Distinguishing between mail contacts and mail users in Exchange 2010
It’s easy to confuse mail users with mail contacts in Exchange 2010. Our expert sorts out the differences between these seemingly interchangeable terms.
Many admins think of an Exchange Server recipient as a mailbox that’s linked to a user account. However, Exchange Server 2010 actually defines sixteen different types of recipients. With so many recipient types, a certain level of confusion can be expected. One of the most frequently misunderstood concepts is the difference between a mail contact and a mail user.
Active Directory contacts
Before we examine the concept of mail contacts versus mail users, let’s take a moment to look at contacts in general. Contacts are Active Directory objects that are totally independent of Exchange Server. If you look at Figure 1, you’ll see that the Active Directory Users and Computers console contains an option to create new contacts.
Figure 1. Contacts are really just native Active Directory objects.
Existing contacts are displayed in the console's Users container, alongside regular user accounts. Contacts represent users who do not log into your domain. For example, some Exchange organizations have contacts that represent suppliers or customers.
An Active Directory contact is really just a repository for information. For example, a contact object can store an associated individual’s phone number, mailing address, etc.
Exchange 2010 mail contacts
Mail contacts are an Exchange recipient type. They are essentially the same thing as Active Directory contacts, but with one exception -- they are mail-enabled.
Mail contacts are created through the Exchange Management Console (EMC) by right-clicking the Recipient Configuration container, then selecting the New Mail Contact command. When you do, Exchange launches the New Mail Contact wizard. The wizard gives you the option to create a new contact or to mail-enable an existing Active Directory contact (Figure 2).
Figure 2. You can create a new contact or mail-enable an existing contact in Exchange 2010.
In Figure 3, you’ll see that the wizard associates an alias and SMTP address with the existing contact. You also have the option to create a new contact. This is because a mail contact is the same thing as a mail-enabled contact.
Figure 3. The New Contact wizard in Exchange 2010 lets you create a new contact or mail-enable an existing contact.
Exchange 2010 mail users
Mail users are very similar to mail contacts. Both are Active Directory objects that contain user contact information and an external email address. Likewise, both mail users and mail contacts appear in the global address list (GAL). However, there is one very important difference between a mail contact and a mail user.
Mail users are Active Directory security principles. In other words, a mail user has an Active Directory account they can use to log into your network. Therefore, a mail user can access resources on your file servers, participate in Active Directory security groups and be managed the same way as any other user. The only thing that differentiates a mail user from any other user in an Exchange organization is that mail users cannot send and receive Exchange mail. The user's account is a link to an external email address.
I also want to point out that some of the terminology used in Exchange circles can be confusing. Microsoft refers to Active Directory users with Exchange mailboxes as Mail Enabled Users; do not confuse this with mail users. These mailboxes are also sometimes referred to as user mailboxes. I’ve also seen corresponding accounts referred to as mailbox-enabled users.
Should you use mail contacts or mail users in Exchange 2010?
So which is more beneficial -- mail contacts or mail users? The primary advantage to using mail contacts is there are no licensing requirements. A mail contact is just an Active Directory object. There is no corresponding user account and no Exchange Server mailbox. Therefore, there is nothing to license. In contrast, mail users have an Active Directory account and require a client access license (CAL).
While the main benefit of using mail users is to y can access your network resources, there is one other benefit worth mentioning. It is generally impossible to convert a mail contact into a user mailbox. But if you want to turn a mail contact into a mail-enabled user, you must delete the contact and create the user account and mailbox. Also, mail users can be converted to mail-enabled users with the Get-MailUser <user name> | Enable-Mailbox EMC command.
Both mail contacts and mail users have their place. That said, if you decide to use mail users, it is important to properly license them. A Windows CAL is required, but an Exchange Server license is not required because the user doesn’t have an Exchange mailbox.
ABOUT THE AUTHOR: Brien Posey is an eight-time Microsoft MVP with two decades of IT experience. Before becoming a freelance technical writer, Brien worked as a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network administrator for some of the nation’s largest insurance companies and for the Department of Defense at Fort Knox.