Anonymous_User Absent Member.
Absent Member.
246 views

Exchange MailBox synchronise User from metadirectory to AD


Hello,

In the project I have a Active Directory Driver (IDM 401) that
synchronised users from eDirectory to Active Directory. When a user is
created in eDirectory, the user is created in AD and an Exchange Mail
(Exchange 2007) box is created in Active Directory. When the user is
deleted from eDirectory is also delete in Active Directory.
The problem is : we wish and I don't know if it's possible with this
driver, if the Exchange mailbox is deleted from Active directory, the
driver detect it and recreated the Mailbox.
On the opposite, some users don't have Exchange Mailbox. It's depends on
an attribut. If a Mailbox is created in Active Directory for this users
the driver have to detect it and delete the Exchange Mailbox. Is it
possible too ?
I tried differents solutions but nothing works.
Someone have an idea ?
Thanks.


--
elo_mbd
------------------------------------------------------------------------
elo_mbd's Profile: https://forums.netiq.com/member.php?userid=2988
View this thread: https://forums.netiq.com/showthread.php?t=49075

Labels (1)
0 Likes
9 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD

On 10/28/2013 1:54 PM, elo mbd wrote:
> The problem is : we wish and I don't know if it's possible with this
> driver, if the Exchange mailbox is deleted from Active directory, the
> driver detect it and recreated the Mailbox.

If the mailbox is deleted the homeMDB attribute will be removed. You can detect this on the
publisher channel and then recreate the mailbox.

> On the opposite, some users don't have Exchange Mailbox. It's depends on
> an attribut. If a Mailbox is created in Active Directory for this users
> the driver have to detect it and delete the Exchange Mailbox. Is it
> possible too ?


Yes, this is the inverse case. So ultimately you could have a rule on the publisher (probably the
event transform) that looks for a changing homeMDB attribute. If the user is supposed to have a
mailbox and homeMDB is removed, then recreate it. If they are not supposed to have a mailbox and it
is added then delete the homeMDB.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD


Thanks for your help.
To be sure I have understand, the driver monitor the homeMDB attribute.
If this one exists in AD and is deleted, the driver detects it and fills
this attribute again. This action recreated automaticaly the Exchange
Mailbox ?
If a user don't have homeMDB and we add one in AD, the driver detects it
and delete the attribute. This action deleted automatically the Exchange
Mailbox ?


--
elo_mbd
------------------------------------------------------------------------
elo_mbd's Profile: https://forums.netiq.com/member.php?userid=2988
View this thread: https://forums.netiq.com/showthread.php?t=49075

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD


Yes, but you will have to build the rules for this. It is not included.

And as Shon remarked > What you really probably want to do is re-associate the
> user with his original mailbox rather than create a new one, which I
> don't think the driver is capable of doing. It is possible to do it
> manually through the console or powershell, so you may want to send an
> email to an administrator rather than automatically create a new one.


What you possibly could do is utilize the new 4.0.2 powershell
functionality to get the maillbox linked back, have not tried that yet
but the possibilities are powerful.


--
joakim_ganse
------------------------------------------------------------------------
joakim_ganse's Profile: https://forums.netiq.com/member.php?userid=159
View this thread: https://forums.netiq.com/showthread.php?t=49075

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD

Hey joakim ganse, on 30.10.2013 20:36:32, you wrote:

>
> What you possibly could do is utilize the new 4.0.2 powershell
> functionality to get the maillbox linked back, have not tried that yet
> but the possibilities are powerful.


You are limited to running commands that are self contained, so you'd
need a one-liner like this (not tested, but you should be able to get
this working without too much trouble)

Get-MailboxStatistics | where { $_.DisconnectDate -ne $null -and
$_.LegacyDN -imatch ".*AccountName" } | Connect-Mailbox -Database
"mailboxDB"

--
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Knowledge Partner
Knowledge Partner

Re: Exchange MailBox synchronise User from metadirectory to AD

> To be sure I have understand, the driver monitor the homeMDB attribute.
> If this one exists in AD and is deleted, the driver detects it and fills
> this attribute again. This action recreated automaticaly the Exchange
> Mailbox ?


