Microsoft Exchange Server 2010 supports an online mailbox move using the New-MoveRequest cmdlet to move a mailbox from a source Exchange forest to a target Exchange forest. To run New-MoveRequest, a mail user must exist in the target Exchange forest with a minimum set of Active Directory attributes.
With the sample code described in this topic, you can create the required mail user in the target Exchange forest by customizing your Microsoft Identity Lifecycle Manager 2007 deployment. You can download the sample code from the Prepare for Online Mailbox Move download page.
To run this sample code, you need ILM 2007 FP1 SP1. See KB 97779 1 (ILM 2007 FP1 SP1) to download the feature pack. You also need the following:
- A source forest running Exchange 2003, Exchange 2007 or Exchange 2010, where the mailbox currently resides
- A target forest with Exchange 2010 installed, where the mailbox will be moved to
Contents of Sample Code
Open “Microsoft.Exchange.Sample.OneWayGALSync.sln” to view the sample code in Visio Studio 2008. The sample code includes the following:
- “Microsoft.MetadirectoryServicesEx.dll” is the binary file that is shipped with ILM 2007 FP1 SP1 under “\Program Files\Microsoft Identity Integration Server\Bin\Assemblies”. It is referenced by the sample code.
- “OneWaySync.xml” is referenced by the sample code.
- ILMServerConfig folder contains the ILM configuration files for the source MA, target MA, and the MV.
- “Microsoft.Exchange.Sample.OneWayGALSync.MARules.dll” and “Microsoft.Exchange.Sample.OneWayGALSync.MVRules.dll” (built from the sample code) are under “\obj\Debug”
- Copy “OneWaySync.xml”, “Microsoft.Exchange.Sample.OneWayGALSync.MARules.dll” and “Microsoft.Exchange.Sample.OneWayGALSync.MVRules.dll” to the ILM Extensions folder “\Program Files\Microsoft Identity Integration Server\Extensions” on the ILM Server.
- On the ILM Server, edit the file “OneWayGALSync.xml” you just copied to the ILM Extensions folder in step 1 to specify the distinguishedName (DN) of the TargetOU container in the target Exchange forest that you want to create the synchronized mail users to. You can use LDP.exe or ADSIEdit.exe to browse, copy, paste if you don’t know what it is.
If you are using this sample together with ILM Galsync2007, then this container should be excluded from the list of containers managed by Galsync2007.
- On the ILM Server in ILM Identity Manager Console, go to File > Import Server Configuration to import the ILM server configuration from the folder ILMServerConfig. This action will import two Active Directory MAs along with Metaverse schema and provisioning rule.
During the import you will need to provide the forest name and credentials and match the partitions of the imported ADMA to the partition name in your configuration for both the source and target ADMAs.
- For ADMA to support the Exchange 2010 target forest, on the Configure Extensions screen, select Provision for Exchange 2010 and provide the remote Windows PowerShell URI (of an Exchange 2010 CAS server).
The credential that you supplied to connect to the Exchange 2010 target forest must have the appropriate level of RBAC permission to call the UpdateRecipient cmdlet.
- On the ILM Server, in ILM Identity Manager on the Management Agents tab, open the Properties for the Source Forest Management Agent. Select the Configure Directory Partitions wizard page, and then click Containers to select the container that will contain the mailboxes you will be moving to the target forest. Clear the selections for all other containers, that is, scope the MA to only manage this one container. Similarly, for the target forest MA, select the container to which MEUs will be provisioned, that is, the TargetOU specified in step 2.
If you’re using this sample together with ILM Galsync2007, both these containers should be excluded from the list of containers managed by Galsync2007.
- Perform an initial Full Import (stage only) on the Target MAs so ILM can discover the TargetOU specified in step 2.
The following steps describe how to create the required mail user in the target Exchange forest so that New-MoveRequest can be run to perform an online mailbox move.
- In the source forest, use EMC to create mailbox users in, or ADUC to move existing mailbox users to, the container selected in #4.
- Perform Delta Import and Delta Sync run on the Source MA to discover the mailboxes added to the source container, and provision mail users to the Target MA.
- Perform Export run on the Target MA to export the mail users provisioned by #7 to the target AD.
- Perform Delta Import on the Target MA to confirm the changes exported in #8.
- In the target forest use the New-MoveRequest cmdlet to move mailboxes from the source forest.