[ExchangeList] Re: NTDSNoMatch utility ( My two cents, which may not be worth much )

Thanks for the extra info.  I recently did a migration of 36,000 5.5
mailboxes of which about 600 had Blackberry.  I saw many odd issues, as
to be expected in this size environment with 18 5.5 sites going to 2
E2k3 Admin groups, but none of the problems were directly associated to
Blackberry.  They also used Cisco Call Manger at some of the sites but
it was setup in a separate forest from the one we were migrating to and
wasn't tied into Exchange 5.5.

 

I used NTDSNomatch to get the raw output and then reviewed the data and
massaged the CSV files before importing them in 5.5 tool.  The ADC
wizard, or any other "wizard" for that matter J, doesn't work that well
in an environment that complex.

 

Note:

The target environment was Exchange 2003 SP1, SP2 came out during our
testing phase and I wanted to hold off on changing anything until the
migration was done.

 

PS:

With the new tools in Exchange 2003 SP1+ for doing cross site migrations
dumping to PSTs should not be needed anymore.  The migration I did above
worked fine, after a bunch of testing and a few hotfixes.  The only time
I have had to dump to PSTs in the past was when doing cross-org
migrations or when doing site consolidation before 2003 SP1.  If you
want to maintain mail flow during the migration dumping to PSTs requires
a lot more work.

 

Here's is an article I wrote on doing cross-site migrations using the
2003 SP1+ tools: 
http://www.outlookexchange.com/articles/JasonSherry/sherry_c6p1.asp  In
includes the basic steps, info, and links to key URLs.

 

Jason Sherry - Pro Exchange http://www.theproexchange.com 

From: Medeiros, Jose [mailto:Jose.Medeiros@xxxxxxxxx] 
Sent: Tuesday, August 22, 2006 12:25 PM
To: Jason Sherry
Cc: exchangelist@xxxxxxxxxxxxx
Subject: NTDSNoMatch utility ( My two cents, which may not be worth much
)

 

Hi Jason, 

 

This may not be an issue; however I had a similar problem with an
Exchange 5.5 to Exchange 2003 migration using the Exchange version of
the ADC at Grand Central Communications in San Francisco. I also ran the
NTDSNoMatch did not find any orphaned user accounts and some how several
accounts that had previously been mapped to several mailboxes did not
enumerate properly ( It was only about 5 out of a 100 ), even after I
tried to re-sync them and associating them with a new mailbox ( It was
only the accounts that had multiple Mailbox's that ad an issue all the
others moved over with out an issue ).

 

I am wondering if people having similar issue's may be using Unified
Messaging or Blackberry (As much as I like Blackberry's, I do know that
Blackberry add's hidden folders in one's mailbox and this may have an
incompatibility issue with the ADC, of course it's only a guess). 

 

I am not sure if Microsoft test's such application combinations for
compatibility, before releasing an updated version of the ADC in the
Exchange service packs and I am sure that in a pristine environment
where one would only be using Microsoft Software this is not a problem (
Especially since their has been nearly seven revisions of the Exchange
ADC since it was first released with Exchange 2000 ), and this may very
well not even be an issue with the latest version, however I just
thought I would mention it. ( I hate it when people blame a migration
problem as being my fault when they make do it their way rather then the
way I suggest ).

 

BTW: I also found that the best way to Migrate from Exchange 5.5 is to
export to PST and back again to the new Exchange Server, it offers the
least headaches and every migration I have done using this method has
always been successful with out any issue, and to be honest with you I
really dread such migrations because of all the time it requires during
the weekends and off hours.

 

 

Sincerely,
Jose Medeiros
Storage Area Network Systems Engineer
MCP+I, MCSE, NT4 MCT 408-765-0437  Direct, 408-449-6621 Cell

"Anyone who has never made a mistake has never tried anything new."
Albert Einstein 

  

 

________________________________

From: Jason Sherry [mailto:Jason.Sherry@xxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, August 22, 2006 10:24 AM
To: Medeiros, Jose
Subject: RE: [ExchangeList] Re: NTDSNoMatch utility

 

Could you reply to the group or myself on why that matters, just
curious?

 

Thanks

 

Jason Sherry - Pro Exchange http://www.theproexchange.com

From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Medeiros, Jose
Sent: Tuesday, August 22, 2006 10:54 AM
To: rajnair7@xxxxxxxxx; exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: NTDSNoMatch utility

 

Raj, 

 

Would you happen to also be running a Blackberry and or a Cisco Call
Manager / AVVID Server along with your Exchange Infrastructure ?

 

Sincerely,
Jose Medeiros
Storage Area Network Systems Engineer
MCP+I, MCSE, NT4 MCT 408-765-0437  Direct, 408-449-6621 Cell

"Anyone who has never made a mistake has never tried anything new."
Albert Einstein 

 

 

 

________________________________

From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
Sent: Tuesday, August 22, 2006 8:31 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: NTDSNoMatch utility

 

Thanks for your reply Jason.

One more doubt . i have ran the ntdsnomatch from exchange 200 version
and from the list there is a mailbox iam listing below which does not
come under the exchange 2003 version. I dont know about the exchange
2003 sp2 version and have never run it. 

 

That mailbox also has the Sam acct name and alias different. whay is
that not listed in the 2003 version?

 

Obj-Class

Extension-Attribute-10

Display Name

Primary Windows NT Account

Alias Name

Directory Name

Home-Server

          Mailbox      NTDSNoMatch       Sandy May           is-dp\TC7
Sandy.May       FA12           Revenue04    

 

Similarly there are some more mailboxes that i have seen which have SAM
acct names and aliases different and which are not listed both in exch
2000 version and 2003 version .

 

PS: Is it because the accounts that is owning these mailboxes does not
own any other ?

 

Thanks

Raj

 

 

              



 

On 8/21/06, Jason Sherry <Jason.Sherry@xxxxxxxxxxxxxxxxxx> wrote: 

~DEL means that custom attribute 10 will be cleared.  If the
samAccountName (Windows NT Account) and alias match it is assumed that
the mailbox is the primary mailbox for the account and attribute 10 will
be cleared. 

 

Entries without a value in attribute 10 will be assume to be the primary
mailbox for the associated Windows NT Account.   "NTDSNoMatch" should be
put in attrib 10 for all other mailboxes that have the same Windows NT
Account, only one mailbox for each NT Account should have a blank attrib
10, the rest should have NTDSNoMatch.   For the non-primary or resource
mailboxes, the ones with NTDSNoMatch, a new account will be created for
each of them, based on the directory name I believe.  This new account
will be made the primary account for the mailbox it was created for.  In
addition, the account that used to have be the primary NT Account will
be granted user access to the other mailboxes. 

 

Note: You should be using the ADC Wizard in Exchange 2003 SP2 instead of
ntdsatrb utility, if that is what you are using.

 

From your example data provided below your Exchange directory should be
fixed so alias names are unique within your org.  Getting the primary NT
account and resource mailbox issues addressed is the hardest part in
migrating from Exchange 5.5 to Exchange 2003.

 

I would suggest using the ADC Wizard to set the primary mailbox for each
account that is currently associated with multiple mailboxes.  Then
export the information from the wizard and review it to make sure it is
correct.  Then import the output file, using Exchange 5.5 Administrator,
and rerun the ADC Wizard, after waiting for directory replication to
carry out.

 

 

Jason Sherry - Pro Exchange http://www.theproexchange.com
<http://www.theproexchange.com/>  

From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:
exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
Sent: Monday, August 21, 2006 2:09 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] NTDSNoMatch utility

 

Hi ,

 

 

I have used the exchange 2003 version NTDSNomatch Utility and have
printed the output .Now it has printed all accounts with more than a
mailbox with the NTDSNoMatch stamping. Here is the output .where the SAM
acct name and the alias is different it has stamped NTDSNoMatch.But it
has stamped a ~DEL to the account where the alias and SAM acct name are
same .

 

For eg :

 

For 1 entry from the output file :

Obj-Class

Extension-Attribute-10

Display Name

Primary Windows NT Account

Alias Name

Directory Name

Home-Server

 

Mailbox

~DEL

Phyllis Grigsby

IS-DP\COMM3

COMM3

COMM3

REVENUE04

Mailbox

~DEL

Janie Doolos

IS-DP\COMM3

comm3

SDFairley

REVENUE20

 

 

 

What it means by ~DEL stamping ? Does it mean if if i did not use the
NTDSNoMatch the user Phyllis Grigsby is not going to access his mailbox
( even though his alias and SAM acct name is same in the first row) once
i move th emailboxes to win2003 ? 


 

 

Thanks

Raj

GIF image

Other related posts: