There are two different ways to provision the Exchange 2000 and 2003 mailbox accounts with the Active Directory driver. You can set attributes on User objects so a Microsoft program (the Recipient Update Service) can use this information to provision to users to the Exchange database. Or you enable Collaboration Data Objects for Exchange Management (CDOEXM), which is the method documented in this section.
With CDOEXM enabled, an Exchange 2000 or 2003 mailbox is provisioned by setting the homeMDB attribute. When the homeMDB attribute is set, the driver automatically sets all required attributes. The driver can create, delete, and move mailboxes. The mailbox moves that are supported are only interdomain moves.
CDOEXM is an API that is provided by Microsoft. The Active Directory driver uses this API to provision the Exchange accounts.
The homeMDB attribute is set during initial configuration, but you can change the setting by modifying the driver policy. To find out what the homeMDB attribute is for your Exchange system, see Section 5.1, Using the Active Directory Discovery Tool.
To configure the driver to synchronize Exchange 2000 and 2003 accounts:
If the server that is running the driver is a non-Exchange server, the Exchange Management tools must be installed on this server.
Verify that the authentication account for the driver has enough rights to create, delete, or move Exchange accounts.
If the driver is running on a member server, you must use SSL and you must run the Remote Loader service as a specific domain user with enough rights to delete, create, or move Exchange accounts.
Run the Active Directory Discovery tool to find out what the homeMDB attribute is for the Exchange 2000 or 2003 system. For more information, see Section 5.1, Using the Active Directory Discovery Tool.
Specify the configuration parameters to provision the Exchange mailboxes, when you are creating a driver object. See Table C-1 for a list of Exchange parameters. See Section 5.0, Configuring the Active Directory Driver for information on how to create the driver object.
Verify that you have selected to provision the Exchange 2000 and 2003 mailboxes. See Exchange Management interface type for more information.
Table C-1 Exchange Provisioning Configuration Parameters
|
Parameter |
Description |
|---|---|
|
|
Exchange provisioning can be handled by a driver policy, Entitlements, or skipped entirely. A user can be assigned a mailbox in Exchange (the user is mailbox enabled) or have information about a foreign mailbox stored in the Identity Vault record (the user is mail enabled). When using Entitlements, an external service such as the Workflow service or Role-Based Entitlements makes these decisions and the driver policy simply applies them. uses the policies in the driver instead of Entitlements to assign Exchange mailboxes. When using the driver policy, the decision to mailbox enable or mail enable a user, plus the Exchange message database where the account will reside, is controlled completely in the policy. When is selected, the default configuration does not create Exchange mailboxes but does synchronize the Identity Vault Internet E-Mail Address with the Active Directory mail attribute. |
|
|
The driver cannot provision both Exchange 2007 mailboxes and Exchange 2000 and 2003 mailboxes. This option allows you to select which type of mailboxes the driver can provision. synchronizes Exchange 2000 and Exchange 2003 accounts. synchronizes Exchange 2007 accounts. |
|
|
When this option is enabled, the driver shim intercepts modifications to the Active Directory homeMDB attribute to move the mailbox to the new message data store. moves the Exchange mailbox. does not move the Exchange mailbox. |
|
|
When this option is enabled, the driver shim intercepts removal for the Active Directory homeMDB attribute to delete the mailbox. allows the Exchange mailbox to be deleted. does not allow the Exchange mailbox to be deleted. |
|
|
Specify the default Exchange Message Database (MDB). To obtain the correct name for the Exchange MDB, see Section 5.1, Using the Active Directory Discovery Tool. For example, [CN=Mailbox Store (CONTROLLER),CN=First Storage Group,CN=InformationStore,CN=CONTROLLER,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=Domain,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=Domain,DC=com] The driver can be updated to manage additional MDBs after the import is complete. |