[ExchangeList] Re: NTDSNoMatch utility ( My two cents, which may not be worth much )
- From: "Jason Sherry" <Jason.Sherry@xxxxxxxxxxxxxxxxxx>
- To: "Medeiros, Jose" <Jose.Medeiros@xxxxxxxxx>
- Date: Tue, 22 Aug 2006 14:47:50 -0400
Thanks for the extra info. I recently did a migration of 36,000 5.5
mailboxes of which about 600 had Blackberry. I saw many odd issues, as
to be expected in this size environment with 18 5.5 sites going to 2
E2k3 Admin groups, but none of the problems were directly associated to
Blackberry. They also used Cisco Call Manger at some of the sites but
it was setup in a separate forest from the one we were migrating to and
wasn't tied into Exchange 5.5.
I used NTDSNomatch to get the raw output and then reviewed the data and
massaged the CSV files before importing them in 5.5 tool. The ADC
wizard, or any other "wizard" for that matter J, doesn't work that well
in an environment that complex.
Note:
The target environment was Exchange 2003 SP1, SP2 came out during our
testing phase and I wanted to hold off on changing anything until the
migration was done.
PS:
With the new tools in Exchange 2003 SP1+ for doing cross site migrations
dumping to PSTs should not be needed anymore. The migration I did above
worked fine, after a bunch of testing and a few hotfixes. The only time
I have had to dump to PSTs in the past was when doing cross-org
migrations or when doing site consolidation before 2003 SP1. If you
want to maintain mail flow during the migration dumping to PSTs requires
a lot more work.
Here's is an article I wrote on doing cross-site migrations using the
2003 SP1+ tools:
http://www.outlookexchange.com/articles/JasonSherry/sherry_c6p1.asp In
includes the basic steps, info, and links to key URLs.
Jason Sherry - Pro Exchange http://www.theproexchange.com
From: Medeiros, Jose [mailto:Jose.Medeiros@xxxxxxxxx]
Sent: Tuesday, August 22, 2006 12:25 PM
To: Jason Sherry
Cc: exchangelist@xxxxxxxxxxxxx
Subject: NTDSNoMatch utility ( My two cents, which may not be worth much
)
Hi Jason,
This may not be an issue; however I had a similar problem with an
Exchange 5.5 to Exchange 2003 migration using the Exchange version of
the ADC at Grand Central Communications in San Francisco. I also ran the
NTDSNoMatch did not find any orphaned user accounts and some how several
accounts that had previously been mapped to several mailboxes did not
enumerate properly ( It was only about 5 out of a 100 ), even after I
tried to re-sync them and associating them with a new mailbox ( It was
only the accounts that had multiple Mailbox's that ad an issue all the
others moved over with out an issue ).
I am wondering if people having similar issue's may be using Unified
Messaging or Blackberry (As much as I like Blackberry's, I do know that
Blackberry add's hidden folders in one's mailbox and this may have an
incompatibility issue with the ADC, of course it's only a guess).
I am not sure if Microsoft test's such application combinations for
compatibility, before releasing an updated version of the ADC in the
Exchange service packs and I am sure that in a pristine environment
where one would only be using Microsoft Software this is not a problem (
Especially since their has been nearly seven revisions of the Exchange
ADC since it was first released with Exchange 2000 ), and this may very
well not even be an issue with the latest version, however I just
thought I would mention it. ( I hate it when people blame a migration
problem as being my fault when they make do it their way rather then the
way I suggest ).
BTW: I also found that the best way to Migrate from Exchange 5.5 is to
export to PST and back again to the new Exchange Server, it offers the
least headaches and every migration I have done using this method has
always been successful with out any issue, and to be honest with you I
really dread such migrations because of all the time it requires during
the weekends and off hours.
Sincerely,
Jose Medeiros
Storage Area Network Systems Engineer
MCP+I, MCSE, NT4 MCT 408-765-0437 Direct, 408-449-6621 Cell
"Anyone who has never made a mistake has never tried anything new."
Albert Einstein
________________________________
From: Jason Sherry [mailto:Jason.Sherry@xxxxxxxxxxxxxxxxxx]
Sent: Tuesday, August 22, 2006 10:24 AM
To: Medeiros, Jose
Subject: RE: [ExchangeList] Re: NTDSNoMatch utility
Could you reply to the group or myself on why that matters, just
curious?
