LDAP: managing exchange features using protocolsettings attribute

Active Directory stores the contents of the “Exchange features” tab in various attributes. The protocol settings for Outlook Web Access, POP3 and IMAP4 are stored in the attribute “protocolSettings” (multi-valued). If you leave everything to default, this attribute is not populated for new user accounts. If you change a setting this attribute will get a value. The possible values are:

• HTTP§0§1§§§§§§
• POP3§0§1§4§ISO-8859-1§0§§§
• IMAP4§0§1§4§ISO-8859-1§0§1§0§0

The first number value after the § determines if the protocol is enabled. In the above listing, all protocols are listed with number 0 as first value, so they all are disabled. To enable, replace the 0 with a 1, leaving the rest of the string untouched. The other values on the “Exchange features” can be modified as well using the msExchOmaAdminWirelessEnable attribute. The value for this attribute changes all 3 settings:

• 0: All enabled
• 1: OMA = Yes, UIS = Yes, UtdN = No
• 2: OMA = No, UIS = Yes, UtdN = Yes
• 3: OMA = No, UIS = Yes, UtdN = No
• 4: OMA = Yes, UIS = No, UtdN = Yes
• 5: OMA = Yes, UIS = No, UtdN = No
• 6: OMA = No, UIS = No, UtdN = Yes
• 7: All disabled

On Exchange 2007, use the PowerShell cmd-let “Set-CASMailbox”, for instance:

• Set-CASMailbox “CN=user,OU=accounts,DC=tools4ever,DC=local” PopEnabled $true
• Set-CASMailbox “CN=user,OU=accounts,DC=tools4ever,DC=local” ImapEnabled $false

• exchange
• ldap
• powershell