C.2 Provisioning Exchange 2007 Accounts

Exchange 2007 no longer supports CDOEXM for mailbox management. In order to provision the Exchange 2007 mailboxes, the Active Directory driver uses Windows PowerShell* in the form of a service.

This service is installed on the server that is running the Active Directory driver. If you decided to run the driver locally, the driver is installed on the Identity Manager server. If you decided to run the driver remotely, the driver is installed on the same server as the Remote Loader service.

The service listens on a default port of 8097. This is set when the service is installed. It is stored in the registry key HK EY_LOCAL_MACHINE\SOFTWARE\Novell\IDM_AD_EX_SERVICE. The value can be edited if necessary. If you edit the registry key, both the service and the driver must be restarted.

The Active Directory driver creates, moves, and disables Exchange 2007 mailboxes. The cmdlets supported by the Active Directory driver to create, move, and disable mailboxes in Exchange 2007 are Enable-Mailbox, move-Mailbox, and Disable-Mailbox. The cmdlets use the following parameters in the Active Directory driver:

For more functionality support, use the Scripting driver. For information on using Scripting driver, see the Identity Manager 3.6.1 Driver for Scripting Implementation Guide.

To provisions the Exchange 2007 mailboxes, the following steps must be completed:

  1. Meet the prerequisites

  2. Install the service

  3. Configure the driver

Prerequisites

On the server where the driver will run, whether that is as a Remote Loader service or if the driver is installed locally, the following items must be installed:

Installing the Service

To install the service, you must use the .NET Framework InstallUtil.exe utility. The version folder is 2.x for .NET versions 2.x and 3.x. It is 4.x for .NET version 4.x.

The default location for a 32-bit server is C:\WINDOWS\Microsoft.Net\Framework\version\InstallUtil.exe.

The default location for a 64-bit server is C:\WINDOWS\Microsoft.Net\Framework64\version\InstallUtil.exe.

To use InstallUtil.exe:

  1. Open a .NET command prompt.

  2. Issue the command InstallUtil IDMExService.exe to register the service and create the correct registry entries.

  3. To start the service, select Start > Control Panel > Administrative Tools > Services.

  4. Right-click the service IDM_AD_Ex2007_Service, then select Start.

    The service runs as a system. A system usually does not have rights to manage mailboxes. Run the service as an account that has enough rights to manage mailboxes as mentioned in the TID 3608183.

To uninstall the service, issue the command InstallUtil /u IDMExService.exe.

Configuring the Driver

You need to create a new driver object and select the correct fields to enable provisioning with Exchange 2007 or modify the existing driver.

To create a new driver:

  1. When you are creating a driver object, specify the configuration parameters to provision the Exchange 2007 mailboxes.

    See Table C-1 for a list of Exchange parameters. See Section 4.0, Creating a New Driver for information on how to create the driver object.

  2. Verify that you have selected use-post-cdoexm to provision Exchange 2007 mailboxes. See Exchange Management interface type for more information.

  3. Start the driver to provision the Exchange 2007 mailboxes.

To modify an existing driver in Designer:

  1. Right-click the Active Directory driver in the Modeler, then select Properties.

  2. Select Driver Configuration > Driver Parameters > Edit XML.

  3. Search for the heading <header display-name=“Exchange Options”/>.

  4. Change the following lines:

    Old XML

    New XML

    <definition display-name="Use CDOEXM for Exchange (yes/no)" name="use-CDOEXM" type="enum">

    <definition display-name="Exchange Management interface type (use-cdoexm/use-post-cdoexm)" name="exch-api-type" type="enum">

    <enum-choice display-name="Yes">yes</enum-choice>

    <enum-choice display-name="use-cdoexm">use-cdoexm</enum-choice>

    <enum-choice display-name="No">no</enum-choice>

    <enum-choice display-name="use-post-cdoexm">use-post-cdoexm</enum-choice>

    <definition display-name="Allow CDOEXM Exchange mailbox move (yes/no)" name="cdoexm-move" type="enum">

    <definition display-name="Allow Exchange mailbox move (yes/no)" name="exch-move" type="enum">

    <definition display-name="Allow CDOEXM Exchange mailbox delete (yes/no)" name="cdoexm-delete" type="enum">

    <definition display-name="Allow Exchange mailbox delete (yes/no)" name="exch-delete" type="enum">

  5. Click OK twice to save the changes.

To modify an existing driver in iManager:

  1. Select Identity Manager > Identity Manager Overview.

  2. Select the driver set where the Active Directory driver is stored, then click Search.

  3. Click the upper right corner of the Active Directory driver, then click Edit Properties.

    Edit properties icon on the Active Directory driver

  4. In the Driver Configuration tab, click Edit XML under Driver Parameters.

    Edit XML icon under Driver Parameters

  5. Click the Enable XML editing check box.

  6. Search for the heading <header display-name=“Exchange Options”/>.

  7. Change the following lines:

    Old XML

    New XML

    <definition display-name="Use CDOEXM for Exchange (yes/no)" name="use-CDOEXM" type="enum">

    <definition display-name="Exchange Management interface type (use-cdoexm/use-post-cdoexm)" name="exch-api-type" type="enum">

    <enum-choice display-name="Yes">yes</enum-choice>

    <enum-choice display-name="use-cdoexm">use-cdoexm</enum-choice>

    <enum-choice display-name="No">no</enum-choice>

    <enum-choice display-name="use-post-cdoexm">use-post-cdoexm</enum-choice>

    <definition display-name="Allow CDOEXM Exchange mailbox move (yes/no)" name="cdoexm-move" type="enum">

    <definition display-name="Allow Exchange mailbox move (yes/no)" name="exch-move" type="enum">

    <definition display-name="Allow CDOEXM Exchange mailbox delete (yes/no)" name="cdoexm-delete" type="enum">

    <definition display-name="Allow Exchange mailbox delete (yes/no)" name="exch-delete" type="enum">

  8. Click OK twice to save the changes.