4.5 Applying the Overlay for Exchange Mailboxes

If you have upgraded from Identity Manager 2.x to Identity Manager 3.0.1 or above, the Active Directory driver overlay needs to be applied if Exchange provisioning is enabled on the driver. The overlay allows the driver to control deletes and moves with the Exchange mailboxes.

4.5.1 Applying the Overlay in Designer

  1. In the modeler, right-click on the AD driver connector icon, then click Run Configuration Wizard.

  2. Click Yes to allow the Configuration Wizard to run.

    Run Configuration Wizard message

  3. Select Browse and browse to the ActiveDirectoryUpdate.xml file, then click Open.

    The file is located in the following plug-in: eclipse\plugins\com.novell.designer.idm_x.x.x\defs\driver_configs\overlay_configs\ActiveDirectoryUpdate.xml.

    Driver Configuration Wizard

  4. Select AD Driver shim configuration update from IDM2 to IDM3, then click Run.

    Select the AD Driver shim configuration update

  5. Provide the information specific to your environment, then click Next. See Table 4-1 for a description of the fields.

  6. Click OK on the result screen. Review this information for any errors.

Table 4-1 Overlay Configuration Parameters in Designer

Parameter

Description

Driver name

The driver that needs to be updated with the new parameters. Enter in the driver name or browse to and select the driver.

Update driver

Updates the driver with the parameters. Select Yes if you want the driver updated. Select No if you do not want to update the driver.

homeMDB controls Exchange move

Allows a change to the user HomeMDB attribute to result in a move on the user’s Exchange mailbox when using CDOEXM. The Exchange Message Database, where the user’s mailbox is moved to, must be in the same domain as the old Exchange Message Database.

If Yes is selected and a User object is moved in eDirectory, the move is reflected in Active Directory and Exchange as well.

If No is selected and a User object is moved in eDirectory, it is reflected in Active Directory, but not in Exchange.

homeMDB controls Exchange delete

Allows removal of the user homeMDB attribute to result in a delete of the user’s Exchange mailbox when using CDOEXM.

If Yes is selected and an eDirectory User object is deleted, the associated Active Directory User object and Exchange accounts are deleted.

If No is selected and an eDirectory User object is deleted, the associated Active Directory User object is deleted, but the Exchange account is left intact.

Logon and impersonate

Allows the driver authentication account for CDOEXM and Password Set support to logon in different manners.

If No is selected, the driver performs only a network logon.

If Yes is selected, the driver performs a local logon. The authentication account must be an Active Directory account with administrative privileges.

4.5.2 Applying the Overlay in iManager

There are two different ways to update the driver through iManager. It can be updated in the Identity Manager Overview or through Identity Manager Utilities.

Identity Manager Overview

  1. In iManager, select Identity Manager > Identity Manager Overview.

  2. Select Search to find the Driver Set object where the Active Directory driver is stored.

  3. Select Add Driver in the Identity Manager Overview page.

  4. Browse to and select the Driver Set object where the Active Directory driver is stored, then click Next.

  5. Select Import a driver configuration from the server (.XML file).

  6. From the drop-down menu, select ActiveDirectoryUpdate.xml, then click Next.

  7. Provide the information specific to your environment, then click Next. See Table 4-2 for a description of the fields.

  8. Select Update that driver and all policy libraries to update the driver, or select Specify a different name for the driver and/or location for the policy libraries, then click Next.

  9. View the summary of changes, then click Finish.

Table 4-2 Overlay Configuration Parameters in iManager

Parameter

Description

Driver name

The driver that needs to be updated with the new parameters.

Existing drivers

From the drop-down menu, select the name of the updated AD driver with Exchange provisioning enabled. After the driver name is selected, the Drive name field is automatically populated.

Update driver

Updates the driver with the parameters. Select Yes if you want the driver updated. Select No if you do not want to update the driver.

homeMDB controls Exchange move

Allows a change to the user HomeMDB attribute to result in a move on the user’s Exchange mailbox when using CDOEXM. The Exchange Message Database, where the user’s mailbox is moved to, must be in the same domain as the old Exchange Message Database.

If Yes is selected and a User object is moved in eDirectory, the move is reflected in Active Directory and Exchange as well.

If No is selected and a User object is moved in eDirectory, it is reflected in Active Directory, but not in Exchange.

homeMDB controls Exchange delete

Allows removal of the user homeMDB attribute to result in a delete of the user’s Exchange mailbox when using CDOEXM.

If Yes is selected and an eDirectory User object is deleted, the associated Active Directory User object and Exchange accounts are deleted.

If No is selected and an eDirectory User object is deleted, the associated Active Directory User object is deleted, but the Exchange account is left intact.

Logon and impersonate

Allows the driver authentication account for CDOEXM and Password Set support to logon in different manners.

If No is selected, the driver performs only a network logon.

If Yes is selected, the driver performs a local logon. The authentication account must be an Active Directory account with administrative privileges.

Identity Manager Utilities

  1. In iManager, select Identity Manager Utilities > Import Configurations.

  2. Browse to and select the Driver Set object where the Active Directory driver is stored, then click Next.

  3. Under Additional Policies, select AD Driver shim configuration update from IDM2 to IDM 3, then click Next.

    AD Driver overlay file

  4. Provide the information specific to your environment, then click Next. See Table 4-2 for a description of the fields.

  5. Select Update that driver and all policy libraries to update the driver, or select Specify a different name for the driver and/or location for the policy libraries, then click Next.

  6. View the summary of changes, then click Finish.