I am not sure this is true. In principle if you had a mapped attribute
in eDirectory, mapped to homeMDB in AD, and it was flagged Pub-Reset
then it should. But this is rarely how anyone operates.

> If a user don't have homeMDB and we add one in AD, the driver detects it
> and delete the attribute. This action deleted automatically the Exchange
> Mailbox ?


You could configure it this way, but not out of the box, I think.

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD

Hey Geoffrey Carman, on 30.10.2013 20:49:23, you wrote:

> > To be sure I have understand, the driver monitor the homeMDB
> > attribute. If this one exists in AD and is deleted, the driver
> > detects it and fills this attribute again. This action recreated
> > automaticaly the Exchange Mailbox ?

>
> I am not sure this is true. In principle if you had a mapped
> attribute in eDirectory, mapped to homeMDB in AD, and it was flagged
> Pub-Reset then it should. But this is rarely how anyone operates.


Assuming that worked (haven't tested it) that would just create a new
mailbox. Wouldn't properly revert the change by reconnecting the
disconnected mailbox.

--
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Knowledge Partner
Knowledge Partner

Re: Exchange MailBox synchronise User from metadirectory to AD

On 10/30/2013 5:31 PM, Alex McHugh wrote:
> Hey Geoffrey Carman, on 30.10.2013 20:49:23, you wrote:
>
>>> To be sure I have understand, the driver monitor the homeMDB
>>> attribute. If this one exists in AD and is deleted, the driver
>>> detects it and fills this attribute again. This action recreated
>>> automaticaly the Exchange Mailbox ?

>>
>> I am not sure this is true. In principle if you had a mapped
>> attribute in eDirectory, mapped to homeMDB in AD, and it was flagged
>> Pub-Reset then it should. But this is rarely how anyone operates.

>
> Assuming that worked (haven't tested it) that would just create a new
> mailbox. Wouldn't properly revert the change by reconnecting the
> disconnected mailbox.


That makes sense. I was thinking that the actual homeMDB value in AD
would be sufficient to relink it, but of course that is the DN of the
MDB object, and your mailbox is inside it. So I imagine it would look
like a naming collision to Exchange and deconflict it somehow.


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD


The first thar pops up is better manual tasks. What is allowed and not
to do in AD.
But yes it is possible to do, you have to monitor the exchange homemdb
attribute, forgot what the exact name is.

If it is deleted, recreate the mailbox. I would send an e-mail instead
and taka back the mailbox from backup, Guess they want the e-mails back
as well.

If the attribute is added delete the mailbox.


--
joakim_ganse
------------------------------------------------------------------------
joakim_ganse's Profile: https://forums.netiq.com/member.php?userid=159
View this thread: https://forums.netiq.com/showthread.php?t=49075

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Exchange MailBox synchronise User from metadirectory to AD

On 10/28/13 1:44 PM, joakim ganse wrote:
>
> The first thar pops up is better manual tasks. What is allowed and not
> to do in AD.
> But yes it is possible to do, you have to monitor the exchange homemdb
> attribute, forgot what the exact name is.
>
> If it is deleted, recreate the mailbox. I would send an e-mail instead
> and taka back the mailbox from backup, Guess they want the e-mails back
> as well.
>
> If the attribute is added delete the mailbox.
>
>


When an Exchange mailbox is "deleted", it is usually just disassociated
from the user, but continues to exist for a while (I think 30 days is
the default.) What you really probably want to do is re-associate the
user with his original mailbox rather than create a new one, which I
don't think the driver is capable of doing. It is possible to do it
manually through the console or powershell, so you may want to send an
email to an administrator rather than automatically create a new one.

--
Shon
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.