We are migrating to Microsoft Online Services, BPOS in particular. We do not run Exchange in our new production environment. However, we do want to take advantage of syncing certain AD attributes to the hosted service. For this we figured we could simply extend the schema of AD with the Exchange 2007 install media to get access to the attributes.
I spun up a test VM running as a domain controller and mounted the Exchange 2007 SP1 media and launched an admin command prompt (Box is a 2008 R2 server standard). I ran "setup /prepareschema".
I rebooted the DC and checked the user attributes using ADUC and the Advanced View Attribute Editor and none of the exchange attributes are showing up.
Note: I also ran another test to include the following commands and nothing shows up again:
"setup /prepareschema"
"setup /preparead /organizationname: "MyOrg"
"setup /preparealldomains"
However, after doing all of this none of the schema attributes show up. Does anyone have any idea on how to get the schema loaded or what I might be missing? Let me know if you need more details.
What are you expecting to see? Having just checked a user account with an Exchange mailbox and another without a mailbox, only the user with a mailbox is showing Exchange attributes on the attribute editor.
As for how to edit the attributes, you can use ADSI Edit or something like AD Explorer from Sysinternals. Personally though (for no real reason, though there probably is one) I wouldn't be caught editing Active Directory attributes with these tools unless something had gone very wrong, and especially not to just update user attributes.
These tools do exactly what you ask them to and do not question it, unlike ADUC which will warn you when you might be about to do something stupid.
http://support.microsoft.com/kb/934761 http://www.msexchange.org/articles_tutorials/exchange-server-2007/planning-architecture/Exchange-server-2007-extends-active-directory-schema.html
Also make sure you run it as a user, who can extend the schema...I know it goes without saying, but you never know. If you are not sure, check the group "Schema Admins". Even if you are a domain admin, you are not in that group by default.