Having used the Synchronization Editor to set up a synchronization project for initial synchronization of Microsoft Exchange, you can use the synchronization project to load Microsoft Exchange objects into the One Identity Manager database. When you manage mailboxes, email users, email contacts, and mail-enabled distribution groups with One Identity Manager, modifications are provisioned in the Microsoft Exchange system.
You must customize the synchronization configuration in order to compare the One Identity Manager database with the Microsoft Exchange regularly and to synchronize changes.
- You can use variables to create generally applicable synchronization configurations that contain the necessary information about the synchronization objects when synchronization starts. Variables can be implemented in base objects, schema classes, or processing method, for example.
- To specify which Microsoft Exchange objects and database objects are included in synchronization, edit the scope of the target system connection and the One Identity Manager database connection. To prevent data inconsistencies, define the same scope in both systems. If no scope is defined, all objects will be synchronized.
- Update the schema in the synchronization project if the One Identity Manager schema or target system schema has changed. Then you can add the changes to the mapping.
IMPORTANT: As long as a synchronization process is running, you must not start another synchronization process for the same target system. This especially applies, if the same synchronization objects would be processed.
-
If another synchronization process is started with the same start up configuration, the process is stopped and is assigned Frozen status. An error message is written to the One Identity Manager Service log file.
-
Starting another synchronization process with different start up configuration that addresses same target system may lead to synchronization errors or loss of data. Specify One Identity Manager behavior in this case, in the start up configuration.
For more detailed information about configuring synchronization, see the One Identity Manager Target System Synchronization Reference Guide.
Detailed information about this topic
The synchronization project for initial synchronization provides a workflow for initial loading of target system objects (initial synchronization) and one for provisioning object modifications from the One Identity Manager database to the target system (provisioning). To use One Identity Manager as the master system during synchronization, you also require a workflow with synchronization in the direction of the Target system.
To create a synchronization configuration for synchronizing Microsoft Exchange
-
Open the synchronization project in the Synchronization Editor.
- Check whether existing mappings can be used for synchronizing the target system. Create new maps if required.
- Create a new workflow with the workflow wizard.
This creates a workflow with Target system as its synchronization direction.
- Create a new start up configuration. Use the new workflow to do this.
- Save the changes.
-
Run a consistency check.
All the schema data (schema types and schema properties) of the target system schema and the One Identity Manager schema are available when you are editing a synchronization project. Only a part of this data is really needed for configuring synchronization. If a synchronization project is finished, the schema is compressed to remove unnecessary data from the synchronization project. This can speed up the loading of the synchronization project. Deleted schema data can be added to the synchronization configuration again at a later point.
If the target system schema or the One Identity Manager schema has changed, these changes must also be added to the synchronization configuration. Then the changes can be added to the schema property mapping.
To include schema data that have been deleted through compression and schema modifications in the synchronization project, update each schema in the synchronization project. This may be necessary if:
To update a system connection schema
-
Open the synchronization project in the Synchronization Editor.
-
Select the Configuration | Target system category.
- OR -
Select the Configuration | One Identity Manager connection category.
-
Select the General view and click Update schema.
- Confirm the security prompt with Yes.
This reloads the schema data.
To edit a mapping
-
Open the synchronization project in the Synchronization Editor.
-
Select the Mappings category.
-
Select a mapping in the navigation view.
Opens the Mapping Editor. For more detailed information about mappings, see the One Identity Manager Target System Synchronization Reference Guide.
NOTE: The synchronization is deactivated if the schema of an activated synchronization project is updated. Reactivate the synchronization project to synchronize.
When you start synchronization, all synchronization objects are loaded. Some of these objects have not be modified since the last synchronization and, therefore, must not be processed. Synchronization is accelerated by only loading those object pairs that have changed since the last synchronization. One Identity Manager uses revision filtering to accelerate synchronization.
IMPORTANT: The revision algorithm can only be enabled in synchronization projects created with One Identity Manager version 8.0 or higher.
If revisioning was enabled in old 7.x synchronization projects, modifications made directly in Microsoft Exchange are also not identified. We recommend that you set up the synchronization project again using the synchronization project template implemented from version 8.0 onwards.
Microsoft Exchange supports revision filtering for the schema types Mailbox, MailUser, MailContact, MailPublicFolder, DistributionGroup and DynamicDistributionGroup.
You can configure the change time stamp for revision filtering using the following connection parameters in the synchronization project.
-
Use local server time for the revision: If the value is true, the local server time of the server is used for revision filtering. (default) This makes it unnecessary to load target system object for determining the revision. If the value is false, the change time stamp of the underlying Active Directory objects are used for revision filtering.
Variable: CP_UseLocalServerTimeAsRevision
-
Max. time difference (local/remote) in minutes: Defines the maximum time difference in minutes between the synchronization server and the Microsoft Exchange server. The default value is 60 minutes. If the time difference is more than 60 minutes, alter the value.
Variable: CP_LocalServerRevisionMaxDifferenceInMinutes
The time resulting from the local server time and the maximum time difference is saved as the revision number in the One Identity Manager database (DPRRevisionStore table, Value column). If the local server time is used, the revision number is calculated from the time at which the object was changed.
This value is used as a comparison for revision filtering when the same workflow is synchronized the next time. The next time synchronization is run, only those objects that have been changed since this date are loaded. This avoids unnecessary updating of objects that have not changed since the last synchronization.
The revision is found at start of synchronization. Objects modified by synchronization are loaded and checked by the next synchronization. This means that the second synchronization after initial synchronization is not significantly faster.
Revision filtering can be applied to workflows and start up configuration.
To permit revision filtering on a workflow
To permit revision filtering for a start up configuration
NOTE: Specify whether revision filtering will be applied when you first set up initial synchronization in the project wizard.
For more detailed information about revision filtering, adjusting connections parameters and editing variables, see the One Identity Manager Target System Synchronization Reference Guide.
