[ExchangeList] Re: NTDSNoMatch utility ( My two cents, which may not be worth much )
- From: "Jose Medeiros" <josemedeiros@xxxxxxxxxxx>
- To: <exchangelist@xxxxxxxxxxxxx>, "Medeiros, Jose" <Jose.Medeiros@xxxxxxxxx>
- Date: Tue, 22 Aug 2006 22:41:47 -0700
Hi Jason,
I am very impressed, you are by far more of an Exchange Expert then I, and the
article you wrote is indeed very impressive.
I realize that using exmerge is far more time consuming but it does work and is
much cleaner then having to deal with the SRS database and cleanup associated
with using the ADC.
In my opinion companies should hire a very qualified consultant such as your
self, as opposed to using the day to day support staff such as my self to
perform such migrations.
You brought up a good point that the Call manager system was in a different
forest, however it must not be using the Unified Messaging server ( AVVID ), I
am wondering if any one has experienced similar problems with the ADC.
I'll stick to just managing the servers and fiber channel storage area networks.
Peace,
Jose :-)
http://www.sjpc.org/~medeiros
-----------------------------------------------------------------------------------------------------------
----- Original Message -----
From: Jason Sherry
To: Medeiros, Jose
Cc: exchangelist@xxxxxxxxxxxxx
Sent: Tuesday, August 22, 2006 11:47 AM
Subject: [ExchangeList] Re: NTDSNoMatch utility ( My two cents, which may not
be worth much )
Thanks for the extra info. I recently did a migration of 36,000 5.5
mailboxes of which about 600 had Blackberry. I saw many odd issues, as to be
expected in this size environment with 18 5.5 sites going to 2 E2k3 Admin
groups, but none of the problems were directly associated to Blackberry. They
also used Cisco Call Manger at some of the sites but it was setup in a separate
forest from the one we were migrating to and wasn't tied into Exchange 5.5.
I used NTDSNomatch to get the raw output and then reviewed the data and
massaged the CSV files before importing them in 5.5 tool. The ADC wizard, or
any other "wizard" for that matter J, doesn't work that well in an environment
that complex.
Note:
The target environment was Exchange 2003 SP1, SP2 came out during our testing
phase and I wanted to hold off on changing anything until the migration was
done.
PS:
With the new tools in Exchange 2003 SP1+ for doing cross site migrations
dumping to PSTs should not be needed anymore. The migration I did above worked
fine, after a bunch of testing and a few hotfixes. The only time I have had to
dump to PSTs in the past was when doing cross-org migrations or when doing site
consolidation before 2003 SP1. If you want to maintain mail flow during the
migration dumping to PSTs requires a lot more work.
Here's is an article I wrote on doing cross-site migrations using the 2003
SP1+ tools: http://www.outlookexchange.com/articles/JasonSherry/sherry_c6p1.asp
In includes the basic steps, info, and links to key URLs.
Jason Sherry - Pro Exchange http://www.theproexchange.com
From: Medeiros, Jose [mailto:Jose.Medeiros@xxxxxxxxx]
Sent: Tuesday, August 22, 2006 12:25 PM
To: Jason Sherry
Cc: exchangelist@xxxxxxxxxxxxx
Subject: NTDSNoMatch utility ( My two cents, which may not be worth much )
Hi Jason,
This may not be an issue; however I had a similar problem with an Exchange
5.5 to Exchange 2003 migration using the Exchange version of the ADC at Grand
Central Communications in San Francisco. I also ran the NTDSNoMatch did not
find any orphaned user accounts and some how several accounts that had
previously been mapped to several mailboxes did not enumerate properly ( It was
only about 5 out of a 100 ), even after I tried to re-sync them and associating
them with a new mailbox ( It was only the accounts that had multiple Mailbox's
that ad an issue all the others moved over with out an issue ).
I am wondering if people having similar issue's may be using Unified
Messaging or Blackberry (As much as I like Blackberry's, I do know that
Blackberry add's hidden folders in one's mailbox and this may have an
incompatibility issue with the ADC, of course it's only a guess).
I am not sure if Microsoft test's such application combinations for
compatibility, before releasing an updated version of the ADC in the Exchange
service packs and I am sure that in a pristine environment where one would only
be using Microsoft Software this is not a problem ( Especially since their has
been nearly seven revisions of the Exchange ADC since it was first released
with Exchange 2000 ), and this may very well not even be an issue with the
latest version, however I just thought I would mention it. ( I hate it when
people blame a migration problem as being my fault when they make do it their
way rather then the way I suggest ).
BTW: I also found that the best way to Migrate from Exchange 5.5 is to export
to PST and back again to the new Exchange Server, it offers the least headaches
and every migration I have done using this method has always been successful
with out any issue, and to be honest with you I really dread such migrations
because of all the time it requires during the weekends and off hours.
