Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: 11 May 2005 16:36:09 -0700,    group: microsoft.public.exchange2000.interop        back       


Ex2K3 - Domino 5.0.12 connectivity failure    
We have a customer running Domino V5.0.12 for email and some database
services.  The Windows infrastructure is already set up with active
directory for user accounts and authentication.  They are adding an
exchange server (2003 server, exchange 2003, will be upgraded to SP1
after migration, probably) with plans for eventual migration from
Domino, but for now we need interoperability.

We followed the migration guide appendix A instructions pretty much to
the letter, using client 5.0.10 on the exchange box for the connector.
The Domino users successfully export to an AD container, and later
updates to the PAB (new users, etc) on Domino get exported as expected
so we know the basic functionality is there.

Nothing from the AD side is being sent back to Domino.  We have
verified the foreign domain in Domino, the connector user has all
required access, rechecked all database access, and gone through the
entire appendix section by section twice.  Default recipient policy has
the notes address option checked, and it did claim to be updating
relevant users when we did so.  'Address Space' in the Notes connector
properties is set properly.  'Advanced' has mailbox pointing to
'mail1.box' (we run dual mailboxes due to traffic volume), with no
additional routeable domains (there's only one Domino domain, and one
internet domain being serviced, and the only exchange server is talking
to the only Domino server). Import and export containers (different
ones for testing) are set up properly, and we've even created new users
in AD to try to export them.

The only piece we haven't been able to double check is the presence of
the email tab and the 'notes' type email address in the user
properties; the onsite folks don't have the exchange system manager on
any other system, and the exchange box doesn't have the AD snapins, but
we got no errors during the configuration, so hopefully they're there
(and we should have tools installed by tomorrow to verify).

When we run a manual exchange to domino sync (full reload or update,
doesn't matter) the event log (all connectivity options set to 'medium'
logging) shows '0' updates needed, 0' had problems, and no errors.
Doesn't matter if we add multiple users and make many changes to the
existing users in the export directory; nothing goes out.  On the
Domino side, even a small change to a user record generates an update
for the import side of the connector, again with no errors logged.  The
AD is synced across all servers before attempting the exports.

I'm not sure where to go from here.  The appendix is pretty detailed on
what to type, but pretty sparse on explanations or suggestions (f.ex
why to use particular settings for address translation, etc, and when
you really need different email addresses for users migrated to
exchange versus those still on Domino... examples would have been very
useful even though we're not anywhere near migrating a user yet...),
and we haven't found relevant docs covering our specific problem.

Any assistance greatly appreciated.

Rich
date: 11 May 2005 16:36:09 -0700   author:   unknown

Re: Ex2K3 - Domino 5.0.12 connectivity failure    
jordan@ccs4vms.com wrote:
> We have a customer running Domino V5.0.12 for email and some database
> services.  The Windows infrastructure is already set up with active
> directory for user accounts and authentication.  They are adding an
> exchange server (2003 server, exchange 2003, will be upgraded to SP1
> after migration, probably) with plans for eventual migration from
> Domino, but for now we need interoperability.
>
> We followed the migration guide appendix A instructions pretty much
to
> the letter, using client 5.0.10 on the exchange box for the
connector.
> The Domino users successfully export to an AD container, and later
> updates to the PAB (new users, etc) on Domino get exported as
expected
> so we know the basic functionality is there.
>
> Nothing from the AD side is being sent back to Domino.  We have
> verified the foreign domain in Domino, the connector user has all
> required access, rechecked all database access, and gone through the
> entire appendix section by section twice.  Default recipient policy
has
> the notes address option checked, and it did claim to be updating
> relevant users when we did so.  'Address Space' in the Notes
connector
> properties is set properly.  'Advanced' has mailbox pointing to
> 'mail1.box' (we run dual mailboxes due to traffic volume), with no
> additional routeable domains (there's only one Domino domain, and one
> internet domain being serviced, and the only exchange server is
talking
> to the only Domino server). Import and export containers (different
> ones for testing) are set up properly, and we've even created new
users
> in AD to try to export them.
>
> The only piece we haven't been able to double check is the presence
of
> the email tab and the 'notes' type email address in the user
> properties; the onsite folks don't have the exchange system manager
on
> any other system, and the exchange box doesn't have the AD snapins,
but
> we got no errors during the configuration, so hopefully they're there
> (and we should have tools installed by tomorrow to verify).
>
> When we run a manual exchange to domino sync (full reload or update,
> doesn't matter) the event log (all connectivity options set to
'medium'
> logging) shows '0' updates needed, 0' had problems, and no errors.
> Doesn't matter if we add multiple users and make many changes to the
> existing users in the export directory; nothing goes out.  On the
> Domino side, even a small change to a user record generates an update
> for the import side of the connector, again with no errors logged.
The
> AD is synced across all servers before attempting the exports.
>
> I'm not sure where to go from here.  The appendix is pretty detailed
on
> what to type, but pretty sparse on explanations or suggestions (f.ex
> why to use particular settings for address translation, etc, and when
> you really need different email addresses for users migrated to
> exchange versus those still on Domino... examples would have been
very
> useful even though we're not anywhere near migrating a user yet...),
> and we haven't found relevant docs covering our specific problem.
>
> Any assistance greatly appreciated.
>
> Rich

Found part of the problem.  The docs provided by MS seem to focus on
merging a domino organization with a windows/AD one.  In our case we
already had all the domino users in an AD container which they used for
'everything else', like windows authentication, access controls, etc.

There is nothing in the docs that clearly states which containers you
should use for import/export, or what the results (or consequences?)
will be if you export the domino directory into the AD container when
both contain the same 'accounts'.  When we exported the AD user
container into Domino (once each account was 'mailbox enabled') a
duplicate set of user records were created in the PAB, with the new
ones having the wierd exchange connector address defined (and no
mailbox or public key, obviously).

So it appears that we don't want those contacts in the domino directory
for any user who still uses domino for mail; since the contacts don't
get created via export unless the AD account is mail enabled, the
exchange server then wants to 'keep' the mail for that user instead of
forwarding it to Domino, but if we don't mail enable the AD account, we
don't get the 'email addresses' tab that is needed to handle the
'several variants' of email addresses some of these users require (due
to Domino's generous handling of email addresses based on user ID and
short names).  That and the exchange server also handling a subdomain
(user@mail.domain.com) as well as the main domain (user@domain.com)
which also seems to require having those address variations defined in
the email addresses tab.

I'm stuck.  Exchange won't initially accept email for an address unless
that address is defined in some AD account record, but once I do what
it takes to get that address there, exchange thinks it owns the mail...

Any help appreciated.

Rich
date: 19 May 2005 13:51:50 -0700   author:   unknown

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us