Chat now with support
Chat with Support

Active Roles 7.2.1 - Evaluator Guide

Introduction Test lab setup Managing users and groups Delegating administration Using Managed Units Using Active Roles policies Managing Exchange recipients Managing permissions in Active Directory Using dynamic groups Delegating computer resource management Using audit trail and reporting Using Active Roes replication Customizing the Web Interface

Clean up your test environment

The policy you configured and used in this section may interfere with the policies discussed in the sections that follow. To prevent this issue, you should block the effect of the E-mail Alias Generation policy on your test domain before you proceed to the next sections.

To block the effect of the E-mail Alias Generation policy

  1. In the Active Roles console, right-click your test domain, and click Enforce Policy.
  2. In the Active Roles Policy window, locate the list entry named E-mail Alias Generation, and select the Blocked check box in that entry.
  3. Click OK to close the Active Roles Policy window.

Use an E-mail Alias Generation policy

Using Active Roles policies > Use an E-mail Alias Generation policy

To implement the scenario described in this section, you must have Microsoft Exchange 2007 or later installed in your test Active Directory forest.

You can use a policy of the E-mail Alias Generation category to automate the assignment of the e-mail alias when designating a user as mailbox-enabled on Microsoft Exchange Server. By default, Microsoft Exchange Server provides for the following recipient e-mail address format: <alias>@<domain>. You can use pre-defined rules to generate e-mail aliases, or configure custom rules. Custom rules provide for addition of an incremental numeric value to ensure uniqueness of the alias.

The policy described in this scenario generates the e-mail alias in accordance with this rule: user first name, optionally followed by a three-digit uniqueness number, followed by a period, followed by the user last name. Examples of aliases generated by this rule are as follows:

  • John.Smith
  • John001.Smith
  • John002.Smith

The policy generates the alias John001.Smith for the user John Smith if the alias John.Smith is in use. If both John.Smith and John001.Smith are in use, the policy generates the alias John002.Smith, and so on.

The following two sections elaborate on the steps to implement this scenario.

Create and apply the Policy Object

You can create and apply the Policy Object using the Active Roles console as follows.

To create and apply the Policy Object

  1. In the console tree, expand Configuration | Policies, right-click Administration, and select New | Provisioning Policy.
  2. On the Welcome page of the New Provisioning Policy Object wizard, click Next.
  3. In the Name box, type the name of the Policy Object: E-mail Alias Generation. Click Next.
  4. On the Policy to Configure page, click E-mail Alias Generation. Click Next.
  5. On the E-mail Alias Generation Rule page, click Other combination of user properties, and then click Configure.
  6. In the Configure Value dialog box, click Add.
  7. In the Add Entry window, configure the entry to include the user first name:
    1. Under Entry Type, click User Property.
    2. Under Entry Properties, click Select.
    3. In the Select Object Property window, click First Name in the Object property list, and then click OK.
    4. Click OK.
  8. In the Configure Value dialog box, click Add.
  9. In the Add Entry window, configure the entry to optionally include a uniqueness number:
    1. Under Entry type, click Uniqueness Number.
    2. Under Entry properties, set the entry options:
      1. Click Add if the property value is in use
      2. Select the Fixed-length number, with leading zeros check box
      3. In the box next to Length of the number, in digits, type 3
    3. Click OK.
  10. In the Configure Value dialog box, click Add.
  11. In the Add Entry window, configure the entry to include the period character:
    1. Under Entry properties, type the period character.
    2. Click OK.
  12. In the Configure Value dialog box, click Add.
  13. In the Add Entry window, configure the entry to include the user first name:
    1. Under Entry type, click User Property.
    2. Under Entry properties, click Select.
    3. In the Select Object Property window, click Last Name in the Object property list, and then click OK.
    4. Click OK.

    At this point, the Configured value box should display the following syntax:

    %<givenName>{@counter(optional,3)}.%<sn>

  1. Click OK to close the Configure Value dialog box.
  2. On the E-mail Alias Generation Rule page, click Next.
  3. On the Enforce Policy page, click Add.
  4. In the Select Objects window, select your test domain, click Add, and then click OK.
  5. Click Next, and then click Finish.

You must also take certain steps to override the effect of the default e-mail alias generation policy. You may block the policy effect for the entire domain or for individual containers within the domain.

To override the default e-mail alias generation policy

  1. In the Active Roles console, right-click your test domain (or a certain container, such as OU), and click Enforce Policy.
  2. In the Active Roles Policy window, locate the list entry named Built-in Policy - Default E-mail Alias, and select the Blocked check box in that entry.
  3. Click OK to close the Active Roles Policy window.

Test the E-mail Alias Generation policy

Using Active Roles policies > Use an E-mail Alias Generation policy > Test the E-mail Alias Generation policy

The policy effect on the user creation operation is as follows. On the user creation forms, the Active Roles user interfaces provide a Generate button to create an e-mail alias in accordance with the policy rule. In the event of an alias naming conflict, clicking the Generate button causes the policy to add a uniqueness number to the alias.

You can use the following steps to verify the policy behavior in the Active Roles console.

To verify the policy behavior using the Active Roles console

  1. Create the user account for the first user:
    1. In the console tree, right-click an OU in your test domain, and select New | User.
    2. In First name, type John; in Last name, type Smith.
    3. Fill in User logon name and User logon name (pre-Windows 2000).
    4. Click Next.
    5. Fill in Password and Confirm password, and click Next.
    6. Click the button located next to the Alias box.

      This will generate John.Smith as the e-mail alias.

    1. Complete the creation of the user account.
  2. Create the user account for the second user:
    1. In the console tree, right-click an OU in your test domain, and select New | User.
    2. In First name, type John; in Initials, type A, in Last name, type Smith.
    3. Fill in User logon name and User logon name (pre-Windows 2000).
    4. Click Next.
    5. Fill in Password and Confirm password, and click Next.
    6. Click the button located next to the Alias box.

      This will generate John001.Smith as the e-mail alias, since the alias John.Smith is in use.

    1. Complete the creation of the user account.
  3. Create the user account for the third user:
    1. In the console tree, right-click an OU in your test domain, and select New | User.
    2. In First name, type John; in Initials, type B, in Last name, type Smith.
    3. Fill in User logon name and User logon name (pre-Windows 2000).
    4. Click Next.
    5. Fill in Password and Confirm password, and click Next.
    6. Click the button located next to the Alias box.

    This will generate John002.Smith as the e-mail alias, since both the John.Smith and John001.Smith aliases are in use.

Related Documents