This post builds on yesterday’s which should be read first. Following are the extra Sync Rule and MA configurations that I made which added the Exchange 2007 support.
I have changed yesterday’s Workflow a little so that it now uses “Based on attribute value” as the Action selection. This seems to give me more control over where the sync rule is applied.
The following table shows the configuration of my sync rule.
+ “,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,
Note that I have used a number of custom attributes to construct the homeMDB. Apart from this being a more flexible approach, I actually got an “unexpected-error” in MIIS when I hard-coded the entire homeMDB string. For the RC0 documentation on modifying the schema see here.
The configuration of the ILM MA is as I covered yesterday – you just need to make sure you have all the import flow rules in place to get the necessary data into the metaverse – not forgetting the ExpectedRulesList.
The AD MA should not need any classic flow rules, as you’ve configured everything you need in the Sychronization Rule object. You do need to tick “Enable Exchange 2007 provisioning” on the Extensions page.
Exchange Management Tools
And, just like with ILM 2007, you need to have installed the Exchange Management Tools on the ILM server.
Here’s one I prepared earlier
Here’s what a provisioned user looked like just prior to exporting him from the AD MA.
Immediately after exporting I was able to login as this user, open Outlook, and send an email. Hooray!
Another nice surprise: as I had gone through the Password Reset and Registration configuration, and had already installed the ILM client on this workstation, the user was immediately prompted to register for password reset! Now that I do like.