C.2 Provisioning Exchange Server 2013 Accounts

The Active Directory driver includes support for the Exchange Server 2013 server.

NOTE:The Active Directory driver only supports provisioning accounts on Exchange Server 2013 servers with either Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 installed.

If you install the driver on a Windows Server 2008 R2 computer, you must also install Windows Management Framework 3.0 for the Identity Manager PowerShell service to properly function.

In order to provision Exchange Server 2013 mailboxes, the Active Directory driver uses Windows PowerShell in the form of the Identity Manager PowerShell service. The Identity Manager PowerShell service can support multiple exchange servers in the environment. For more information, see Support for Multiple Exchange Server in the Environment.

The Identity Manager PowerShell service is installed on the server that is running the Active Directory driver. If you decide to run the driver locally, the driver is installed on the Identity Manager server. If you decide to run the driver remotely, the driver is installed on the same server as the Remote Loader service. The service listens on a default port of 8099. This is set when the service is installed. It is stored in the registry key IDM_PowerShell_Service, located in either HKEY_LOCAL_MACHINE\SOFTWARE\Novell or HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Novell, depending on your Windows installation. The value can be edited if necessary. If you edit the registry key, both the service and the driver must be restarted.

The Active Directory driver creates, moves, and disables Exchange Server 2013 mailboxes. The cmdlets supported by the Active Directory driver to create, move, and disable mailboxes in Exchange Server 2013 are Enable-Mailbox, New-MoveRequest, and Disable-Mailbox. The cmdlets use the following parameters in the Active Directory driver:

  • Enable-Mailbox: -Identity, -Alias, -Database, -DomainController

  • Disable-Mailbox: Identity, -DomainController, -Confirm

  • New-MoveRequest: -Identity, -TargetDatabase, -DomainController, -Confirm

For more functionality support, use the Scripting driver or the native PowerShell support feature. For more information on the Scripting driver, see the Identity Manager Driver for Scripting Implementation Guide. For more information on PowerShell support in Identity Manager, see Section D.0, Configuring PowerShell Support.

To provision Exchange Server 2013 mailboxes, you must complete the following steps:

C.2.1 Meeting the Prerequisites

On the server where the driver will run, whether as a Remote Loader service or if the driver is installed locally, the following items must be installed:

  • Microsoft .NET Framework version 4.0 or later

  • Windows Management Framework 3.0 (required on Windows Server 2008 R2 only)

C.2.2 Installing the Service

To install the service, you must use the .NET Framework InstallUtil.exe utility. The version folder is the current version of the .NET Framework that is installed.

The default location for a 64-bit server is C:\Windows\Microsoft.NET\Framework64\version\InstallUtil.exe.

To use InstallUtil.exe:

  1. Download and install Microsoft Exchange 2013 Management Tools on the driver server. You can download the Tools package from the following location: http://technet.microsoft.com/en-us/library/bb232090%28v=exchg.150%29.aspx

    NOTE:If you install the service before installing the Microsoft Exchange 2013 Management Tools, you may need to reinstall the service.

  2. Install the latest available patches and updates on your Identity Manager components and drivers.

  3. On the driver server, open a .NET command prompt.

  4. Issue the command InstallUtil IDMPowerShellService.exe to register the service and create the correct registry entries.

    The default location of the service is C:\novell\remoteloader\Version\IDMPowerShellService.exe, where Version is either the 32-bit folder or the 64-bit folder.

  5. To start the service, go to the Settings view and click Control Panel.

  6. Click System and Security > Administrative Tools > Services.

  7. Right-click the service IDM_PowerShell_Service and select Start.

    If you run the Identity Manager PowerShell service as a local system, ensure that the server where it runs is a member of Organizational Management. If you run the service as a user, NetIQ recommends that the user is a member of Recipient Management and View-Only Organization Management.

NOTE:To uninstall the service, open a .NET command prompt and issue the InstallUtil /u IDMPowerShellService.exe command.

C.2.3 Configuring the Driver

You need to modify the existing driver object to enable provisioning with Exchange Server 2013.

Modifying an Existing Driver in Designer

  1. Right-click the Active Directory driver in the Modeler, then select Properties.

  2. Select Driver Configuration > Driver Parameters.

  3. Click Show Exchange Management Options and select show.

  4. Click Exchange Management interface type and select IDM_Powershell_Service.

  5. In the Exchange Server FQDN box, specify the preferred server to be connected by the Powershell service in a multiple exchange server environment.

    Otherwise, IDM Powershell service will auto discover an exchange server and use it.

  6. Click OK.

Modifying an Existing Driver in iManager

  1. In iManager, click Identity Manager Administration.

  2. Select Administration > Identity Manager Overview.

  3. Select the driver set where the Active Directory driver is stored.

  4. Click the upper right corner of the Active Directory driver, then click Edit properties.

    Edit properties icon on the Active Directory driver

  5. In the Driver Configuration tab, click Exchange Management interface type and select IDM Powershell Service.

  6. Click OK.

  7. Click Close.

C.2.4 Configuring the Driver to Support Exchange Server 2013 Database Load Balancing

The Active Directory driver supports the database load balancing feature included in Exchange Server 2013. You can use the Active Directory driver to auto-provision Exchange Server 2013 accounts and enable Exchange to load balance accounts across the databases in your Exchange environment.

To enable load balancing, use either Designer or iManager to set the value of the HomeMDB parameter to defer.

For more information about load balancing in Exchange Server 2013, see “Automatic mailbox distribution”.

Configuring an Existing Driver in Designer

  1. Right-click the Active Directory driver in the Modeler, then select Driver > Properties.

  2. Select GCVs.

  3. Select the Entitlements tab.

  4. Click Exchange Mailbox Provisioning and select Use Policy.

  5. Set the value of the Exchange HomeMDB parameter to defer.

  6. Click OK.

Configuring an Existing Driver in iManager

  1. In iManager, click Identity Manager Administration.

  2. Select Administration > Identity Manager Overview.

  3. Select the driver set where the Active Directory driver is stored.

  4. Click the upper right corner of the Active Directory driver, then click Edit properties.

    Edit properties icon on the Active Directory driver

  5. In the Global Config Values tab, click Exchange Mailbox Provisioning and select Use Policy.

  6. Set the value of the Exchange HomeMDB parameter to defer.

  7. Click OK.

  8. Click Close.