5.5 Applying the Overlay for Exchange Mailboxes

If you have upgraded from Identity Manager 2.x to Identity Manager 3.0.1, the AD driver overlay needs to be applied if Exchange provisioning is enabled on the driver. The overlay allows the driver to control deletes and moves with the Exchange mailboxes.

5.5.1 Applying the Overlay in Designer

  1. In the modeler, right-click on the AD driver connector icon, then click Run Configuration Wizard.

    Driver Configuration Wizard

  2. Select Browse and browse to the file ActiveDirectoryUpdate.xml, then click Open.

    The file is located in the following plug-in eclipse\plugins\com.novell.designer.idm_x.x.x\defs\ActiveDirectoryUpdate.xml.

    Driver Configuration Wizard

  3. Select ActiveDirectoryUpdate.xml, then click Run.

  4. Select Yes or No if you desire Designer to validate the information entered in the prompts.

    Driver Configuration Wizard

  5. Enter in the information specific to your environment, then click OK. See Table 5-1 for a description of the fields.

  6. In the Confirm Object Update window, select Compare to view the differences between the values in the imported configuration file and the Designer object, then click Close.

    Confirm Object Update Window

  7. If the changes are correct, select Yes to overwrite the existing Designer object. If you do not want to have the driver updated, select No.

Table 5-1 Overlay Configuration Parameters in Designer

Parameter

Description

Driver name

This is the driver that needs to updated with the new parameters. Enter in the driver name or browse to and select the driver.

Update driver

It updates the driver with the parameters. Select Yes if you want the driver updated. Select No if you do not want to update the driver.

homeMDB controls Exchange move

Allow a change to the user HomeMDB attribute to result in a move on the user’s Exchange mailbox when using CDOEXM. The Exchange Message Database, where the user’s mailbox is move to, must be in the same domain as the old Exchange Message Database.

If Yes is selected, when a User object is moved in eDirectory, the move is reflected in Active Directory and Exchange as well.

If No is selected, when a User object is moved in eDirectory it is reflected in Active Directory, but not in Exchange.

homeMDB controls Exchange delete

Allow removal of the user homeMDB attribute to result in a a delete of the user’s Exchange mailbox when using CDOEXM.

If Yes is selected, when an eDirectory User object is deleted the associated Active Directory User object and Exchange accounts are deleted.

If No is selected, when an eDirectory User object is deleted the associated Active Directory User object is deleted, but the Exchange account is left in tact.

Logon and impersonate

Allows the driver authentication account for CDOEXM and Password Set support to logon in different manners.

If No is selected, the driver performs a network logon only.

If Yes is selected, the driver performs a local logon. The authentication account must be an Active Directory account with administrative privileges.

5.5.2 Applying the Overlay in iManager

There are two different ways to update the driver through iManager. It can be updated in the Identity Manager Overview or through Identity Manager Utilities.

Identity Manager Overview

  1. In iManager select Identity Manager > Identity Manager Overview.

  2. Select Search to find the Driver Set object where the Active Directory driver is stored.

  3. Select Add Driver in the Identity Manager Overview screen.

  4. Browse to and select the Driver Set object where the Active Directory driver is stored, then click Next.

  5. Select Import a driver configuration from the server (.XML file).

  6. From the drop-down menu select ActiveDirectoryUpdate.xml, then click Next.

  7. Enter in the information specific to your environment, then click Next. See Table 5-2 for a description of the fields.

  8. Select Update that driver (including the driver’s image) to update the driver, or select Select a different driver, then click Next.

  9. View the summary of changes, then click Finish.

Table 5-2 Overlay Configuration Parameters in iManager

Parameter

Description

Driver name

This is the driver that needs to updated with the new parameters.

Existing drivers

From the drop-down menu, select the name of the updated AD driver with Exchange provisioning enabled. Once the driver name is selected, the Drive name field is automatically populated.

Update driver

It updates the driver with the parameters. Select Yes if you want the driver updated. Select No if you do not want to update the driver.

homeMDB controls Exchange move

Allow a change to the user HomeMDB attribute to result in a move on the user’s Exchange mailbox when using CDOEXM. The Exchange Message Database, where the user’s mailbox is move to, must be in the same domain as the old Exchange Message Database.

If Yes is selected, when a User object is moved in eDirectory, the move is reflected in Active Directory and Exchange as well.

If No is selected, when a User object is moved in eDirectory it is reflected in Active Directory, but not in Exchange.

homeMDB controls Exchange delete

Allow removal of the user homeMDB attribute to result in a a delete of the user’s Exchange mailbox when using CDOEXM.

If Yes is selected, when an eDirectory User object is deleted the associated Active Directory User object and Exchange accounts are deleted.

If No is selected, when an eDirectory User object is deleted the associated Active Directory User object is deleted, but the Exchange account is left in tact.

Logon and impersonate

Allows the driver authentication account for CDOEXM and Password Set support to logon in different manners.

If No is selected, the driver performs a network logon only.

If Yes is selected, the driver performs a local logon. The authentication account must be an Active Directory account with administrative privileges.

Identity Manager Utilities

  1. In iManager select Identity Manager Utilities > Import Drivers.

  2. Browse to and select the Driver Set object where the Active Directory driver is stored, then click Next.

  3. Under Additional Policies, select AD Driver shim configuration update from IDM2 to IDM 3, then click Next.

    AD Driver Overlay File

  4. Enter in the information specific to your environment, then click Next. See Table 5-2 for a description of the fields.

  5. Select Update that driver (including the driver’s image) to update the driver, or select Select a different driver, then click Next.

  6. View the summary of changes, then click Finish.