Transporter Directory Synchronisation and Sub-Domain Routing Between Exchange 2007 (2010) and Lotus Domino r8
This post covers some of the challenges faced when using the Microsoft Transporter Suite to perform Directory Synchronisation (Synchronization for US citizens!) between Exchange 2007 and Lotus Domino (Lotus Notes), and then introducing a sub-domain routing topology during the migration period. Detailed technical documentation is hard to come by for this.
The version of Lotus Notes in my example is r8. I mention Exchange 2010 in the post title, as Microsoft current advise deploying certain Exchange 2007 technologies (eg- Transporter Suite) to facilitate a migration from Lotus Notes to Exchange 2010.
By following the detailed Transporter documentation (free download alongside the Transporter binaries) a basic Directory Synchronisation can be achieved, with Lotus Notes addresses represented in Active Directory, and Exchange addresses represented in Domino.
Things get interesting when you try and implement a sub-domain routing topology to allow for a single domain name-space to be used for both Domino and Exchange. For example, if CONTUSO.COM was being migrated from Domino to Exchange 2007, then best-practice dictates you implement Transporter Suite DirSync, an SMTP connector between the two environments, and route all inbound internet email via Exchange. Then start migrating mailboxes. This, of course, is trivialising a complex operation.
However, a key aspect of this situation is the ability to use sub-domains for email routing.
For emails from Exchange to Domino, you could use the namespace: @NOTES.CONTUSO.COM
For emails from Domino to Exchange, you could use the namespace: @EXCHANGE.CONTUSO.COM
There are two aspects to this:
1) Internet email needs to be go via Exchange to Domino. It would be great if we could get all Domino addresses into AD with an accurate relay address to get the emails onto Domino. In reality this is rarely the case, and to mitigate the issue, Exchange 2007 allows for an SMTP connector to forward all mail it cannot match to AD, onto a Smart Host (Domino). So no real issue here.
2) During the migration there will be users on both Domino and Exchange. The Exchange users need to be able to email Domino users from the Global Address Book (GAL). Therefore the Windows Contact objects need to contain a valid Target Address (relay) field.
This is where the main reason for this post appears….
The default Target Address generated by Transporter to represent a Domino user would be as follows:
Fred_Bloggs/CONTUSO%CONTUSO@notes.contuso.com
The problem is that the FULL NAME field in the Notes Person Record for this user = “Fred Bloggs”, with no underscore character. Mail to this address may not be delivered and generate a Non Delivery Report (NDR). Transporter has inserted the underscore character to replace the space character, as that is not valid in an SMTP address.
If your Domino environment is small, maybe you manually (or via an Agent) add an additional address for each user with the underscore. But if there is a large number of users this may not be possible.
All is not lost though. In the Transporter application Windows folder structure, there are a set of configuration files that are used by Transporter. This can be manipulated to help with this situation.
Typically the files are under c:\program files\microsoft transporter tools\config\connector\*
The file you are after is dominotoexchangerules.tbl
Backup all files in this folder before you start making any changes, and do all your tests in a lab environment before committing to production.
The section in the dominotoexchangerules.tbl file you need is:
Alias = ISEQUAL( Alias, “”, ISEQUAL( InetAddr, “”, SecALIAS, Strip( InetAddr, “@”, “L”, “R” ) ), Alias )
DispName = ISEQUAL( Resource, “”, X500( FullName, “CN” ), Strip( FullName, “;”, “L”, “R” ) )
Name = Strip( FullName, “;”, “L”, “R” )
LastName = ISEQUAL( LastName, “”, ISEQUAL( FirstName, “”, X500( FullName, “CN”), “” ) , LastName)
NOTESADDR = NotesLocal “@” MailDomain
TA = ISEQUAL( FwdAddr, “”, ISEQUAL( CFGPARM(“DominoSmtpDomain”), Strip( InetAddr, “@”, “L” ), InetAddr, ISEQUAL(SmtpLocal, “”, SmtpLocEsc, SmtpLocal) “%” MailDomain “@” CFGPARM(“DominoSmtpDomain”)), FwdAddr )
For details on the syntax used do a search on Google for “Exchange 2003 Lotus Notes Connector TBL”. The syntax used for Exchange 2007 is similar, but not the same.
The trick is to edit the file so it looks like this:
Alias = ISEQUAL( Alias, “”, ISEQUAL( InetAddr, “”, SecALIAS, Strip( InetAddr, “@”, “L”, “R” ) ), Alias )
DispName = ISEQUAL( Resource, “”, X500( FullName, “CN” ), Strip( FullName, “;”, “L”, “R” ) )
Name = Strip( FullName, “;”, “L”, “R” )
LastName = ISEQUAL( LastName, “”, ISEQUAL( FirstName, “”, X500( FullName, “CN”), “” ) , LastName)
NOTESADDR = NotesLocal “@” MailDomain
;TA = ISEQUAL( FwdAddr, “”, ISEQUAL( CFGPARM(“DominoSmtpDomain”), Strip( InetAddr, “@”, “L” ), InetAddr, ISEQUAL(SmtpLocal, “”, SmtpLocEsc, SmtpLocal) “%” MailDomain “@” CFGPARM(“DominoSmtpDomain”)), FwdAddr )
TA = STRIP(PriSMTP, “@”, “L”, “R”) “@notes.contuso.com”
This has placed a semi-colon at the front of the original line starting with TA = , and then added a new line for this parameter, which will generate a Target Address using the left-hand side of the internet address and the SMTP sub-domain name-space used to route mail to Domino.
There is an entry in the GUI config of the Transporter to specify the Domino SMTP domain also – good idea to put in the same sub-domain value here. This is what was used to generate the default TA value, and is overridden by the change I suggest. However, I advise setting it anyway as a reference.
Note: if you wish, you can use an alternate naming format based on the alias value. You just use this line instead: TA = Alias “@notes.contuso.com”
The reason I do not generally recommend the use of the Alias@notes.contuso.com name format is that in Domino your Resources and Mail-In Databases do not have an Alias value set, and have no Alias field that can be populated. However, they do have an internet address field set. Therefore, you can include them in Dir Sync by populating them all with a valid internet address. This will allow them to appear in the Exchange GAL via Dir Sync. If they have a blank internet address field in Domino, they will not appear in the Exchange GAL via DirSync.
Once you have made the change, you need to remove all the Lotus Notes Windows Contacts from AD, restart the Transporter Directory Sync Windows Service, and force a Full Sync from Domino to Exchange.
(Don’t forget, you can always go back to the original configuration if this produces results you do not expect.)
In Exchange 2007 Management Console (EMC), check the Target Address fields after the Sync has completed. You should see the new format of firstname.lastname@notes.contuso.com . This is now a valid Target Address for Domino user mailboxes. Domino is tolerant of receiving emails that are not an exact match – it will perform a series of look-ups to try and get a match.
The new Target Address for the example user will now be:
Fred.Bloggs@notes.contuso.com
Now you need to edit the exchangetodominorules.tbl file in a similar way. For this file you need to comment out the line starting with “FwdAddr ……” and replace it with this line.
FwdAddr = STRIP(PriSMTP, “@”, “L”, “R”) “@exchange.contuso.com”
This will generate an address entry in the Domino Address Book for any new Exchange mailboxes, and will stamp a forwarding address of format:
John.Bloggs@exchange.contuso.com
You have a successful sub-domain routing mechanism for mail flow and DirSync setup between Domino and Exchange 2007. You can start looking at Free/Busy, and at the actual migration.
As always, test this to your own satisfaction in a private lab scenario.
This entry was posted on Monday, February 1st, 2010 at 11:02 pm and is filed under Transporter. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
March 18th, 2010 at 4:33 pm
Great post, I bet a lot of work and research went into this article.
March 19th, 2010 at 9:11 pm
Thanks for the comment – good to know people are using the information !
April 8th, 2010 at 11:38 pm
This solution requires two namespaces, one at domino side and another at exchange end.
@notes.cuntaso.com
@exchange.cuntaso.com
how to achieve a solution with only one namespace at both the ends. i.e @cuntaso.com
April 13th, 2010 at 3:58 am
Excellent post, however, when using internal subdomains for routing and using only the Transporter Suite as an interface for directory synchronization you are still in fact missing a very key point when dealing with successful coexistence.
This is the known issue surrounding changes to repeating meetings between Domino and Exchange. When repeating meetings are modified using SMTP mail between Domino and Exchange, there is are significant problems associated with these changes not being properly reflected on the other platform. this is due to the fact when Notes clients see any form of SMTP address, they perform iCal and MIME Conversions at the workstation level. With differing versions of workstation client implementations within a signal company you get differing results.
Additionally when messages are sent between the platforms as well as to external entities, these internal subdomains are also sent to the external people. As a direct result when the external entity performs a reply to all, they receive non delivery failures for the people listed with the sub domain values. They only way to circumvent this is to establish MX Records for the specific sub domains on the dirty side of the firewall.
Additionally you have no solution for work-flow enabled messages generated from applications. More often than not in complex Domino infrastructures, you will encounter applications that send programmatic objects to users that were on Notes. When the server or the user sends these, the workstation changes the message to mime immediately, thereby removing and code that was intended to be sent to the user.
I would suggest that you take these into consideration when considering any Enterprise level migration or you will leave the customer with a very poor and half thought coexistence solution.
Thank you.
April 14th, 2010 at 9:17 pm
Thanks for the continued interest in the website. To answer your question, I would recommend staying with the the two namespaces unless there was a good reason not to. If you wish to not use the two namespaces (sub-domain routing) then you can do it, but you can’t have Address Book entries for users on the opposing mail systems. But you can set Domino and Exchange to route “non-matched” emails to a smart-host. But you lose out on so much with that approach. There is an impact using sub-domains but in my experience the pros outweigh the cons. Happy to hear further information on why you are keen to not use the sub-domain solution.
April 14th, 2010 at 9:25 pm
Thanks for the detailed feedback on the website. You have provided valuable additional details on the pitfalls of coexistence. The advice I have passed on is based on my experiences, and certainly, overall, the sub-domain solution to co-existence gives the better “user experience” during co-existence when compared to alternatives. However, I appreciate that there are many different scenarios that may be presented where this may not be the case – such as the ones you mention. Good to have the information available here for people to read and make informed decisions on their situation.
May 13th, 2010 at 10:09 pm
Hi
Thanks for this post.it is really awesome.
I will appreciate if you can provide the complete mail routing from domino to exchange and vice versa using sub domain architecture.
for ex. when a client sends a mail from lotus client to exchange user it will check the domain part of the email address and will check the foreign SMTP domain document for the virtual domain of the user and will redirect the mails to the Exchange server which is listed in the connection document.
please provide the detailed step from bit the ends.
May 31st, 2010 at 9:56 pm
Hi there, thanks for the comment/question. I assume you are using sub-domain routing similar to my description. For the sub domain routing I can further explain it in two parts:
1. Domino to Exchange. You will create a new Foreign Domain, called Exchange, and use Dir Sync to import the Exchange mailbox addresses into the Domino Address Book. They will appear in the Domino Address Book under the new Domain Exchange, with an internal Domino user name of “/Exchange” , and a forwarding address of “alias@exchange.contuso.com@exchange”. Then when someone emails that address from Domino the email is sent to the Exchange Foreign Domain, which you created, and the “Exchange” part is stripped off as the email is routed through the connector to Exchange, leaving the normal SMTP address to match up to the Exchange mailbox.
2. Exchange to Domino. Setup the Transporter Suite Directory Connector to stamp the Domino addresses in Exchange with alias@notes.contuso.com. Then in Exchange you have a Send Connector with that Address Space to route to Domino. Domino is set to receive mail for that address space in the Global Domain document.
The Microsoft Transporter document covers this is good detail.
I have further customised the Transporter TBL files to use firstname.lastname@exchange.contuso.com as well, as it is more clear when emails are being addressed by users. I will post the configuration details shortly.