I have another exchange question, that I hope I find the right answer/solution to.
I have an LDAP directory containing a list of contacts that exist in our CRM solution that we would like to access from the the outlook and owa clients.
Is there a way to get Exchange 2010 to read/sync from this to create another address book so that users and get the typeahead functionality for these CRM contacts in both Exchange clients?
If not what other solutions would you recommend to achieve something similar. I don't want to give our users two places to find email addresses as that will start to confuse them all.
Thanks in advance.
Best Answer
There isn't built-in functionality to do what you're looking for.
The Microsoft-provided solution for this situation would probably be the heavyweight Forefront Identity Manager 2010 (FIM) product. Solving your problem w/ FIM, though, would be a bit like swatting a fly with a sledgehammer... made of gold... using hired help to do the swatting... at $1,000.00 an hour... (you get the idea).
You're basically looking for creation of mail-enabled contacts in the Active Directory corresponding to the data obtained from your CRM system via LDAP. These mail-enabled contacts will then be visible in the GAL for Exchange clients (Outlook, OWA, etc), and can be put into distribution lists, etc.
The old Exchange Migration Wizard from Exchange 2003 had functionality to retrieve data via LDAP, transform it via field-mapping, and create an LDIF file suitable for import into Active Directory. It wasn't a true synchronization engine, and the recommended strategy (being one-way), and the recommended strategy for keeping Active Directory updated, should entries be deleted in the source LDAP directory, was just to delete the imported objects and re-import a fresh export (which plays hell if you plan on using the imported objects in distribution lists).
There are probably a slew of off-the-shelf programs to do what you're looking for. A quick search reveals a couple of me (neither of which I have any personal experience with):
ADSync Light
GroupID Synchronize
Personally, I'd consider writing (or hiring somebody to write) a script to perform the synchronization (if only because it sounds like a lot of fun to write).
The workflow would be, basically, querying the source directory for the applicable objects and iterating over that result set querying Active Directory and either adding or modifying existing objects there, and then querying Active Directory for all possible imported objects and iterating over that result set to located and delete objects that have been deleted from the source directory. There are various strategies for how you might actually accomplish this, each with some tradeoffs.
I'd think somebody familiar with both Active Directory and LDAP, in general, could get a script written to do what you're looking for in 4 - 6 hours. Test it copiously, and you're off to the races.
Unrelated note: This is my 1,000th Server Fault answer. Woo-hoo!