|
|
在Exchange 2010设置HAB首先需要扩展AD DS架构,如果是Exchange 2010 Sp1则可以不用执行步骤1
1. 新建一个TXT文件,并将以下内容复制到文件内,并命名为schema_file.txt (注意文件的首行要保持为空)
dn:CN=ms-DS-Phonetic-Display-Name,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-DS-Phonetic-Display-Name
adminDisplayName:ms-DS-Phonetic-Display-Name
attributeID: 1.2.840.113556.1.4.1946
attributeSecurityGuid::VAGN5Pi80RGHAgDAT7lgUA==
attributeSyntax: 2.5.5.12
isSingleValued:TRUE
lDAPDisplayName:msDS-PhoneticDisplayName
mapiId: 35986
name:ms-DS-Phonetic-Display-Name
oMSyntax: 64
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
rangeLower: 0
rangeUpper: 256
schemaIdGuid::5JQa4mYt5UyzDQ74endv8A==
searchFlags: 5
showInAdvancedViewOnly:TRUE
systemFlags: 16
systemOnly:FALSE
dn:CN=ms-DS-HAB-Seniority-Index,DC=X
changetype:ntdsSchemaAdd
adminDescription:Contains the seniority index as applied by the organization where the person works.
adminDisplayName:ms-DS-HAB-Seniority-Index
attributeID: 1.2.840.113556.1.4.1997
attributeSecurityGuid::VAGN5Pi80RGHAgDAT7lgUA==
attributeSyntax: 2.5.5.9
isMemberOfPartialAttributeSet:TRUE
isSingleValued:TRUE
lDAPDisplayName:msDS-HABSeniorityIndex
mapiId: 36000
name:ms-DS-HAB-Seniority-Index
oMSyntax: 2
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
schemaIdGuid::8Un03jv9RUCYz9lljaeItQ==
searchFlags: 1
showInAdvancedViewOnly:TRUE
systemFlags: 16
systemOnly:FALSE
dn:CN=ms-Exch-HAB-Root-Department-Link,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Exch-HAB-Root-Department-Link
adminDisplayName:ms-Exch-HAB-Root-Department-Link
attributeID: 1.2.840.113556.1.4.7000.102.50824
attributeSyntax: 2.5.5.1
isMemberOfPartialAttributeSet:FALSE
isSingleValued:TRUE
lDAPDisplayName:msExchHABRootDepartmentLink
mapiId: 35992
name:ms-Exch-HAB-Root-Department-Link
oMSyntax: 127
oMObjectClass::KwwCh3McAIVK
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
linkID: 1092
schemaIdGuid::f/ewOgOh9UeAbUpAzOY4qg==
searchFlags: 0
dn:CN=ms-Exch-HAB-Root-Department-BL,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Exch-HAB-Root-Department-BL
adminDisplayName:ms-Exch-HAB-Root-Department-BL
attributeID: 1.2.840.113556.1.4.7000.102.50826
attributeSyntax: 2.5.5.1
isMemberOfPartialAttributeSet:FALSE
isSingleValued:FALSE
lDAPDisplayName:msExchHABRootDepartmentBL
mapiId: 35995
name:ms-Exch-HAB-Root-Department-BL
oMSyntax: 127
oMObjectClass::KwwCh3McAIVK
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
linkID: 1093
schemaIdGuid::jIKVD70qh0CwJo98xedSpA==
searchFlags: 0
dn:CN=ms-Org-Group-Subtype-Name,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Org-Group-Subtype-Name
adminDisplayName:ms-Org-Group-Subtype-Name
attributeID: 1.2.840.113556.1.6.47.2.3
attributeSyntax: 2.5.5.12
isMemberOfPartialAttributeSet:TRUE
isSingleValued:TRUE
lDAPDisplayName:msOrg-GroupSubtypeName
mapiId: 36063
name:ms-Org-Group-Subtype-Name
oMSyntax: 64
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
rangeUpper: 128
schemaIdGuid::RFjt7cOzw0Gp5omEtSt/mA==
searchFlags: 17
dn:CN=ms-Org-Is-Organizational-Group,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Org-Is-Organizational-Group
adminDisplayName:ms-Org-Is-Organizational-Group
attributeID: 1.2.840.113556.1.6.47.2.1
attributeSyntax: 2.5.5.8
isMemberOfPartialAttributeSet:TRUE
isSingleValued:TRUE
lDAPDisplayName:msOrg-IsOrganizational
mapiId: 36061
name:ms-Org-Is-Organizational-Group
oMSyntax: 1
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
schemaIdGuid::C1a3SQdHoEqifOF6Cco/lw==
searchFlags: 16
dn:CN=ms-Org-Other-Display-Names,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Org-Other-Display-Names
adminDisplayName:ms-Org-Other-Display-Names
attributeID: 1.2.840.113556.1.6.47.2.4
attributeSyntax: 2.5.5.12
isMemberOfPartialAttributeSet:TRUE
isSingleValued:FALSE
lDAPDisplayName:msOrg-OtherDisplayNames
mapiId: 36064
name:ms-Org-Other-Display-Names
oMSyntax: 64
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
rangeUpper: 128
schemaIdGuid::JF+QjxOkWkOO0TU4XsF59w==
searchFlags: 17
dn:CN=ms-Org-Leaders,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Org-Leaders
adminDisplayName:ms-Org-Leaders
attributeID: 1.2.840.113556.1.6.47.2.2
