azure AD. Just shut it down and delete the Computer Object in Active Directory.
Make sure you don't need any Exchange Servers for Mail Flow anymore.

I did remove the Exchange Objects in Active Directory Configuration Partition with the Script below

Make sure the OU is not write Protected

cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts
.\CleanupActiveDirectoryEMT.ps1

To use the Exchange Recipient Management Cmdlets, you have to add the following PSSnapin

Add-PSSnapin *RecipientManagement
Get-PSSnapin

Get-Command -PSSnapin Microsoft.Exchange.Management.PowerShell.RecipientManagement

With the "Add-PermissionForEMT.ps1" Script you can add a Group that has Permission on every OU in the Forest/Domain or you can specify the Parameter -RecipientOUs "CN=OU1,DC=contoso,DC=com,CN=OU2,DC=contoso,DC=com"

cd "C:\Program Files\Microsoft\Exchange Server\V15\Scripts"

.\Add-PermissionsForEMT.ps1

The Script creates "Recipient Management EMT" in the "Users" OU

It is a Mail-Enabled Security Group with Group Scope "Universal"

You can see the Permissions on the OU

The Script applies Permissions for the "Recipient Management EMT" Group to the EmailAddressPolicies, Accepted Domains in the Config Partition and on All or the specified OU's.

Regards

Andres Bohren