Sincerely,
Jose Medeiros
Storage Area Network Systems Engineer
MCP+I, MCSE, NT4 MCT 408-765-0437 Direct, 408-449-6621 Cell
"Anyone who has never made a mistake has never tried anything new." Albert
Einstein
------------------------------------------------------------------------------
From: Jason Sherry [mailto:Jason.Sherry@xxxxxxxxxxxxxxxxxx]
Sent: Tuesday, August 22, 2006 10:24 AM
To: Medeiros, Jose
Subject: RE: [ExchangeList] Re: NTDSNoMatch utility
Could you reply to the group or myself on why that matters, just curious?
Thanks
Jason Sherry - Pro Exchange http://www.theproexchange.com
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Medeiros, Jose
Sent: Tuesday, August 22, 2006 10:54 AM
To: rajnair7@xxxxxxxxx; exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: NTDSNoMatch utility
Raj,
Would you happen to also be running a Blackberry and or a Cisco Call Manager
/ AVVID Server along with your Exchange Infrastructure ?
Sincerely,
Jose Medeiros
Storage Area Network Systems Engineer
MCP+I, MCSE, NT4 MCT 408-765-0437 Direct, 408-449-6621 Cell
"Anyone who has never made a mistake has never tried anything new." Albert
Einstein
------------------------------------------------------------------------------
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
Sent: Tuesday, August 22, 2006 8:31 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: NTDSNoMatch utility
Thanks for your reply Jason.
One more doubt . i have ran the ntdsnomatch from exchange 200 version and
from the list there is a mailbox iam listing below which does not come under
the exchange 2003 version. I dont know about the exchange 2003 sp2 version and
have never run it.
That mailbox also has the Sam acct name and alias different. whay is that not
listed in the 2003 version?
Obj-Class
Extension-Attribute-10
Display Name
Primary Windows NT Account
Alias Name
Directory Name
Home-Server
Mailbox NTDSNoMatch Sandy May is-dp\TC7
Sandy.May FA12 Revenue04
Similarly there are some more mailboxes that i have seen which have SAM acct
names and aliases different and which are not listed both in exch 2000 version
and 2003 version .
PS: Is it because the accounts that is owning these mailboxes does not own
any other ?
Thanks
Raj
On 8/21/06, Jason Sherry <Jason.Sherry@xxxxxxxxxxxxxxxxxx> wrote:
~DEL means that custom attribute 10 will be cleared. If the samAccountName
(Windows NT Account) and alias match it is assumed that the mailbox is the
primary mailbox for the account and attribute 10 will be cleared.
Entries without a value in attribute 10 will be assume to be the primary
mailbox for the associated Windows NT Account. "NTDSNoMatch" should be put in
attrib 10 for all other mailboxes that have the same Windows NT Account, only
one mailbox for each NT Account should have a blank attrib 10, the rest should
have NTDSNoMatch. For the non-primary or resource mailboxes, the ones with
NTDSNoMatch, a new account will be created for each of them, based on the
directory name I believe. This new account will be made the primary account
for the mailbox it was created for. In addition, the account that used to have
be the primary NT Account will be granted user access to the other mailboxes.
Note: You should be using the ADC Wizard in Exchange 2003 SP2 instead of
ntdsatrb utility, if that is what you are using.
From your example data provided below your Exchange directory should be fixed
so alias names are unique within your org. Getting the primary NT account and
resource mailbox issues addressed is the hardest part in migrating from
Exchange 5.5 to Exchange 2003.
I would suggest using the ADC Wizard to set the primary mailbox for each
account that is currently associated with multiple mailboxes. Then export the
information from the wizard and review it to make sure it is correct. Then
import the output file, using Exchange 5.5 Administrator, and rerun the ADC
Wizard, after waiting for directory replication to carry out.
Jason Sherry - Pro Exchange http://www.theproexchange.com
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
Sent: Monday, August 21, 2006 2:09 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] NTDSNoMatch utility
Hi ,
I have used the exchange 2003 version NTDSNomatch Utility and have printed
the output .Now it has printed all accounts with more than a mailbox with the
NTDSNoMatch stamping. Here is the output .where the SAM acct name and the alias
is different it has stamped NTDSNoMatch.But it has stamped a ~DEL to the
account where the alias and SAM acct name are same .
For eg :
For 1 entry from the output file :
Obj-Class
Extension-Attribute-10
Display Name
Primary Windows NT Account
Alias Name
Directory Name
Home-Server
Mailbox
~DEL
Phyllis Grigsby
IS-DP\COMM3
COMM3
COMM3
REVENUE04
Mailbox
~DEL
Janie Doolos
IS-DP\COMM3
comm3
SDFairley
REVENUE20
What it means by ~DEL stamping ? Does it mean if if i did not use the
NTDSNoMatch the user Phyllis Grigsby is not going to access his mailbox ( even
though his alias and SAM acct name is same in the first row) once i move th
emailboxes to win2003 ?
Thanks
Raj
Other related posts:
