none
Email address (AD attribute "mail") not updating during FIM sync RRS feed

  • Question

  • Hi,

    I'm having trouble provisioning Exchange 2010 mailboxes within fim 2010 R2. I'm using the Ms guide "Introduction to Publishing To Active Directory from Two Authoritative Data Sources" with some modifications for Exchange 2010 mailbox provisioning.

    I can update user names and details from my file based MA, then sync to the MV and portal fine, but exporting to AD fails - the only error I receive is "exported-change-not-reimported" along with un helpful error coes 6105 & 6127 in the App Event log.

    I've checked the MV, portal, FIM MA connector space (CS) and the AD MA CS - they all show the correct value for email. I'm flowing email from the MV to my AD MA via a sync rule. The export run for my AD MA runs without errors in the Sync log, but the following delta import states a "exported-change-not-reimported" error.

    Within my sync rule, I'm simply flowing email to mail (I've checked precedence and I don't have 'on initial flow only set'). Below are a few screenshots which may help answer any questions. I simply can't find a way of updating a user's primary SMTP address, which I need to do, based on the value on an input file. I've tried using msExchPoliciesExcluded and SMTP target address, but no luck.

    Please advise on how I can sync an email address with my file.

    Thanks

    ADMA Export & Delta Import Errors


    IT Support/Everything

    Thursday, May 9, 2013 11:55 PM

Answers

All replies

  • Rest of images:


    IT Support/Everything

    Thursday, May 9, 2013 11:57 PM
  • Hi-

    Given you are doing Exchange provisioning here, you have a couple issues:

    • targetAddress is used for forwarding to an external address and is technically not supported on mailbox enabled objects
    • The mail attribute is managed by Exchange and should be the user's primary SMTP proxy.

    If you're going to manage the proxy addresses or mail attribute on your own, you need to a) do it after you call Update-Recipient the first time (setting homeMdb and msExchHomeServerName will do this) and b) set the flag to opt the user out of email address policies.


    My Book - Active Directory, 4th Edition
    My Blog - www.briandesmond.com

    Friday, May 10, 2013 11:27 PM
    Moderator
  • Hi Brian,

    Ok, I'll remove the targetAddress.

    The AD FIM agent has the ability to specify ProxyAddresses, but I don't see anything for the Exchange attribute Primary SMTP.

    Basically, there's no way I can get FIM to provision an Exchange mailbox and update the primary smtp and proxy addresses according to my CSV input file?

    I'll need to allow the FIM sync process to run, then schedule a post operation such as a PowerShell script to update the primary SMTP aftewards as needed

    Thankls


    IT Support/Everything

    Sunday, May 12, 2013 10:20 PM
  • You can do this with FIM but you'll need to do it in a traditional rules extension. The codeless provisioning mechanism doesn't handle multi-valued attributes.

    My Book - Active Directory, 4th Edition
    My Blog - www.briandesmond.com

    • Marked as answer by Aetius2012 Monday, May 13, 2013 2:20 PM
    Sunday, May 12, 2013 10:44 PM
    Moderator
  • Ok, just a word of advice:

    Given that I'm not much of a C# programmer and I've never used classic FIM sync rules, would it be better off to use PowerShell?

    I'm thinking the options are:

    1. To get FIM to update the primary SMTP and proxy addresses using classic rules
    2. To write a PowerShell script which runs after the FIM sync and simply searchs for user and updates proxyAddresses and primary SMTP based on the input CSV and matches on a unique value (i.e. sAMAccountName)


    IT Support/Everything

    Monday, May 13, 2013 8:27 AM
  • Ok, just a word of advice:

    Given that I'm not much of a C# programmer and I've never used classic FIM sync rules, would it be better off to use PowerShell?

    I'm thinking the options are:

    1. To get FIM to update the primary SMTP and proxy addresses using classic rules
    2. To write a PowerShell script which runs after the FIM sync and simply searchs for user and updates proxyAddresses and primary SMTP based on the input CSV and matches on a unique value (i.e. sAMAccountName)


    IT Support/Everything


    That's fair. If you want to do this in FIM with PowerShell, consider hosting a copy of the FIM PowerShell Workflow Activity in FIM - http://fimpowershellwf.codeplex.com/. You can calculate the primary SMTP address and proxies with it and pass them to a sync rule.

    My Book - Active Directory, 4th Edition
    My Blog - www.briandesmond.com

    Monday, May 13, 2013 3:41 PM
    Moderator