Thanks
Jason Sherry - Pro Exchange http://www.theproexchange.com
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Medeiros, Jose
Sent: Tuesday, August 22, 2006 10:54 AM
To: rajnair7@xxxxxxxxx; exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: NTDSNoMatch utility
Raj,
Would you happen to also be running a Blackberry and or a Cisco Call
Manager / AVVID Server along with your Exchange Infrastructure ?
Sincerely,
Jose Medeiros
Storage Area Network Systems Engineer
MCP+I, MCSE, NT4 MCT 408-765-0437 Direct, 408-449-6621 Cell
"Anyone who has never made a mistake has never tried anything new."
Albert Einstein
________________________________
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
Sent: Tuesday, August 22, 2006 8:31 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: NTDSNoMatch utility
Thanks for your reply Jason.
One more doubt . i have ran the ntdsnomatch from exchange 200 version
and from the list there is a mailbox iam listing below which does not
come under the exchange 2003 version. I dont know about the exchange
2003 sp2 version and have never run it.
That mailbox also has the Sam acct name and alias different. whay is
that not listed in the 2003 version?
Obj-Class
Extension-Attribute-10
Display Name
Primary Windows NT Account
Alias Name
Directory Name
Home-Server
Mailbox NTDSNoMatch Sandy May is-dp\TC7
Sandy.May FA12 Revenue04
Similarly there are some more mailboxes that i have seen which have SAM
acct names and aliases different and which are not listed both in exch
2000 version and 2003 version .
PS: Is it because the accounts that is owning these mailboxes does not
own any other ?
Thanks
Raj
On 8/21/06, Jason Sherry <Jason.Sherry@xxxxxxxxxxxxxxxxxx> wrote:
~DEL means that custom attribute 10 will be cleared. If the
samAccountName (Windows NT Account) and alias match it is assumed that
the mailbox is the primary mailbox for the account and attribute 10 will
be cleared.
Entries without a value in attribute 10 will be assume to be the primary
mailbox for the associated Windows NT Account. "NTDSNoMatch" should be
put in attrib 10 for all other mailboxes that have the same Windows NT
Account, only one mailbox for each NT Account should have a blank attrib
10, the rest should have NTDSNoMatch. For the non-primary or resource
mailboxes, the ones with NTDSNoMatch, a new account will be created for
each of them, based on the directory name I believe. This new account
will be made the primary account for the mailbox it was created for. In
addition, the account that used to have be the primary NT Account will
be granted user access to the other mailboxes.
Note: You should be using the ADC Wizard in Exchange 2003 SP2 instead of
ntdsatrb utility, if that is what you are using.
From your example data provided below your Exchange directory should be
fixed so alias names are unique within your org. Getting the primary NT
account and resource mailbox issues addressed is the hardest part in
migrating from Exchange 5.5 to Exchange 2003.
I would suggest using the ADC Wizard to set the primary mailbox for each
account that is currently associated with multiple mailboxes. Then
export the information from the wizard and review it to make sure it is
correct. Then import the output file, using Exchange 5.5 Administrator,
and rerun the ADC Wizard, after waiting for directory replication to
carry out.
Jason Sherry - Pro Exchange http://www.theproexchange.com
<http://www.theproexchange.com/>
From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:
exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
Sent: Monday, August 21, 2006 2:09 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] NTDSNoMatch utility
Hi ,
I have used the exchange 2003 version NTDSNomatch Utility and have
printed the output .Now it has printed all accounts with more than a
mailbox with the NTDSNoMatch stamping. Here is the output .where the SAM
acct name and the alias is different it has stamped NTDSNoMatch.But it
has stamped a ~DEL to the account where the alias and SAM acct name are
same .
For eg :
For 1 entry from the output file :
Obj-Class
Extension-Attribute-10
Display Name
Primary Windows NT Account
Alias Name
Directory Name
Home-Server
Mailbox
~DEL
Phyllis Grigsby
IS-DP\COMM3
COMM3
COMM3
REVENUE04
Mailbox
~DEL
Janie Doolos
IS-DP\COMM3
comm3
SDFairley
REVENUE20
What it means by ~DEL stamping ? Does it mean if if i did not use the
NTDSNoMatch the user Phyllis Grigsby is not going to access his mailbox
( even though his alias and SAM acct name is same in the first row) once
i move th emailboxes to win2003 ?
Thanks
Raj
Other related posts:
