With the release of Identity Lifecycle Manager 2007 FP1, GAL (Global Address List) Synchronization can now occur with Exchange 5.5, 2000, 2003, and 2007. This functionality is provided out-of-the-box.
This article describes how to use the GAL Synchronization Management Agents with IIFP Service Pack 2 and Exchange 2007.
The original GAL Synchronization Management Agents were written and developed to allow interaction between the following versions of Exchange: 5.5, 2000, and 2003. Exchange 2007 had not been released yet.
To accomplish GAL Synchronization, IIFP creates and sets many of the required Active Directory mail attributes that Exchange needs to route and deliver mail successfully. However, there are two attributes which IIFP relies on the Recipient Update Service (RUS) to set on the mail-enabled contacts.
These are LegacyExchangeDN and ShowInAddressBook. Because the RUS is no longer available in Exchange 2007, these attributes will never be set using the out-of-the-box GalSync Mas available in IIFP SP2.
This causes two problems. The first, is that although the contacts will show up in the specified target OU, they will not be visible in the GAL. And second, mail sent to these contacts will not be able to route correctly. This will cause an NDR.
The following describes how to setup GAL Synchronization between two separate Exchange organizations using Identity Integration Feature Pack SP2 and Exchange 2007.
This document assumes that you are familiar with setting up an ILM/MIIS GAL Synchronization. If you are not, please review the GAL Synchronization Step-By-Step document that is part of the Identity Lifecycle Manager Scenarios located here:
1. First setup a normal GAL Synchronization between two Exchange forests. The Step-By-Step doc will walk you through doing this if you are not familiar with doing this.
2. On an Exchange 2007 server, open the Exchange management shell. Run the following Exchange PowerShell command where OU path is the path to the OU that was setup in the Exchange 2007 Management Agent under Target.
get-mailcontact -organizationalUnit <domain fqdn>/<OU path> | set-mailcontact
get-mailcontact -organizationalUnit MyCorp.com/GalSync/Contacts | set-mailcontact
This command will go through and set the legacyExchangeDN and the showInAddressBook attributes for the contacts.
Note The get-mailcontact script will only apply to the first 1000 Objects. If there are more than 1000 Objects, use the argument -ResultSize <Unlimited>, or specify a number in place of <Unlimited>.
get-mailcontact -organizationalUnit <domain fqdn>/<OU path> -ResultSize <Unlimited> | set-mailcontact
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MICROSOFT AND/OR ITS SUPPLIERS DISCLAIM AND EXCLUDE ALL REPRESENTATIONS, WARRANTIES, AND CONDITIONS WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING BUT NOT LIMITED TO REPRESENTATIONS, WARRANTIES, OR CONDITIONS OF TITLE, NON INFRINGEMENT, SATISFACTORY CONDITION OR QUALITY, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE MATERIALS.
Artikel-id: 951077 - Laatst bijgewerkt: 21 dec. 2009 - Revisie: 1