SBS 2011 Standard Additional Accepted Email Domains (Multiple Accepted Domains)

My customer is expanding his business, and is going to add a specialist arm of his company in a particular field.

As such he has setup a new website for that particular department and wants some of his staff to have a new email address based on whether they work for that part of the company.

This is really very easy to setup using Email Address Policies, and i will show you how to do that in this blog post.

I did try to get the process a little more automated, and integration into the add user wizard would have been great, but so far i haven’t got that working, but i am hoping with a little prodding of the SBS Dev team, we may be able to find a way.

To follow me through this process, you will need:

A Server running SBS 2011 Standard.

Two domains configured to send email to the SBS Server.

Some user accounts to test with..

First of all what we will do is add our new domain name as an accepted domain in Exchange.

The process for this is very similar, if not identical to that of Exchange 2007.

From Start, go to All Programs, Expand Microsoft Exchange server 2010 and open up the Exchange Management Console (EMC).


When the exchange console opens, expand Microsoft Exchange On-Premises, expand Organization Configuration and select Hub Transport.


Switch to the ‘Accepted Domains’ tab.


This shows you the current accepted domains.


On the right hand side, select ‘New Accepted Domains’


Enter a name for your new domain, and enter the domain name itself. We will leave the server as the authoratative server for this domain, click New,


After a few seconds, the action will complete, and you will be shown the PowerShell command that would have performed this action from the exchange shell. Click Finish.


You can now see your additional domain added as an accepted domain.


If we now switch to recipient configuration, and the mailbox section, we can see our current mailbox users.


If we go to the properties of one of these accounts, we can see the current email addresses associated with that account.


We can see that no changes have been made to this account so far.

That’s good because it means existing users are not affected by what we have done.

We will have a look at existing users in a moment, but first let’s add a new user to the system.

Since i am listening to The Beatles at the moment, i am going to call this guy John Lennon. My Favourite Beatle happens to be George, but that isn’t relevant. Why then am i not calling him George Harrison, well i don’t know.

I am not covering the add user wizard here as other posts exist out there on how to do this. Plus it is in the books relating to SBS 2011.

So John, is a good guy and he’s working for my company’s new department.

But wait, as we can see here, he still has an address, not – that is good, that is what is expected.


Now, we need to edit his account.

Let’s open up ADUC (Active Directory Users & Computers) From Start, go to Administrative Tools, and you will see ADUC at the top.

Expand Yourdomain.local and keep expanding down until you find MyBusiness\Users\SBSUsers


Find John’s account, and go to the properties.

Switch to the ‘Organization’ tab, and enter ‘Titlerequired’ into the department field.


Click OK to save this change, and close ADUC.

Switch back to the EMC

Go back to the Organization Configuration, Hub Transport area, and go to the ‘Email Address Policies’ tab.


You can see we have 2 current policies. The Windows SBS Email Address Policy is set to make whatever domain name you entered in the Internet Address wizard the default for all users.

So we want to add a new Email Address Policy. On the right click, New Email Address Policy.

We need to enter a name, and also select the container where this policy should be applied, and also the type.

You can leave these as default values, but please do enter a name. Click Next.


Put a check in the box for ‘Recipient is in a Department’ under Step 1.


Under Step 2, select the hyperlinked word ‘specified’ and enter our department name value of Titlerequired.


You can then click Preview, and the policy will show you which users or recipient types it will affect. Hopefully we will only see Mr. Lennon’s name.


We do! That is great because it means whatever we are doing here will only affect that one account.

When you are happy click next.

On the email addresses page, click Add.


Here we choose how the new email address should look, i like to use first initial and surname, so i will select that.

The default is to add a new email address to the ‘default’ domain, since this is yourdomain.local the new address for John would be jlennon@sbs.local – we want to add this to our new accepted domain, so we must choose to specify the accepted domain.

Click the radio button for that option, and click Browse.

You will then see all the domains we have setup on our system.


Double Click the domain you want to use, and it will be added to your policy.


Click Ok.

You will now see your email address shown, using the variables that are used for whatever name format of address you chose. More on that here.


The table below is taken from the TechNet website and shows variables you can use.


Click Next.

You have the option to apply the new policy immediately, or at a scheduled time, or not to apply it all. We want to do it immediately, so click next.


You will see a summary page with some PowerShell commands listed. Click New to build and apply the policy.


The policy is built and applied successfully.


Lets switch back to our Recipient area, and check the email addresses our users now have.

We can see that our user still has his old address.


Switching back to the Policies area, we can see our new policy has a priority of 2, and the Windows SBS policy is set at 1.


We need to change it to priority 1. Select your new policy and on the right hand side, click Change Priority, and enter the number 1, Click OK to save.


It now jumps to the top of the list.


Now we need to reapply the policy. Right click the policy and click Apply. We get those same options as before, click on Next, and Apply.



Again you are shown some PowerShell, and you can click Finish to close the Apple Policy page.

Switching back to Recipient Configuration, you can now see that John has a new email address. (you may need to refresh the view)


IF we go into his account properties you can see he now has an email address for both and but that is his default address.


If we want to move an existing user to a new department, just edit their AD account to change their Department, and then reapply the policy.


You can see that the email address is added as an additional address.


And that is how to add an additional domain name and have it apply to only certain users.

If you want to have an additional domain apply to all users, but not as the default, then simply don’t narrow your Email Address Policy by using a department as in Step 1 and 2 above, and leave the policy at priority 2.

You can always use the Preview button to help confirm who will be affected by such a change.

If you want to change the default domain for all users, you should run the Internet Address Wizard and add your new domain here, then add your old domain as an accepted domain, and build a policy as described here to add that old domain as an additional address.

About Robert Pearman
Robert Pearman is a UK based Small Business Server enthusiast. He has been working within the SMB IT Industry for what feels like forever. Robert likes Piña colada and taking walks in the rain, on occasion he also enjoys writing about Small Business Technology like Windows Server Essentials or more recently writing PowerShell Scripts. If you're in trouble, and you can find him, maybe you can ask him a question.

18 Responses to SBS 2011 Standard Additional Accepted Email Domains (Multiple Accepted Domains)

  1. Martin Rhodes says:

    Very useful info – could you answer a related question for me ? I have installed an SBS2008 and an SBS2011 recently. Both were new installs rather than migrations; both had a local domain name e.g abc.local and an internet domain name of e.g. When I look at user properties, email addresses, I see only (SMTP) – there is no user@abc.local. Is this correct – if so, how is internal mail routed to local network users ? As I recall SBS2003 used to create both addresses by default.

    • Internal email is just sent to the address in the GAL.

      Exchange looks this up and sees it is internal so routes it accordingly.

      So even if you put in their external address – it will be routed internally.

      The .local email address, you will probably find was never even needed in 2003 days, because internal email routing works a different way – i dont pretend to understand exchange to that degree, but certainly, missing the .local addresses is nothing to be concerned about.

    • I just checked an SBS 2011 Standard, and the users do have .local addresses.

  2. Lei Hu says:


    This is really a very useful article. It not only tells me how to do it, but also explains the reason. I followed the steps and did it without any problem. Thanks a lot!!

    However, I do have one question, and hope you can answer it. What I want to do is to separate the user’s emails by domain. Currently, for example, if I have a user named john, then emails sent to both domains (e.g., and will go to the same mailbox. Can I have email accounts, and, completely separated, and if yes, how?

    Thanks in advance!

  3. Only by having separate accounts.

  4. Lei Hu says:

    Sorry, not sure if your reply was for me or not. I might not express my question clearly enough. I just make it specific.

    We have two gentlemen in the company, one is John Smith and the other is John Holland. They just want to use their first name for email address. That is, one is, and the other is

    Is this doable in SBS 2011? Thanks.

    • Certainly.

      Each domain must have unique addresses, however for independent domains, just add a new recipient policy, and set the address to be firstname@

      • Lei Hu says:

        Sorry, I still cannot work out what you mean here. When you say a domain, do you mean it’s an Internet domain or an AD domain? We’re running SBS 2011, and has only one AD domain, right? Then how can we create two different accounts with the same name (say john)? If it’s possible, please give me more detailed instructions. Thanks in advance!

  5. Lets say you have two Johns.

    John Smith
    John Lennon

    You are correct, both cannot have ‘john’ as the login name for the AD account.

    So their usernames can be, jsmith and jlennon.

    Then when you come to set their email addresses, you can use recipient policies, or even manual configuration to add whichever desired email addresses you like.

  6. Min Ara says:

    Great article!
    Is there a way to configure users to be able to generate email from the designated domain by selecting the email address they would send the email from…
    If we use the example of the same user receives the following email as well When the user creates a new email how do you configure that they select the email address the email would be generated from?

    • The add user wizard in SBS does not allow for that.

      But if you create your users via ADUC or, PowerShell then you can specefy an attribute like ‘company’ with a value that matches one of your email address policies.

      So, for example, lets say my email address policy says; if your company value is set to ‘daf’ then set the user to have a address as primary.

      You would add the user in ADUC, set the company value to be DAF, then go to Exchange and add the mailbox. When adding the mailbox it would evaluate the properties of the account against the EAP and set the correct address.

  7. Nozza says:

    This works and we now get mail for the accepted domain instead of the email domain we no longer use but since the certificate renewed now we get a certificate error from outlook clients complaining that the certificate isn’t the right one – because outlook is looking for a cert at the domain and of course this doesn’t match the SBS one which is issued to

    Any ideas?

  8. Chris says:

    Sorry to ‘bump’ this thread after such a while. We have SBS 2011 Std with our company domain accepting email. We don’t plan to add another domain, but we would like to create sub domains of the domain we already have.

    So, we have and that’s all good.

    We have several small offices around the UK, so we’d like create sales mailboxes for those offices. So as an example,, etc.

    Is it a similar process to add a sub domain for those mailboxes?

  9. James Z says:

    I’m using SBS2011 can the 2nd domain users access there emails via a web page like the primary domain email users?

Leave a reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: