Share via

Microsoft Identity Management Solutions Supported by Exchange Server

  • Article

For years Exchange administrators have been a little confused when it came to which Microsoft identity management solution had support for provisioning Exchange objects for the Exchange Server version(s) used in their particular organization.

This Exchange Wiki page lists the Microsoft identity management solutions supported with Exchange 2003, Exchange 2007, and Exchange 2010 respectively.

Exchange Server 2003

Exchange 2003 supports the following versions:

  • Identity Integration Feature Pack 2003 (IIFP 2003)
  • Microsoft Identity Integration Server 2003 (MIIS 2003)
  • Identity Lifecycle Manager 2007 (ILM 2007)
  • Forefront Identity Manager 2010 (FIM 2010)

Note

Identity Integration Feature Pack 2003 (IIFP 2003) is the free version of MIIS 2003.

Exchange Server 2007

Exchange 2007 supports the following versions:

  • Identity Lifecycle Manager 2007 (ILM 2007) Feature Pack 1 and later
  • Forefront Identity Manager 2010 (FIM 2010) RTM and later

It's also possible to use IIFP 2003 or MIIS 2003 for synchronizing Exchange 2007 users as mail-enabled contacts, but it requires that you either customize the GalSync agent or perform a semi-manual post step when users have been replicated. This is because these versions depend on the recipient update service (RUS) to perform two required tasks. RUS in Exchange 2003 was responsible for setting the LegacyExchangeDN and ShowInAddressBook attributes on the mail-enabled contacts in the target organization. But since Exchange 2007 no longer used RUS, you have to run the Set-MailContact cmdlet against the synchronized contact objects in the Exchange 2007 organization. See this KB article for a detailed explanation on this topic.

For guidance on how you use one of the above synchronization solutions to perform a cross-forest migration to Exchange 2007, see this section in the Exchange 2007 documentation on Microsoft TechNet.

Note

MIIS 2003 (and IIFP 2003) is currently in extended support. For more information see the support lifecycle here.

Exchange Server 2010

Exchange 2010 supports the following versions:

  • Identity Lifecycle Manager 2007 (ILM 2007) Feature Pack 1 Service Pack 1 and later

  • Forefront Identity Manager 2010 (FIM 2010) RTM and later

    It's also worth mentioning that with Exchange 2010, ILM 2007 Feature Pack 1 Service Pack 1 and FIM 2010 RTM no longer requires that the Exchange Management tools are installed on the ILM/FIM server. Instead, the GalSync management agent takes advantage of the remoting features in PowerShell 2.0 to contact the Update-Recipient cmdlet.

     

    As with Exchange 2007, it's also possible to use IIFP 2003 or MIIS 2003 for synchronizing Exchange 2010 users as mail-enabled contacts, but again it requires that you either customize the GalSync agent or perform a semi-manual post step when users have been replicated. This is because these versions depend on the recipient update service (RUS) to perform two required tasks. RUS in Exchange 2003 was responsible for setting the LegacyExchangeDN and ShowInAddressBook attributes on the mail-enabled contacts in the target organization. But since Exchange 2010 no longer used RUS, you had to run the Set-MailContact cmdlet against the synchronized contact objects in the Exchange 2010 organization. See this KB article for a detailed explanation on this topic.

    For guidance on how you use one of the above synchronization solutions to perform a cross-forest migration to Exchange 2010, see this section in the Exchange 2010 documentation on Microsoft TechNet.

    When planning to perform a cross-forest migration to Exchange 2010, also makes sure you read this section.

    Note

MIIS 2003 (and IIFP 2003) is currently in extended support. For more information see the support lifecycle here.

See Also

[[Global Address List Synchronization (GalSync) Resources]]

Others Languages

This article is also available in the following languages: