Chat now with support
Chat with Support

Active Roles 7.4.1 - Solutions Guide

Active Roles Solutions Overview ERFM Solution Overview Configuration Transfer Wizard overview Understanding SPML Provider Skype for Business Solution Overview
Introducing Skype for Business Server User Management Supported Active Directory topologies User Management policy Master Account Management policy Access Templates for Lync Server Deploying the Solution Managing Skype for Business Server Users
Management Pack for SCOM

Account modification

This section demonstrates how Exchange Resource Forest Management handles the changes you make to a master account. Making changes to certain properties results in updating data in both the master account and shadow account, whereas modification of some other properties only updates data in the shadow account. Therefore, two examples are considered:

Making changes to synchronized properties

When you update certain properties of a master account, Exchange Resource Forest Management updates those properties in both the master account and shadow account. These properties are referred to as synchronized properties. For details, see Synchronized properties earlier in this document.

To verify the behavior of synchronized properties

  1. In the Web Interface, select a mailbox-enabled user account held in the Accounts OU, and then choose the General Properties command.
  2. On the General tab, make changes to the First name or Last name field.
  3. Go to the Organization tab and make changes to the Title, Department, or Company field.
  4. Click Save to apply your changes.
  5. Locate the shadow account in the Mailboxes OU—the name of the shadow account is identical to the name of the master account you have modified in the Accounts OU.
  6. Choose the Properties command for the shadow account.
  7. Examine data on the General and Organization tabs to verify that the changes you have made to the master account are also applied to the shadow account.

You can review the updates to the account properties by using the Change History command on the master account and on the shadow account—the Change History results provide information on which properties were updated, what changes were made to the properties, who performed the update, and when.

Making changes to substituted properties

When you view or change certain properties of a master account in an accounts forest, Exchange Resource Forest Management redirects the retrieval or change request to the properties of the shadow account in the Exchange forest. Such properties are referred to as substituted properties.

All the substituted properties that are mandatory for Exchange Resource Forest Management to work are listed in the Substituted properties section, earlier in this document. These properties used to store mailbox settings. As mailboxes are located in the Exchange forest, the updates to such properties need to be performed on the shadow accounts. Exchange Resource Forest Management implements a mechanism for capturing updates to substituted properties on the master account side and then applying those changes on the shadow account side.

You can view or modify some of the substituted properties on the Web Interface pages for managing Exchange recipient properties of a mailbox-enabled user account in the Accounts OU.

To view or change Exchange properties on the master account

  1. In the Web Interface, select a mailbox-enabled user account held in the Accounts OU, and then choose the Exchange Properties command.
  2. View or change the settings on the following tabs:
    • General
    • E-mail Addresses
    • Mailbox Features
    • Mail Flow Settings
    • Mailbox Settings
  3. Click Save to apply your changes.

Once you have completed these steps, your changes are applied to the shadow account associated with the master account you were administering. You can verify this by using the Change History command on the shadow account. The Change History results indicate that the changes were actually made to the properties of the shadow account, in the Mailboxes OU.

Account deprovisioning

When you use Active Roles to deprovision a master account, Exchange Resource Forest Management causes Active Roles to deprovision the shadow accounts as well. In this way, Active Roles deprovisions the master account’s mailbox. You can verify this behavior by using the Active Roles Web Interface.

To deprovision a master account

  • In the Web Interface, select a mailbox-enabled user account held in the Accounts OU, and then choose the Deprovision command.

Once you have completed these steps, the Deprovision command is performed not only on the master account but also on the shadow account. You can verify this by using the Deprovisioning Results command on the shadow account in the Mailboxes OU.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating