[ExchangeList] Re: NTDSNoMatch utility ( My two cents, which may not be worth much )

Hi Jason, 

 

I am very impressed, you are by far more of an Exchange Expert then I, and the 
article you wrote is indeed very impressive.



I realize that using exmerge is far more time consuming but it does work and is 
much cleaner then having to deal with the SRS database and cleanup associated 
with using the ADC.



In my opinion companies should hire a very qualified consultant such as your 
self, as opposed to using the day to day support staff such as my self to 
perform such migrations.

 

You brought up a good point that the Call manager system was in a different 
forest, however it must not be using the Unified Messaging server ( AVVID ),  I 
am wondering if any one has experienced similar problems with the ADC.



I'll stick to just managing the servers and fiber channel storage area networks.

 

Peace, 

 

Jose :-)

http://www.sjpc.org/~medeiros

-----------------------------------------------------------------------------------------------------------

  ----- Original Message ----- 
  From: Jason Sherry 
  To: Medeiros, Jose 
  Cc: exchangelist@xxxxxxxxxxxxx 
  Sent: Tuesday, August 22, 2006 11:47 AM
  Subject: [ExchangeList] Re: NTDSNoMatch utility ( My two cents, which may not 
be worth much )


  Thanks for the extra info.  I recently did a migration of 36,000 5.5 
mailboxes of which about 600 had Blackberry.  I saw many odd issues, as to be 
expected in this size environment with 18 5.5 sites going to 2 E2k3 Admin 
groups, but none of the problems were directly associated to Blackberry.  They 
also used Cisco Call Manger at some of the sites but it was setup in a separate 
forest from the one we were migrating to and wasn't tied into Exchange 5.5.

   

  I used NTDSNomatch to get the raw output and then reviewed the data and 
massaged the CSV files before importing them in 5.5 tool.  The ADC wizard, or 
any other "wizard" for that matter J, doesn't work that well in an environment 
that complex.

   

  Note:

  The target environment was Exchange 2003 SP1, SP2 came out during our testing 
phase and I wanted to hold off on changing anything until the migration was 
done.

   

  PS:

  With the new tools in Exchange 2003 SP1+ for doing cross site migrations 
dumping to PSTs should not be needed anymore.  The migration I did above worked 
fine, after a bunch of testing and a few hotfixes.  The only time I have had to 
dump to PSTs in the past was when doing cross-org migrations or when doing site 
consolidation before 2003 SP1.  If you want to maintain mail flow during the 
migration dumping to PSTs requires a lot more work.

   

  Here's is an article I wrote on doing cross-site migrations using the 2003 
SP1+ tools: http://www.outlookexchange.com/articles/JasonSherry/sherry_c6p1.asp 
 In includes the basic steps, info, and links to key URLs.

   

  Jason Sherry - Pro Exchange http://www.theproexchange.com 

  From: Medeiros, Jose [mailto:Jose.Medeiros@xxxxxxxxx] 
  Sent: Tuesday, August 22, 2006 12:25 PM
  To: Jason Sherry
  Cc: exchangelist@xxxxxxxxxxxxx
  Subject: NTDSNoMatch utility ( My two cents, which may not be worth much )

   

  Hi Jason, 

   

  This may not be an issue; however I had a similar problem with an Exchange 
5.5 to Exchange 2003 migration using the Exchange version of the ADC at Grand 
Central Communications in San Francisco. I also ran the NTDSNoMatch did not 
find any orphaned user accounts and some how several accounts that had 
previously been mapped to several mailboxes did not enumerate properly ( It was 
only about 5 out of a 100 ), even after I tried to re-sync them and associating 
them with a new mailbox ( It was only the accounts that had multiple Mailbox's 
that ad an issue all the others moved over with out an issue ).

   

  I am wondering if people having similar issue's may be using Unified 
Messaging or Blackberry (As much as I like Blackberry's, I do know that 
Blackberry add's hidden folders in one's mailbox and this may have an 
incompatibility issue with the ADC, of course it's only a guess). 

   

  I am not sure if Microsoft test's such application combinations for 
compatibility, before releasing an updated version of the ADC in the Exchange 
service packs and I am sure that in a pristine environment where one would only 
be using Microsoft Software this is not a problem ( Especially since their has 
been nearly seven revisions of the Exchange ADC since it was first released 
with Exchange 2000 ), and this may very well not even be an issue with the 
latest version, however I just thought I would mention it. ( I hate it when 
people blame a migration problem as being my fault when they make do it their 
way rather then the way I suggest ).

   

  BTW: I also found that the best way to Migrate from Exchange 5.5 is to export 
to PST and back again to the new Exchange Server, it offers the least headaches 
and every migration I have done using this method has always been successful 
with out any issue, and to be honest with you I really dread such migrations 
because of all the time it requires during the weekends and off hours.

   

   

  Sincerely,
  Jose Medeiros
  Storage Area Network Systems Engineer
  MCP+I, MCSE, NT4 MCT 408-765-0437  Direct, 408-449-6621 Cell

  "Anyone who has never made a mistake has never tried anything new."  Albert 
Einstein 

   

   


------------------------------------------------------------------------------

  From: Jason Sherry [mailto:Jason.Sherry@xxxxxxxxxxxxxxxxxx] 
  Sent: Tuesday, August 22, 2006 10:24 AM
  To: Medeiros, Jose
  Subject: RE: [ExchangeList] Re: NTDSNoMatch utility

   

  Could you reply to the group or myself on why that matters, just curious?

