The following topics are discussed in this section:
These are FAQs on connector issues related to Exchange 2007 or later.
What is the recommended system configuration for the computer hosting and running the connector server?
Answer: The computer hosting and running the connector server must have Intel Dual-Core Processor, 2 GHz with 4 GB RAM or a computer with similar configuration. If you have a computer dedicated to the connector server, then 2 GB RAM is sufficient.
Where should I install the connector server for the Exchange connector?
Answer: Install the connector server on a computer that belongs to the same domain as that of the target Exchange server.
Can 9.x Exchange connector co-exist with Exchange connector 11.x?
Answer: Yes, 9.x Exchange connector can co-exist with Exchange connector 11.x. This can be achieved by cloning the Exchange 11.x connector XML and using it for installing the connector with the new name.
Is it mandatory to install Active Directory connector 11.x before installing Exchange connector 11.x?
Answer: Yes.
If I use Oracle Internet Directory (OID) 11.x connector to manage Active Directory, can I use 11.x Exchange connector to manage mailboxes?
Answer: No, this is not supported.
Why cannot I see the log files corresponding to the connector operations in the computer hosting Oracle Identity Manager?
Answer: The Exchange connector uses the built-in logging mechanism of the .NET framework. Therefore, all connector logs are generated on the computer hosting the connector server. See Enabling Logging for more information.
All connector operations are performed by using the ICFINTG layer. What is the logger name used for enabling logging for ICFINTG?
Answer: The logger name used to enable logging for ICFINTG is ORACLE.IAM.CONNECTORS.ICFCOMMON. Note that the logger name is case-sensitive.
I performed target resource reconciliation using filters in the scheduled job. Connector server logs confirm that the connector was able to get the mailbox based on search criteria. However, reconciliation events are not getting generated. There is no error in the connector server logs and in the OIM server logs. What is wrong here?
Answer: When you perform filter-based search, the connector internally converts them to Exchange PowerShell cmdlets. The Exchange server returns data. Note that this search is not case-sensitive.The connector returns the same data to Oracle Identity Manager via ICF INTG. Even before data reaches ICF INTG, ICF (framework) applies a case-sensitive search against the result sent by connector. It is possible that this user record might be dropped.
For example, suppose that in the scheduled task, there is a filter such as equalTo('DisplayName','JOHN') and on the target Exchange server, there is a mailbox whose display name is John. The connector runs PowerShell cmdlet, Get-Mailbox -Filter {DisplayName -eq 'JOHN'}, and gets the result. However, ICF applies a case-sensitive search for which the condition fails and reconciliation events are created.
Is Remote Manager required for the Exchange 11.x connector?
Answer: No.
After extracting the contents of the connector bundle into the CONNECTOR_SERVER_HOME directory, I observed some DLLs. Does it matter whether the computer hosting the connector server is 32-bit or 64-bit?
Answer: No, you can use the same DLLs on both 32-bit and 64-bit computers.
Can a single connector server be used to deploy the Active Directory User Management connector bundle and the Exchange connector bundle?
Answer: Yes, a single connector server can host both the Active Directory User Management and the Exchange connector bundles.
While deploying the Exchange connector, ensure not to replace the existing ActiveDirectory.Connector.dll file on the connector server.
I see Container, DirectoryAdminName, DirectoryAdminPassword, DomainName entries in Lookup.Exchange.Configuration with Decode values set to UseDefault. What is the significance of these entries and can i provide any value to it?
Answer: These properties are internally used by the connector. Do not modify or remove them from this lookup definition.
Explain what cmdlets the connector runs during create, update, delete, disable and enable operations in Oracle Identity Manager (OIM).
Answer:
During a create operation, the connector enables a mailbox for an already existing AD user. It first runs Enable-Mailbox/Enable-MailUser cmdlet with required attributes and then runs the Set-Mailbox/Set-MailUser cmdlet to update rest of the attributes.
During an update operation, it updates the Mailbox/MailUser attribute using the Set-Mailbox cmdlet.
During a delete operation, connector just removes the mailbox and does NOT delete the AD user. It runs the Disable-Mailbox/Disable-MailUser cmdlet.
During a disable operation, connector just sets MaxReceiveSize and MaxSendSize to 0 KB.
During an enable operation, connector gets the correct value of MaxReceiveSize and MaxSendSize on process form and then sets them in the target system.
The Distribution Group Lookup Reconciliation and Target Resource User Reconciliation scheduled tasks obtain distribution groups of type MailUniversalDistributionGroup. Our target system has security groups that are mail-enabled. Why are they not reconciled by the Exchange connector? We would like to manage them as well.
Answer: The Exchange connector manages distribution groups that can only be used with e-mail applications (such as Exchange) to send e-mails to collections of users. To manage security groups (mail-enabled or otherwise), use the Active Directory connector.
I have configured my action script to run after Create, Update, and Delete operations as per steps mentioned in Configuring Action Scripts. However, the script does not run. I want to debug and check what is happening. Where do I add my debug statements?
Answer: The sample script in the above section has the following line:
#Just to check if proper command is created, dump it to a file. $Command >> "c:\command.txt"
This line shows how to dump the command being created to a temporary file. You can use this file to add all your debug statements. You can echo all the things you need to this file.
If the commands that were dumped to this file were correct and yet, you are not getting the desired result when running the script from Oracle Identity Manager, then open a PowerShell window and run the same commands manually to verify if there is any issue.
Note that Oracle Identity Manager does not return any exceptions or runtime errors that occur when the script is running.
These are FAQs on connector issues specific to Exchange 2010 or later.
In what format should the IT resource parameter ExchangeUser be specified?
Answer: It should be in the DOMAIN_NAME\USER_NAME format.
How do I ensure that the username and password provided in the IT resource are correct?
Answer: Follow the steps mentioned in Table 5-2 for error "unknown user name or bad password."
What is the minimum permission/role that the user provided in IT resource should have?
Answer: The user should be part of the Recipient Management group.
What are Exchange 2010 specific requirements that must be met by the computer hosting connector server?
Answer: The host computer should meet all the prerequisites of Remote PowerShell. For more information, see the topic on Connect Remote Exchange Management Shell to an Exchange Server at:
http://technet.microsoft.com/en-in/library/dd297932%28v=exchg.141%29.aspx
Does the computer hosting the connector server need to have Exchange Management Tools installed?
Answer: No.
How to avoid overwriting Active Directoy's account email address with an auto generated email address?
1 to 0 as 1 denotes True and 0 denotes False.These are FAQs on connector issues specific to Exchange 2007.
Does the connector support RTM version of Exchange 2007?
Answer: No.
What values do I have to provide for ExchangeUser, ExchangeUserPassword, and ExchangeServerHost in the Exchange IT resource?
Answer: No values are required for these attributes. You can leave them blank. As the connector communicates to Exchange 2007 via local runspace, the connector does not use username or password provided in IT resource to connect to Exchange server. It uses the username and password of the user who starts the connector server.
Does the computer hosting the connector server need to have Exchange Management Tools installed?
Answer: Yes.
What is the minimum permission/role of the user who starts the connector server?
Answer:
User should be part of the Exchange Recipient Administrators group.
User should be part of the Account Operators group in the domain where the distribution group exists.
What are Exchange 2007 specific requirements that need to be met by the computer hosting the connector server?
Answer: The host computer needs to have Exchange Management Tools installed.