Had a case recently that wasn’t immediately obvious to resolve.
We had reports of a user that no one was able to e-mail due to duplicate addressing. At first look there was no duplicate addresses on the object. We were receiving the following NDR’s
There is a problem with the recipient's e-mail system. More than one user has this e-mail address. The recipient's system administrator will have to fix this. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator and then try resending the message after the problem has been resolved.
#550 5.1.4 RESOLVER.ADR.Ambiguous; ambiguous address ##
Further investigations showed that there was a problem with the way that the user was shown in the Exchange Address Books. It seemed as though the object was being confused with another user with the same name.
Comparing the properties of the two users revealed that their legacyExchangeDN properties were the same. The result was that the users were being confused in the Address Lists and no one was able to e-mail either due to this duplication.
The resolution was to change the container name that represents the user to another unique value, we changed ours to the users sAMAccountName value.
o=EXCHORG/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=firstname.surname
o=Cymru/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=sAMAccountName
The only problem with renaming this value is it will break reply ability if senders Outlook Cache is not removed.
As to how this happened, we believe it’s because we have multiple installations of the Quest Migration tools running against the same AD domain, and they happened to be migrating a user with the same name and populated the property with the same value.