Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email supportadmin@quest.com for assistance

Identity Manager 9.0 LTS - Administration Guide for Connecting to Microsoft Exchange

Managing Microsoft Exchange environments Synchronizing a Microsoft Exchange environment
Setting up initial synchronization with Microsoft Exchange Customizing the synchronization configuration Running synchronization Tasks following synchronization Troubleshooting Ignoring data error in synchronization Pausing handling of target system specific processes (Offline mode)
Basic data for managing a Microsoft Exchange environment Microsoft Exchange structure Microsoft Exchange mailboxes Microsoft Exchange mail users and Microsoft Exchange mail contacts Microsoft Exchange mail-enabled distribution groups Microsoft Exchange dynamic distribution groups Microsoft Exchange mail-enabled public folders Extensions for supporting Exchange hybrid environments Error handling Configuration parameters for managing a Microsoft Exchange environment Default project template for Microsoft Exchange Processing methods of Microsoft Exchange system objects Microsoft Exchange connector settings

Processing methods of Microsoft Exchange system objects

The following table describes permitted editing methods for Microsoft Exchange schema types and the necessary restrictions for processing the system objects.

Table 45: Methods available for processing Microsoft Exchange schema types
Type Read Add Delete Refresh

Organization (Organization)

Yes

No

No

No

Microsoft Exchange server (ExchangeServer)

Yes

No

No

No

Data availability group (DatabaseAvailabilityGroup)

Yes

No

No

No

Public folder (PublicFolder)

Yes

No

No

No

Mailbox database (MailboxDatabase)

Yes

No

No

No

Mail-enabled public folder (MailPublicFolder)

Yes

No

No

No

Global address list (EX0AddrList)

Yes

No

No

No

Local address list (EX0AddrList)

Yes

No

No

No

Offline address list (OfflineAddressBook)

Yes

No

No

No

Outlook Web App mailbox policy (OwaMailboxPolicy)

Yes

No

No

No

Address book policy (AddressBookPolicy)

Yes

No

No

No

Retention policy (RententionPolicy)

Yes

No

No

No

Sharing policy (SharingPolicy)

Yes

No

No

No

Mailbox policy for mobile devices (MobileDeviceMailboxPolicy)

Yes

No

No

No

Policy for role assignment (RoleAssignmentPolicy)

Yes

No

No

No

Mail user (MailUser)

Yes

Yes

Yes

Yes

Mail contact (MailContact)

Yes

Yes

Yes

Yes

Mailbox: user mailbox (Mailbox)

Yes

Yes

Yes

Yes

Mailbox: resource mailbox (Mailbox)

Yes

Yes

Yes

Yes

Mailbox: shared mailbox (Mailbox)

Yes

Yes

Yes

Yes

Mailbox: linked mailbox (Mailbox)

Yes

Yes

Yes

Yes

Mailbox: legacy mailbox (Mailbox)

Yes

No

No

No

Mailbox: discovery mailbox (Mailbox)

Yes

No

No

No

Mailbox: calendar settings (Mailbox)

Yes

Yes

Yes

Yes

Mailbox: statistics (Mailboxstatistics)

Yes

Yes

Yes

Yes

Mailbox: remote mailbox (RemoteMailbox)

Yes

Yes

Yes

Yes

Mailbox: mailbox permissions (MailboxPermissions)

Yes

Yes

Yes

Yes

Dynamic distribution group (DynamicDistributionGroup)

Yes

No

Yes

Yes

Distribution group (DistributionGroup)

Yes

Yes

Yes

Yes

Microsoft Exchange connector settings

The following settings are configured for the system connection with the Microsoft Exchange connector.

Table 46: Microsoft Exchange connector settings

Setting

Meaning

Servers

Fully qualified name (FQDN) of the Microsoft Exchange server.

Variable: CP_ExchangeServerFqdn

Basic authentication (requires SSL)

Specifies whether to use the Basic authentication method.

Default: False

Variable: CP_UseSSL

NOTE: Microsoft Exchange does not support this authentication type by default. You must configure support for this method in Microsoft Exchange. In addition, an SSL connection is used to authenticate using the Basic method. By default, authentication uses Kerberos.

Max. concurrent connections

Maximum number of connections that can be used concurrently. The value must be between 1 and 20.

Variable: CP_ConnectionPoolSize

User name (user@domain)

Fully qualified name (FQDN) of the user account and password for logging in to Microsoft Exchange.

Variable: CP_Username

Password

The user account’s password.

Variable: CP_Password

Use the One Identity Manager Service account

Specifies whether to use the credentials of the currently logged in user.

Default: False

Variable: CP_UseServiceCredential

The user account running under the One Identity Manager Service requires the permissions described in Users and permissions for synchronizing with Microsoft Exchange.

NOTE: If this setting is used, the current user account is also used in the Synchronization Editor during configuration. This user account may be different to the One Identity Manager Service's user account

In this case, it is recommended you use the RemoteConnectPlugin. This ensures that the same user account is used during configuration with the Synchronization Editor as is used in the service context.

Recipient: Complete organization

If this setting is set to True, the recipients will be available to the entire organization for reading/writing. If the setting is set to False, only the recipients of the specified domain (CP_RecipientDomain) are available.

Default: True

Variable: CP_SynchronizeEntireOrganization

Recipient: Only recipients of the following domain

Domain whose recipients will be synchronized if the complete organization is not synchronized (CP_SynchronizeEntireOrganization = False).

Variable: CP_RecipientDomain

Use local server time for the revision

Revision filtering data

If the value is True, the local server time of the server is used for revision filtering. This makes it unnecessary to load target system object for determining the revision. If the value is false, the change time stamp of the underlying Active Directory objects are used for revision filtering.

Default: True

Variable: CP_UseLocalServerTimeAsRevision

Max. time difference (local/remote) in minutes

Revision filtering data

Maximum time difference in minutes between the synchronization server and the Microsoft Exchange server. If the time difference is more than 60 minutes, alter the value.

Default: 60

Variable: CP_LocalServerRevisionMaxDifferenceInMinutes

Retry count

Maximum number of reconnection attempts after an interrupted connection has been identified.

Default: 30

Variable: CP_MaxReconnectRetries

Delay between retries

Time delay between retry attempts in seconds.

Default: 20

Variable: CP_ReconnectIntervalInSeconds

ConfigurationDomainController

FQDN of the configuration domain controller to be used for reading Microsoft Exchange configuration information. For auto discovery, leave the value blank.

Variable: CP_ConfigurationDomainController

PreferredGlobalCatalog

FQDN of the global catalog server for reading recipient information. For auto discovery, leave the value blank.

Variable: CP_PreferredGlobalCatalog

SetPreferredDomainControllers

Comma-delimtied list of domain controllers (FQDN) for reading information from Active Directory. For auto discovery, leave the value blank.

Variable: CP_SetPreferredDomainControllers

PreferredServer

FQDN of the domain controller to be used for writing data. For auto discovery, leave the value blank.

Variable: CP_PreferredServer

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating