live@edu implementation steps
Hi,
Please could someone simplify the implementation steps of
live@edu for us.
We have an existing AD & Exchange environment; where students have accounts on the internal Exchange system.
When they become alumni, we would like for them to get a
live@edu account; and the local Exchange mailbox to be deleted; and all subsequent local emails to be forwarded to their
live@edu account.
We are planning to use ILM2007 for this.
So when the internal mail user graduates, will they become what MS calls a 'mail-enabled' user, correct? - which means that they need to have the following attributes populated: mail, targetAddress? So is this an automated process or somehow a
powershell cmdlet needs to be invoked, if so, where and when?
We have read and reread the online documentation, but its still not very clear.
http://help.outlook.com/en-us/140/dd878547.aspx
also how do we handle email suffixes? lets say the internal email is @university.com and the live one is @live.abc.com - should we have a recipient policy in Exchange for both the email suffixes?
Thank you,
SK
PS. has anyone else struggled with this page:
http://technet.microsoft.com/en-us/exchangelabshelp/dd878547 it is means to create a deployment guide for you based on how u answer the questions - but the site is not working.
May 22nd, 2011 2:52am
In situations where I've provisioned students into both AD and Live @ Edu. where a local exchange server is present, I essentially just provision them as users with the mail attribute set once the Live @ Edu account is created. By not providing a homeMDB
value, Exchange 2003/2007/2010 will not create a mailbox for the user.
Provisioning to Live @ Edu is fairly simple in itself... the real question is why do your alumni students require AD accounts? If you're only forwarding local mail, would it not make sense to just remove the user accounts from AD and re-provision them as contacts?
However, I've never had this scenario in my implementations... you mention that you want the mailbox to be deleted and for
local mail to be forwarded... I assume you also mean that you won't mail to the old mailbox forwarded as well?
- Ross Currie
Free Windows Admin Tool Kit Click here and download it now
May 22nd, 2011 9:39pm
Hi,
Here is the story - the big bosses have decided on this process:
Currently all students have an AD account and a Mailbox in the on-premise Exchange.
When they graduate the alumni student need to obtain a
live@edu account; their existing mailboxes must be deleted and their AD account must now reflect the new
live@edu address so that the professors can still mail them. This must also include a password sync from AD to
live@edu. Some alumni will return, at which point their AD account (which are still there) will now be re-issued with an internal Exchange mailbox. The
live@edu account will remain and the 'forwarder' must now be removed.
So essentially we are looking for some guidance on when to set what attribute to achieve the above.
thank you,
sk
May 23rd, 2011 1:46am
Fair enough.
For deleting the mailbox, you'll need to do some google'ing. I've never done it, but I'm fairly certain there are articles out there on how to do it. This will require some level of coding, most likely using traditional provisioning methods.
Similarly, I know there is examples out there on "how to add a mailbox to an existing user"... and these will use classic provisioning methods.
Alternatively, you could write your own custom workflow that performs these functions.
For ensuring that mail sent locally, as described, gets delivered to the new Live @ Edu account, it may be as simple as changing the mail attribute... I'd recommend you try it in an environment and see if it works. Again, I'm sure there's plenty of info
out there as to how Exchange handles this.
- Ross Currie
Free Windows Admin Tool Kit Click here and download it now
May 23rd, 2011 2:17am
Fair enough.
For deleting the mailbox, you'll need to do some google'ing. I've never done it, but I'm fairly certain there are articles out there on how to do it. This will require some level of coding, most likely using traditional provisioning methods.
Similarly, I know there is examples out there on "how to add a mailbox to an existing user"... and these will use classic provisioning methods.
Alternatively, you could write your own custom workflow that performs these functions.
For ensuring that mail sent locally, as described, gets delivered to the new Live @ Edu account, it may be as simple as changing the mail attribute... I'd recommend you try it in an environment and see if it works. Again, I'm sure there's plenty of info
out there as to how Exchange handles this.
- Ross Currie
May 23rd, 2011 2:17am
I do this with a PowerShell workflow activity. I just wrap Disable-Mailbox, Enable-MailUser, Disable-MailUser, etc. You can simply set msExchHomeServerName, homeMDB, and mailNickname in attribute flow or provisioning code to trigger a mailbox to be created.
Set mailNickname and targetAddress to trigger a mail enabled user or contact to be created.My Book - Active Directory, 4th Edition
My Blog - www.briandesmond.com
May 23rd, 2011 5:19pm
I do this with a PowerShell workflow activity.
Of course... yes, PowerShell would be the best way to do this under FIM Portal. Forget what I said about traditional provisioning rules.
It does mean that you're modifying Active Directory outside of the defined Management Agent, but it seems that PowerShell is more and more becoming the tool to overcome the limitations of the Synchronisation Service - which itself is in sore need of an overhaul.
- Ross Currie
Free Windows Admin Tool Kit Click here and download it now
May 23rd, 2011 6:50pm
I do this with a PowerShell workflow activity.
Of course... yes, PowerShell would be the best way to do this under FIM Portal. Forget what I said about traditional provisioning rules.
It does mean that you're modifying Active Directory outside of the defined Management Agent, but it seems that PowerShell is more and more becoming the tool to overcome the limitations of the Synchronisation Service - which itself is in sore need of an overhaul.
- Ross Currie
May 23rd, 2011 6:50pm
and is there any MS official guidance on how to enable the PowerShell workflow activity?
the only one I can find is this one:
http://www.wapshere.com/missmiis/powershell-activity
Free Windows Admin Tool Kit Click here and download it now
May 24th, 2011 1:17am
and is there any MS official guidance on how to enable the PowerShell workflow activity?
the only one I can find is this one:
http://www.wapshere.com/missmiis/powershell-activity
I've never seen anything official. I use a custom one that works a bit differently (it's cmdlet bound), but, same idea.My Book - Active Directory, 4th Edition
My Blog - www.briandesmond.com
May 24th, 2011 12:15pm
and is there any MS official guidance on how to enable the PowerShell workflow activity?
the only one I can find is this one:
http://www.wapshere.com/missmiis/powershell-activity
I've never seen anything official. I use a custom one that works a bit differently (it's cmdlet bound), but, same idea.My Book - Active Directory, 4th Edition
My Blog - www.briandesmond.com
Free Windows Admin Tool Kit Click here and download it now
May 24th, 2011 12:15pm