Chat now with support
Chat with Support

Identity Manager 9.3 - Administration Guide for Connecting to Microsoft Exchange

Managing Microsoft Exchange environments Synchronizing a Microsoft Exchange environment
Setting up initial synchronization with Microsoft Exchange Customizing the synchronization configuration Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Basic data for managing a Microsoft Exchange environment Microsoft Exchange structure Microsoft Exchange mailboxes Microsoft Exchange mail users and Microsoft Exchange mail contacts Microsoft Exchange mail-enabled distribution groups Microsoft Exchange dynamic distribution groups Microsoft Exchange mail-enabled public folders Extensions for supporting Exchange Hybrid environments Error handling Configuration parameters for managing a Microsoft Exchange environment Default project template for Microsoft Exchange Processing methods of Microsoft Exchange system objects Microsoft Exchange connector settings

Microsoft Exchange deactivating mailboxes

How you deactivate mailboxes depends on the type of mailbox administration. When you deactivate a mailbox, the Do not display in address list option is enabled and the mailbox is no longer shown in address books.

Scenario: Mailboxes are linked to identities and are managed through account definitions.

Mailboxes managed through account definitions are disabled when the identity is temporarily or permanently disabled. The behavior depends on the mailbox's manage level. Mailboxes with the Full managed manage level are deactivated depending on the account definition settings. Use the EXOMailbox.IsLocked column to configure the behavior for mailboxes with another manage level.

Scenario: Mailboxes are linked to identities. No account definition is applied.

The behavior depends on the QER | Person | TemporaryDeactivation configuration parameter

  • If the configuration parameter is set, mailboxes for an identity are disabled if the identity is temporarily or permanently disabled.

  • If the configuration parameter is not set, the identity data does not have any effect on the linked mailboxes.

To lock a mailbox when the configuration parameter is not set

  1. In the Manager, select the Active Directory > Mailboxes category.

  2. Select a mailbox in the result list.

  3. Select the Change main data task.

  4. Set the Mailbox is disabled option on the General tab.

  5. Save the changes.
Scenario: Mailboxes are not linked to identities.

To lock a mailbox, which is not linked to an identity

  1. In the Manager, select the Active Directory > Mailboxes category.

  2. Select a mailbox in the result list.

  3. Select the Change main data task.

  4. Set Mailbox is disabled on the General tab.

  5. Save the changes.
Related topics

Deleting and restoring Microsoft Exchange mailboxes

When you delete a mailbox, the Do not display in address lists option is enabled and the mailbox is no longer shown in address books. The settings Use default database values, Max. send size [KB], Max. receiving size [KB], Prohibit transfer above [KB], and Prohibit send at [KB] are reset, so that no email messages can be sent or received with this mailbox.

As long as an account definition still applies to an identity, the identity retains the mailbox that was created by it. If the account definition assignment is removed, the mailbox created through this account definition, is deleted.

In the Manager, delete mailboxes that were not created using an account definition, via the result list or the menu bar. After you have confirmed the security prompt the mailbox is marked for deletion in One Identity Manager.

To delete a mailbox that is not managed using an account definition

  1. In the Manager, select the Active Directory > Mailboxes category.

  2. Select a mailbox in the result list.

  3. Click in the result list.

  4. Confirm the security prompt with Yes.

Deferred deletion is taken into account if a mailbox is being deleted. You can use deferred deletion to specify how long the mailboxes remain in the database after deletion is triggered before they are finally removed. You can reenable mailboxes up until deferred deletion runs.

If the QER | Person | User | DeleteOptions | ReapplyTemplatesOnRestore is set, the template is applied again when reenabling a mailbox marked for deletion that is managed through an account definition. This means that properties dependent on the IT operating data are automatically recreated according to the current configuration.

To restore a mailbox

  1. In the Manager, select the Active Directory > Mailboxes category.

  2. Select a mailbox in the result list.

  3. Click in the result list.

Configuring deferred deletion

By default, mailboxes are finally deleted from the database after 30 days. During this period you have the option to reactivate the mailboxes. A restore is not possible once deferred deletion has expired.

In the Designer, you can set an alternative delay on the EX0MailContact table. For more information about configuring deferred deletion, see the One Identity Manager Configuration Guide.

Related topics

Microsoft Exchange mail users and Microsoft Exchange mail contacts

Mail-enabled recipients obtain data about users from outside the Microsoft Exchange organization. There is at least one email address defined for a mail recipient. Notification is automatically forwarded to this email address. You can manage mail-enabled One Identity Manager user accounts (mail users) and mail-enabled Active Directory contacts (mail contacts) in Active Directory.

Detailed information about this topic

Creating Microsoft Exchange mail users

Enter mail users for Active Directory user accounts. Active Directory user accounts can either have a mailbox or be mail-enabled. If a user account already has a mailbox, you must delete the mailbox before you set up a mail user for this user account.

NOTE: It is recommended to use account definitions to set up mail users for company identities.

  • In order to create mail users through account definitions, identities must have a central user account and obtain the IT operating data through assignment to a primary department, primary location, or a primary cost center.

  • Some of the main data of the mail users is mapped from identity main data using templates.

To create a mail user

  1. In the Manager, select the Active Directory > Mail users category.

  2. Click in the result list.

  3. On the main data form, enter the main data of the user.

  4. Save the changes.

To create a mail user for an Active Directory user account manually

  1. In the Manager, select the Active Directory > User accounts category.

  2. In the result list, select the user account then select the Change main data task.

  3. Select Create mail user.

  4. Enter the following information:

    • Active Directory user account: The user account is already selected.

    • Exchange organization: The Microsoft Exchange organization is already selected. Check the setting.

    • Destination address type: Target address type of the email address.

    • Destination address: Email address to which the messages should be forwarded.

    • Alias: Unique alias for further identification of the mail user.

  5. Save the changes.
Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating