Chat now with support
Chat with Support

Identity Manager 8.0 - Administration Guide for Connecting to Microsoft Exchange

Managing Microsoft Exchange Environments Setting up Microsoft Exchange Synchronization Base Data for Managing Microsoft Exchange Microsoft Exchange Structure Mailboxes E-Mail Users and E-Mail Contacts Mail-enabled Distribution Groups Dynamic Distribution Group Mail-Enabled Public Folder Extensions for Supporting Exchange hybrid Troubleshooting Appendix: Configuration Parameters for Managing a Microsoft Exchange Environment Appendix: Default Project Template for Microsoft Exchange

Customizing Synchronization Configuration

Customizing Synchronization Configuration

You have used the Synchronization EditorClosed to set up a synchronization project for initial synchronization with Microsoft Exchange. You can use this synchronization project to load Microsoft Exchange objects into the One Identity Manager database. When you manage mailboxes, e-mail users, e-mail contacts and mail-enabled distribution groups with One Identity Manager, modifications are provisioned in the Microsoft Exchange system.

You must customize the synchronization configuration in order to compare the One Identity Manager database with the Microsoft Exchange regularly and to synchronize changes.

  • You can use variables to create generally applicable synchronization configurations which contain the necessary information about the synchronization objects when synchronization starts. Variables can be implemented in base objects, schema classes or processing method, for example.
  • To specify which Microsoft Exchange objects and database object are included in synchronization, edit the scope of the target system connection and the One Identity Manager database connection. To prevent data inconsistencies, define the same scope in both systems. If no scope is defined, all objects will be synchronized.
  • Update the schema in the synchronization project, if the One Identity Manager schema or target system schema has changed. Then you can add the changes to the mapping.

IMPORTANT: As long as synchronization is running, you must not start another synchronization for the same target system. This applies especially, if the same synchronization objects would be processed.

  • The moment another synchronization is started with the same start up configuration, the running synchronization process is stopped and given the status, "Frozen". An error message is written to the One Identity Manager Service log file.
  • If another synchronization is started with another start up configuration, that addresses same target system, it may lead to synchronization error or loss of data. Plan your start times carefully. If possible, specify your start times so that synchronization does not overlap.

For more detailed information about configuring synchronization, see the One Identity Manager Target SystemClosed SynchronizationClosed Reference Guide.

Detailed information about this topic

How to Configure Microsoft Exchange Synchronization

How to Configure Microsoft Exchange Synchronization

The synchronization project for initial synchronization provides a workflow for initial loading of target system objects (initial synchronization) and one for provisioning object modifications from the One Identity Manager database to the target system (provisioning). You also require a workflow with synchronization in the direction of the "target system" to use One Identity Manager as the master system for synchronization.

To create a synchronization configuration for synchronizing Microsoft Exchange

  1. Open the synchronization project in the Synchronization EditorClosed.

  2. Check whether existing mappings can be used for synchronizing the target system. Create new maps if required.
  3. Create a new workflow with the workflow wizard.

    This adds a workflow for synchronizing in the direction of the target system.

  4. Create a new start up configuration. Use the new workflow to do this.
  5. Save the changes.
  6. Run a consistency check.

Updating Schemas

Updating Schemas

All the schema data (schema types and schema properties) of the target system schema and the One Identity Manager schema are available when you are editing a synchronization project. Only a part of this data is really needed for configuring synchronization. If a synchronization project is finished, the schema is compressed to remove unnecessary data from the synchronization project. This can speed up loading the synchronization project. Deleted schema data can be added to the synchronization configuration again at a later point.

If the target system schema or the One Identity Manager schema has changed, these changes must also be added to the synchronization configuration. Then the changes can be added to the schema property mapping.

To include schema data that have been deleted through compressing and schema modifications in the synchronization project, update each schema in the synchronization project. This may be necessary if:

  • A schema was changed by:
    • Changes to a target system schema
    • Customizations to the One Identity Manager schema
    • A One Identity Manager update migration
  • A schema in the synchronization project was shrunk by:
    • Activating the synchronization project
    • Synchronization projectClosed initial save
    • Compressing a schema

To update a system connection schema

  1. Open the synchronization project in the Synchronization EditorClosed.

  2. Select the category Configuration | Target system.

    - OR -

    Select the category

    Configuration | One Identity Manager connection.

  3. Select the view General and click Update schema.
  4. Confirm the security prompt with Yes.

    This reloads the schema data.

To edit a mapping

  1. Open the synchronization project in the SynchronizationClosed Editor.

  2. Select the category Mappings.
  3. Select a mapping in the navigation view.

    Opens the MappingClosed Editor. For more detailed information about editing mappings, see One Identity Manager Target SystemClosed Synchronization Reference Guide.

NOTE: The synchronization is deactivated if the schema of an activated synchronization project is updated. Reactivate the synchronization project to synchronize.

Speeding Up Synchronization with Revision Filtering

Speeding Up Synchronization with Revision Filtering

When you start synchronization, all synchronization objects are loaded. Some of these objects have not be modified since the last synchronization and, therefore, must not be processed. SynchronizationClosed is accelerated by only loading those object pairs that have changed since the last synchronization. One Identity Manager uses revision filtering to accelerate synchronization.

Microsoft Exchange supports revision filtering for the schema types "Mailbox", "MailUser", "MailContact", "MailPublicFolder", "DistributionGroup" and "DynamicDistributionGroup". The underlying Active Directory objects' date of last change is used as revision counter (whenChanged).

IMPORTANT: The revision algorithm can only be enabled in synchronization projects created with version 8.0. If revisioning was enabled in old 7.x synchronization projects, modifications made directly in Microsoft Exchange are also not identified.

It is recommended, you set up the synchronization projects again using the 8.0 implemented synchronization project template.

Determining the revision is done when synchronization starts. Objects changed after this point are included with the next synchronization.

RevisionClosed filtering can be applied to workflows and start up configuration.

To permit revision filtering on a workflow

  • Edit the workflow properties. Select the entry Use revision filter from Revision filtering.

To permit revision filtering for a start up configuration

  • Edit the start up configuration properties. Select the entry Use revision filter from Revision filtering.

NOTE: Specify whether revision filtering will be applied when you first set up initial synchronization in the project wizard.

For more detailed information about revision filtering, see the One Identity Manager Target SystemClosed Synchronization Reference Guide.

Related Documents