Forum Discussion

bvi1998's avatar
bvi1998
Copper Contributor
Mar 20, 2019

Two AD accounts, need to have same email

Hi, I have two accounts in AD. I need them to be able to use the same email address. The second account does not have a mailbox, so I would like to use my non admin account email address for that account. Is this possible?
Thanks!

  • No. The only option is having a distribution group that forwards email to both and each having send as from the group and or both using a shared mailbox.

    If you are talking for just strictly login then no.

    Curious on the use case scenario?
      • dgolan's avatar
        dgolan
        Copper Contributor

        Hello bvi1998 , can you please provide some examples on how you did this?  I am in the same situation that I have been requested to send out emails to users for passwords that are going to expire in 14 days.  However, our IT Technicians have two accounts.  One for STANDARD use and one for PRIVILEGED ACCESS.  The privileged access account does not have an email box.  Therefore the script cannot send to that address.  We are using Azure AD Sync and will not allow two objects to have the same value.  IE.  Two AD Accounts having the same EMAIL Address.  Thank you in advance.

         

        Dan

    • bvi1998's avatar
      bvi1998
      Copper Contributor

      ChrisWebbTech 

      Thanks Chris.

      I am running an app to check when the password will expire for our systems accounts. The app would check the email of that systems account and email the user how many days they have left. I have no way of modifying the application, so my alternative is to script it with PS which I prefer not to do. The DL might work, I'll give that a shot, thanks. I'll report back.

    • cdenny's avatar
      cdenny
      Copper Contributor
      I have a need to have two accounts in the Admin Console using the same email address.
      1) User Account - Normal email account
      2) Domain Account - Need to only get the communications from Microsoft and notification on capacity alerts in the environment. We do not allow user accounts to be admins of the systems so we create appropriate accounts for job responsibilities. This account does not have an email account today and I do not want to maintain two email inboxes.
      *
      If there is a better way I am all open ears on this 🙂
  • NiagaraGuy's avatar
    NiagaraGuy
    Copper Contributor
    Did anyone figure out the best way to do this? We have the exact same scenario where we use Netwrix to inform users of expiring accounts. Our admin accounts don't have email address but I need the emails sent to the non-admin account email.

    Going to try the distribution group method and see if that works.

    Thanks,
  • NiagaraGuy's avatar
    NiagaraGuy
    Copper Contributor

     

    I tried a distribution list and it worked last night as the email was received but now Azure is giving the following error:

     

    ProxyAddresses 
    SMTP:email address removed for privacy reasons 
     
    Error Type: QuarantinedAttributeValueMustBeUniqueLast Attempted At 3/15/2023 11:40 AM

     

    Object Type
     
    user
    group
    User Principal Name
     
    email address removed for privacy reasons
    N/A
    Licenses
     

     

    View assigned licenses

    View assigned licenses
    Proxy Addresses
     
     
    SMTP:email address removed for privacy reasons
    smtp:email address removed for privacy reasons
    SMTP:email address removed for privacy reasons
    Mailemail address removed for privacy reasons
    email address removed for privacy reasons

     

    The software looks at the admin users email field and then send an email to that address but in our case the admin user does not have a mailbox in Office 365 so it needs to get sent to the user.  The DL needs to have the same name as the admin user email in order to then send it to the users normal email account.

     

    Am I missing something?

     

    Thanks.

    • badsector's avatar
      badsector
      Brass Contributor

      NiagaraGuyany success with this?

      I wonder what's the best practices when one user has separate accounts for privileged access and a standard user account. How do you receive messages for your admin account?

      I noticed that there can be two accounts with the same value for the "mail" field in EntraID, and it works fine. The problem is if you sync with AADConnect. It tries to automatically populate the "proxyAddresses" attribute of the cloud user account object and it gives error. Apart from that error everything works fine. I've tried searching for best practices for two accounts for one user and nothing comes out of it. That's super strange for me, as normally companies use separate accounts. What I've encountered so far is that they simply don't use Azure/Entra notifications, sent to a mailbox, but that doesn't seem correct.

      • badsector's avatar
        badsector
        Brass Contributor
        To reply myself - so far distribution lists or shared mailboxes were used. Now we have Plus Email Addressing and it works fine.
  • ka3ak's avatar
    ka3ak
    Copper Contributor
    How about adding an alias to your e-mail account then using that alias in AD?
      • ka3ak's avatar
        ka3ak
        Copper Contributor
        Sorry, I was thinking the situation was two user accounts in AD having the same e-mail address (causing sync errors), needing to receive e-mail in only one e-mail account.
    • badsector's avatar
      badsector
      Brass Contributor
      This can't work. No matter how many aliases you add to a non-existent mailbox, Exchange can't route them, because the mailbox is non-existent and Exchange doesn't even know about these.

Resources