In Windows Active Directory (in connection with Exchange 2010), I am unsure about the semantic difference between mail: and proxyAddresses: attributes. As far as I can tell, mail: is one-valued whereas proxyAddresses: is multivalued and (apart from the possibility to include non-SMTP addresses) allows one value starting with SMTP as main address and several values starting with smtp as secondary addresses.
I think I recall that in former versions of Windows and/or Exchange the main proxyAddresses was always kept in sync with the mail attribute. But I now noticed that these are no longer automatically kept in sync (depending on how one edits the data). So it may happen that I have a user with
mail: [email protected]
proxyAddresses: SMTP:[email protected]
proxyAddresses: smtp:[email protected]
So any mail that user sends will use <[email protected]> as sender address; incoming mail addressed to either <[email protected]> or <[email protected]> will end up at that users mailbox; but where does <[email protected]> come into play?
So the questions I have are
- Is there any specific purpose where the
mailattribute is used? - Does it ever make sense to have different
mail:andproxyAddresses:SMTPentries as above? - If the answer to the preceding question is "no": What am I doing wrong that causes
mail:andproxyAddresses:SMTPto be no longer kept in sync?
As you said, the proxy address attribute can contain multiple values whereas the mail address contains only a single value. This can be useful when configuring multiple addresses for a single account. See the below config:
In this instance, the first attribute "SMTP:[email protected]", being uppercase, defines the user's primary email address. And will also be the default address for Outlook and Outlook online.
There are 3 attributes that need to be configured to ensure Accounts are synced properly between your on-premise domain controller and AzureAD/Exchange Online. These are mail, mailNick and proxyAddress.
An example of a working configuration would be as follows:
From what I know the mail: attribute is more a contact attribute as it can exist without Exchange against a user.
The proxyAddressss are the ones used to deliver mail primarily used by exchange.
Give a look at this Url:
https://techcommunity.microsoft.com/t5/exchange-team-blog/fun-with-changing-e-mail-addresses/ba-p/609781
Fun with changing E-Mail Addresses – You Had Me At EHLO…
The 'targetAddress' attribute is used to deliver mail to the mailbox. With Exchange Online, this is where the [email protected] SMTP will be located.
I have fond accounts in my AD with the proxyAddress missing, yet still working OK.
This link has how the proxyAddresses attribute is populated in Azure AD and scenarios on how it is completed: https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/proxyaddresses-attribute-populate#more-information
But despite what it says here, none of your user Accounts in AD have an '@Tenant.OnMicrosoft.com. SMTP address listed, only the [email protected] SMTP is listed. Much of what I find on how these attributes are used and completed is contradicted with what I actually see and with other doc, even within Microsoft's own site. Perhaps it depends on the situation (Hybrid, on-premise, online only, etc) and they leave that out?