Using LDAP Filter to Control Migration Manager Calendar Sync and Mail Sync/Switch

When building collections in Migration Manager for Exchange to perform Calendar sync and Mail Sync Switch you have three control options.  You can add/import members into the collections, you can use groups to control the migration, or you can use LDAP filters.  LDAP filters has become my preferred approach and has some stong advantages over the other two.  Presented here is my approach for using LDAP filters to driver a QMM EX Migration.

Why is the use of LDAP filters better?  That is best answered by looking at the deficiency of the other options.  Group membership has the downside of mailboxes ending up in multiple groups, which can cause sync failures in a variety of ways.  Adding members manually has the downside of requiring people controlling the migration having to be in the migration console.  Also, in the case of the Legacy agents, it means a “commit changes” action which can be time consuming.  Thus LDAP filter approach is the best choice.

When I do LDAP filters I use a system that includes a verb, a target exchange store, and a comment.

 

My Verbs?  CAL, SYNC, SWITCH, COMPLETE.

CAL initiates calendar sync.

MAIL maintains calendar sync and starts mail sync.

SWITCH maintains calendar sync and starts the mail switch process.

COMPLETE maintains calendar sync only (and if the mailbox is switched then the calendar data sync reverses direction).

An example?  “CAL|APACDB01|My Comment here (or not)”

You place this in a convenient field in the source directory. Usually, if there is one free, I use an extensionAttribute.  If not, any field that is text, indexed, and not ANR (ambiguous Name Resolution) enabled could do.  In theory you could add this in proxyAddresses, though I haven’t actually tried that.

 

Great, so I have selected extensionAttribute12, I have set my value as noted above, how do I make QMM go?

Create your collection, right-click on it and select properties, and then select the members panel.  Once there, click Add Container.

b2ap3_thumbnail_Members-Panel_20131210-184748_1

My usual preference is to add the root of the domain, since i am going to be using a tightly scoped filter.  Also note that the “include subcontainers” can’t be checked until you add a container, so don’t forget to come back out and do that.

The Add Container screen looks like this:

b2ap3_thumbnail_Add-Container-Panel

(Sorry about the messy OU list – I din’t want to share it just in case)

 

To add your LDAP filter, click on the Advanced tabe and then top the Edit button.  You can paste your filter right into the screen at the bottom or you can use the clever LDAP filter builder at the top. Here is what mine looks like:

b2ap3_thumbnail_Display-Filter

And that filter is hard to read, so here it is again in text format:

(|(ExtensionAttribute12=CAL|APACDB01|*)(ExtensionAttribute12=SYNC|APACDB01|*)(ExtensionAttribute12=COMPLETE|APACDB01|*))

 

You may notice that I don’t have “switch” in that list.  That is because I use different agents (on the same Agent Host!) assigned to different collections for switching.  This allows my sync and switch to run simultaneously but separately – useful for both performance and debugging.

 

After all of that, start your agent, and you are off and running.

Tags:

Leave a Reply