Create Exchange User: testjoin exchange
From OpenChange wiki
Contents |
Objective
We modify an existing user in Windows AD and extend his attributes so he becomes an Exchange user.
Step 1: Search the user in the AD
We perform a search on the objectSID (unique for each record), so we find the user record.
Step 2: Extend user attributes
We execute ldap_modify and extend the user record with the following attributes:
| Attribute | Value |
| givenName | OpenChange |
| userAccountControl | 513 |
| TEST_USER_NAME@TEST_DOMAIN | |
| mailNickname | TEST_USER_NAME |
| mDBUseDefaults | TRUE |
| legacyExchangeDN | /o=OpenChange Organization/ou=first administrative group/cn=Recipients/cn=TEST_USER_NAME |
| homeMDB | CN=Mailbox Store (EXCHANGE),CN=First Storage Group,CN=InformationStore,CN=EXCHANGE,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,CN=OpenChange Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=openchange,DC=info |
Note: Exchange 2003 won't allow us to set up userAccountControl to 66048 at first.
Step 3: The Asynchronous search
Exchange will immediatly reply after the ldb_modify call, but the user creation on the Exchange server requests some time. We need to perform an asynchronous search on the user record and search for the ExchMailboxGuid attribute. We wait until this attribute is available in the user record, which means our user has been promoted to an Exchange one.
Step 4: Change UserAccountControl
We now perform a last operation (samdb_replace) where we change the UserAccountControl value from 513 to 66048. We reset the ACB flags so the password never expires and the account is immediately available.
