ILM 2007 FP1 has enabled possibility for Exchange 2007 support in provisioning scenarios. This is being provided by cmdlets which are part of Exchange 2007 management tools which are required for this scenario to work (make sure that You are using Exchange roll-up 4 or higher update as there is a bug in earlier versions).
Pretty simple installation, however last time I did it at customer side, when I tried to export AD object with Exchange 2007 provisioning enabled I got very meaningful error: extension timed out.
I had to say that when this issue occurred I forget about golden rule of troubleshooting and I spent some time trying to find different causes. This golden rule is: AT THE END THIS IS ALL ABOUT NETWORK TRAFFIC. USE SNIFFER STUPID.
So – between ILM box and Exchange server on which mailbox will get created you need to open same ports for communication like between Exchange management console and server. And these ports are:
- TCP/5000-5100 for RPC (this actually can be adjusted)
Once this was enabled everything works as a charm. OK – one additional adjustment was required. Remember that if you work against Exchange cluster allow traffic to its virtual name not physical boxes.
IMO internal network firewalls cause in most cases more problems than protection it gives … but at the end it is not me who set rules in corporate networks.