attributeSyntax: 2.5.5.1
isMemberOfPartialAttributeSet:TRUE
isSingleValued:FALSE
lDAPDisplayName:msOrg-Leaders
mapiId: 36062
name:ms-Org-Leaders
oMSyntax: 127
oMObjectClass::KwwCh3McAIVK
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
linkID: 1208
schemaIdGuid::kGdb7lgzqEGT8hNM4h84Ew==
searchFlags: 16
dn:CN=ms-Org-Leaders-BL,DC=X
changetype:ntdsSchemaAdd
adminDescription:ms-Org-Leaders-BL
adminDisplayName:ms-Org-Leaders-BL
attributeID: 1.2.840.113556.1.6.47.2.5
attributeSyntax: 2.5.5.1
isMemberOfPartialAttributeSet:FALSE
isSingleValued:FALSE
lDAPDisplayName:msOrg-LeadersBL
mapiId: 36060
name:ms-Org-Leaders-BL
oMSyntax: 127
oMObjectClass::KwwCh3McAIVK
objectCategory:CN=Attribute-Schema,DC=X
objectClass:attributeSchema
linkID: 1209
schemaIdGuid::7Y6lr5imfkGfVvrVQlLF9A==
searchFlags: 0
dn:
changetype:ntdsSchemaModify
replace:schemaUpdateNow
schemaUpdateNow: 1
-
dn:CN=Organizational-Person,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msDS-HABSeniorityIndex
-
dn:CN=Organizational-Person,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msDS-PhoneticDisplayName
-
dn:CN=ms-Exch-Organization-Container,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msExchHABRootDepartmentLink
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:location
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:thumbnailPhoto
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msDS-HABSeniorityIndex
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msDS-PhoneticDisplayName
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msOrg-GroupSubtypeName
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msOrg-IsOrganizational
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msOrg-Leaders
-
dn:CN=Group,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msOrg-OtherDisplayNames
-
dn:CN=Mail-Recipient,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msDS-HABSeniorityIndex
-
dn:CN=Mail-Recipient,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msDS-PhoneticDisplayName
-
dn:CN=Top,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msOrg-LeadersBL
-
dn:CN=Top,DC=X
changetype:ntdsSchemaModify
add:mayContain
mayContain:msExchHABRootDepartmentBL
-
dn:
changetype:ntdsSchemaModify
replace:schemaUpdateNow
schemaUpdateNow: 1
-
如果当前的域控制器是windows 2008或windows 2008 R2请直接运行
LDIFDE -i -f schema_file.txt -c DC=X #SchemaNamingContext
如果当前的域控是早于windows 2008之前的,请运行
LDIFDE -f [domain_data.txt] -s [server_name] -p BASE
打开在步骤 4 中创建的 domain_data.txt 文件,并查找名为“schema”的字符串。从该部分中复制下列以“CN=schema,”开头的文本,并保存该文本。此文本包含了 RootDSE 条目并用于导入步骤 6 中的 HAB 架构扩展。例如,该文本可能类似于下列字符串(在该字符串中,Contoso 用作占位符):
CN=Schema,CN=Configuration,DC=Contoso-dom,DC=Contoso,DC=com
LDIFDE -i -f schema_file.txt -c DC=X <RootDSE_entry>
LDIFDE -i -f schema_file.txt -c DC=X #SchemaNamingContext
2. 在AD建立需要在通讯簿里的组织单位
3. 在Exchange 2010 EMC建立需要在通讯薄显示出来的通用安全组,首先建立的根组
收件人配置-----通讯组----新建通讯组
按上面的方法,建立所有的通讯组,建立完成后如下所示
4. 在DC上打开ADSIEDIT.MSC,在ADSI编辑器----连接到-----默认命名上下文
打开OU=HAB,CN=ContosoLtd,右键“属性”,复制distinguishedName的值
CN=ContosoLtd,OU=HAB,DC=contoso,DC=com
5. 启用分层通讯薄,打开ADSI编辑器----配置,定位到CN=Services,CN=Microsoft Exchange,CN=CN=First Organization(exchange组织名)右键。点属性
找到msExchHABRootDepartmentLink,将刚才复制的值粘贴到这里,并按确定。
6. 设置组为通讯组。打开ADSI编辑器----默认命名上下文
OU=HAB,CN=ContosoLtd,选择右键属性,将msOrg-IsOrganizational设置为TRUE
同样将其它的通讯组的msOrg-IsOrganizational设置为TRUE
6. 设置组和组成员的排序顺序,打开ADSI编辑器----默认命名上下文
OU=HAB,CN=ContosoLtd,选择右键属性,将msDS-HABSeniorityIndex设置值,值越大,在通讯薄的位置越靠前。
同样将其它通讯组msDS-HABSeniorityIndex设置值,如果值相同会以显示名称的字母排序。
右键CN=User(组成员)属性,同样设置msDS-HABSeniorityIndex。
7.将组和组成员添加到相应的组里,在此例,ContosoLtd为根组,将HR和IT添加到ContosoLtd组,将用户添加到相应的组里
8. 更新通讯薄
在EMS执行
Get-OfflineAddressBook | Update-OfflineAddressBook
或在EMC---组织配置 ---邮箱---脱机通讯薄,右键“更新”
到此为此,重启outlook2010客户端,正常情况下打开outlook 2010的通讯薄,可以看到通讯薄的组织选项,并可以看到分层的通讯薄。
如果在outlook 2010客户端没有显示出“组织”选项,则打开ADSI编辑器检查
ADSI编辑器-----架构 -----CN=Schema,CN=Configuration,DC=contoso,DC=com------CN=ms-Exch-HAB-Root-Department-Link右键
检查isMemberOfPartialAttributeSet的值是否为TRUE,如果是False修改为TRUE并重启Exchange服务器。
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-6-30 13:52:07
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