Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.

How to manage multiple email addresses for users in eDirectory linked to Active Directory and Exchange with Identity Manager

How to manage multiple email addresses for users in eDirectory linked to Active Directory and Exchange with Identity Manager

How to use multiple e-mail addresses for users in eDirectory and Exchange.

We have users that require e-mail addresses aliases, in Microsoft Exchange terminology, proxyAddresses. This works very well to give a user a temporary e-mail address for receiving specific e-mail messages when they do not need to reply using that temporary address. For example, HR places an employment ad in the paper or online, you can give them an address specifically for that listed ad, job1234@company.com. They do not have to worry about their normal address being posted and harvested by spammers, once the ad expires, remove the proxyaddress and no more e-mail will be accepted for that address.



The problem arises that while the e-mail address field in eDirectory is mutli-valued, AD doesn't have a multi-valued field for e-mail address of a user. Because we want to be able to do our primary user maintenance in eDirectory, we needed a way to enter multiple e-mail addresses for a user and have them be transfered to Exchange 2007. Exchange also requires there to be a primary address for users, and it only differentiates that by having the address prefix SMTP: in upper case, instead of smtp: lower case, which are the proxyaddresses. Also, eDirectory has no direct designation for which value in the e-mail address field is the primary address, so it is difficult to only use this field for setting the proxyaddress values. To work around this, we created a new attribute that can be associated with the users requiring alternate addresses. IDM then uses those values as the proxyaddresses in exchange.



Note: You must already have exchange entitlement or other method of creating and linking the Exchange accounts with Identity Manager working.




Exchange: Turn off “Automatically update e-mail addresses based on e-mail address policy” for all users, or at least those who will use proxyAddresses or Exchange will reset the addresses to match the address policy.





Do these Creates on both primary eDirectory and Vault eDirectory.



create new attribute: EXProxyAddresses as Case Ignore String Sync immediate, public read.



iManager roles and tasks:


Schema: Create Attribute





name: EXProxyAddresses (leave ASN1 ID blank)





syntax: Case Ignore String





flags: Synchronize immediately, Public Read






Click Finish.




create new class: auxEXProxyAddresses with attribute as optional


iManager roles and tasks:

Schema: Create Class





name: auxEXProxyAddresses (leave ASN1 ID blank)





flags: auxiliary Class




inherit: none





mandatory: none





optional: EXProxyAddresses




naming: none




Click Finish.




Add the attribute to the Identity Manager Driver Filters:



[Do this on both Vault and eDirectory connector Driver set]


iManager Identity manager overview:

Select the eDir driver:





click the driver filter





Select the User Class:





click Add Attribute:





scroll to the bottom






click “Show all attributes"




Select the new EXProxyAddresses attribute





Set the synchronization methods:


Publish: Synchronize

Subscribe: Synchronize





Add the attribute to the Identity Manager ActiveDirectory Driver Filter:


(same screens as previous)


iManager:

  Identity manager overview:

    Select the MAD driver:

      click the driver filter

        Select the User Class:

          click Add Attribute:

            scroll to the bottom

              click “Show all attributes"

                Select the new EXProxyAddresses attribute

                  Set the synchronization methods:

                    Publish: Ignore (may choose synchronize as well)

                    Subscribe: Synchronize




Setup the proxy addresseses for AD driver- (you may need to use IE as some versions of FireFox had problems)



iManager:

  select the outputTransform from the AD driver (same place you would have the

  general setting of the exchange e-mail attribute)

    Create a Policy Rule for Primary proxy address for AD Driver [primary is SMTP:]

      Conditions:

          If class name equal "User"

          And if source attribute 'Internet EMail Address' available


      Actions:

          clear destination attribute value ("proxyAddresses",when="after")

          add destination attribute value ("proxyAddresses",when="after","SMTP:"+Source
          Attribute("Internet EMail Address"))




    Create a Policy Rule for proxy E-mail addresses [these are smtp:]

      Conditions:

          if class name equal "User"

          And if source attribute 'Internet EMail Address' available

          And if source attribute 'EXProxyAddresses' available


      Actions:

          for each (nodeset(Attribute("EXProxyAddresses"))

          actions (add destination attribute
          value ("proxyAddresses",when="after","smtp:"+Local Variable("current-node"))))





Add the class selected user objects:


iManager:

  Roles and tasks:

    Schema:

      Object Extentions

        Enter object: (can only do one at a time)

          current list: [if auxEXProxyAddresses is not listed, click Add]

            select auxEXProxyAddresses from the list and click ok.





iManager: alternative

  ViewObjects:

    Browse tab:

      Select the user: Select Object Extensions

        click OK to extend the selected object

          current list: [if auxEXProxyAddresses is not listed, click Add]

            select auxEXProxyAddresses from the list and click ok.



ConsoleOne:

  Select user to add the class to

    right click: select Extensions of this object

      Add Extension: auxEXProxyAddresses

        (click ok, to no template)

          (enter anything for name (even space))




Add proxy addresses to the User object:


iManager:

  ViewObjects: Browse

    select the user: Modify object (not modify user)

      Other tab: double click EXProxyAddress

        click the + to add [- to remove, pencil to edit]

          add/remove/edit the proxy addresses

          (do NOT include the primary e-mail address here)

          click OK or apply to add them



ConsoleOne:

  Select user to add proxy addresses to (double click or right click: properties)

      Other tab:

        if EXProxyAddresses is not listed, click Add and select it)

          add values [ to add another, click EXProxyAddress and click Add]

          (do NOT include the primary e-mail address here)

          click OK or apply to save the changes.



IDM will then synchronize your EXProxyAddress entries to your Exchange ProxyAddress values in Active Directory.

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2009-09-09 23:12
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.