   

  Thanks

   

  Jason Sherry - Pro Exchange http://www.theproexchange.com

  From: exchangelist-bounce@xxxxxxxxxxxxx 
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Medeiros, Jose
  Sent: Tuesday, August 22, 2006 10:54 AM
  To: rajnair7@xxxxxxxxx; exchangelist@xxxxxxxxxxxxx
  Subject: [ExchangeList] Re: NTDSNoMatch utility

   

  Raj, 

   

  Would you happen to also be running a Blackberry and or a Cisco Call Manager 
/ AVVID Server along with your Exchange Infrastructure ?

   

  Sincerely,
  Jose Medeiros
  Storage Area Network Systems Engineer
  MCP+I, MCSE, NT4 MCT 408-765-0437  Direct, 408-449-6621 Cell

  "Anyone who has never made a mistake has never tried anything new."  Albert 
Einstein 

   

   

   


------------------------------------------------------------------------------

  From: exchangelist-bounce@xxxxxxxxxxxxx 
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
  Sent: Tuesday, August 22, 2006 8:31 AM
  To: exchangelist@xxxxxxxxxxxxx
  Subject: [ExchangeList] Re: NTDSNoMatch utility

   

  Thanks for your reply Jason.

  One more doubt . i have ran the ntdsnomatch from exchange 200 version and 
from the list there is a mailbox iam listing below which does not come under 
the exchange 2003 version. I dont know about the exchange 2003 sp2 version and 
have never run it. 

   

  That mailbox also has the Sam acct name and alias different. whay is that not 
listed in the 2003 version?

   

        Obj-Class
       Extension-Attribute-10
       Display Name
       Primary Windows NT Account
       Alias Name
       Directory Name
       Home-Server
       

            Mailbox      NTDSNoMatch       Sandy May           is-dp\TC7        
              Sandy.May       FA12           Revenue04    

   

  Similarly there are some more mailboxes that i have seen which have SAM acct 
names and aliases different and which are not listed both in exch 2000 version 
and 2003 version .

   

  PS: Is it because the accounts that is owning these mailboxes does not own 
any other ?

   

  Thanks

  Raj

   

   

                



   

  On 8/21/06, Jason Sherry <Jason.Sherry@xxxxxxxxxxxxxxxxxx> wrote: 

  ~DEL means that custom attribute 10 will be cleared.  If the samAccountName 
(Windows NT Account) and alias match it is assumed that the mailbox is the 
primary mailbox for the account and attribute 10 will be cleared. 

   

  Entries without a value in attribute 10 will be assume to be the primary 
mailbox for the associated Windows NT Account.   "NTDSNoMatch" should be put in 
attrib 10 for all other mailboxes that have the same Windows NT Account, only 
one mailbox for each NT Account should have a blank attrib 10, the rest should 
have NTDSNoMatch.   For the non-primary or resource mailboxes, the ones with 
NTDSNoMatch, a new account will be created for each of them, based on the 
directory name I believe.  This new account will be made the primary account 
for the mailbox it was created for.  In addition, the account that used to have 
be the primary NT Account will be granted user access to the other mailboxes. 

   

  Note: You should be using the ADC Wizard in Exchange 2003 SP2 instead of 
ntdsatrb utility, if that is what you are using.

   

  From your example data provided below your Exchange directory should be fixed 
so alias names are unique within your org.  Getting the primary NT account and 
resource mailbox issues addressed is the hardest part in migrating from 
Exchange 5.5 to Exchange 2003.

   

  I would suggest using the ADC Wizard to set the primary mailbox for each 
account that is currently associated with multiple mailboxes.  Then export the 
information from the wizard and review it to make sure it is correct.  Then 
import the output file, using Exchange 5.5 Administrator, and rerun the ADC 
Wizard, after waiting for directory replication to carry out.

   

   

  Jason Sherry - Pro Exchange http://www.theproexchange.com 

  From: exchangelist-bounce@xxxxxxxxxxxxx 
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of raj nair
  Sent: Monday, August 21, 2006 2:09 PM
  To: exchangelist@xxxxxxxxxxxxx
  Subject: [ExchangeList] NTDSNoMatch utility

   

  Hi ,

   

   

  I have used the exchange 2003 version NTDSNomatch Utility and have printed 
the output .Now it has printed all accounts with more than a mailbox with the 
NTDSNoMatch stamping. Here is the output .where the SAM acct name and the alias 
is different it has stamped NTDSNoMatch.But it has stamped a ~DEL to the 
account where the alias and SAM acct name are same .

   

  For eg :

   

  For 1 entry from the output file :

        Obj-Class
       Extension-Attribute-10
       Display Name
       Primary Windows NT Account
       Alias Name
       Directory Name
       Home-Server
       

   

        Mailbox
       ~DEL
       Phyllis Grigsby
       IS-DP\COMM3
       COMM3
       COMM3
       REVENUE04
       
        Mailbox
       ~DEL
       Janie Doolos
       IS-DP\COMM3
       comm3
       SDFairley
       REVENUE20
       

   

   

   

  What it means by ~DEL stamping ? Does it mean if if i did not use the 
NTDSNoMatch the user Phyllis Grigsby is not going to access his mailbox ( even 
though his alias and SAM acct name is same in the first row) once i move th 
emailboxes to win2003 ? 


   

   

  Thanks

  Raj

GIF image

Other related posts: