Converting an Exchange Userbase to Unix?

Jwfulcher asks: "This is kind of backwards from what normal people do, which is why i'm having problems finding any documentation on it, but I have around 150 users on exchange, with distribution lists and a few custom recipients as well. The CEO wants to switch to a Unix based POP/IMAP mail solution for licensing reasons (we don't use the groupware functions anyway), I was wondering if anyone knew of a method to convert the exchange userbase and add the users on a FreeBSD system and possibly point to our Radius server (which is capable of doing NT authentication) for authentication on those accounts."

couldn't resist

[trentfoley]

So, you want to exchange Exchange with little change for no change? Sorry I couldn't be more help...

Some suggestions

[Geek+Boy]

KMail (part of KDE) can import Outlook address books and folders. I'm sure that Evolution can help you too, but I don't know if that runs on FreeBSD very well.

You should be able to use PAM to do authentication to the Radius server. As for converting the users, you will probably have to write a script to do that. If there are tools to convert from unix to exchange, then I'm sure you can use those as a reference to do the inverse.

Re:Some suggestions

[Lazaru5]

Neither KMail nor Evolution or any MUA will help in anyway. These are end user applications. The Question is how do you convert an Exchange Mail Store (a broken DB based binary storage of everyone's mail) into 150 mbox or Maildir style Unix mailboxes, AND get their passwords out of Windows and into FreeBSD (if they're not kept in clear text in any billing software already.)

Your answer would be right if the question was "How do I switch from Outlook [Express] on Windows to some other mail program on FreeBSD?"

Slave Exchanges LDAP service with OpenLDAP

[fdragon]

One thing most people don't consider is that Exchange 5.5 and 2000 run their own LDAP services.

One method would be to setup OpenLDAP as a slave to the exchange server to pull all the DLs and so forth to your unix platform. From there (with redhat at least) it is pretty strait forward to use Sendmail's integration with LDAP to use that OpenLDAP store.

If you don't want to leave OpenLDAP running you can use the MigrateTools from padl.com to see how you can convert that OpenLDAP store back to something usable. Or just export the sections you need via GQ.

Re:Slave Exchanges LDAP service with OpenLDAP

[SuiteSisterMary]

Point of order: Exchange 2000 doesn't run it's own LDAP server; it requires Windows 2000 Active Directory to supply LDAP services.

I vaugely remember some older Ask Slashdot's about replacing AD with a different LDAP server.

Well..

[cmowire]

I'm not speaking from experience here, but here's a suggestion:

You can open an IMAP server in Outlook and open your Exchange server at the same time and just drag the mail across. For 150 people, you might need a little help to do this, but with a few helpers, it's not totally insurmountable.

Re:Well..

[Maserati]

Then you can use Mozilla as an IMAP client and you're done with Microsft. If you take long enough to start using a calendar, there's a very promising calendar module for Mozilla. It's standards-based and the newsgroup shows developer interest in multiuser or workgroup funtionality.

I've used Mozilla 1.0 as a mail client in a Fortune 500 company. It works juuuust fine. Calendaring functions aside, it's as good a mail client as Outlook, without the evil.

And if you're lucky enough to be on OS X, grab a copy of Mozilla 1.0a right away. The smoothed text is strikingly beautiful on a good monitor (I'm using Futura Book at work and it looks great).

For what it's worth, Mail.app is a fine mail client, but the original questioner is not planning on buying Macs.

Re:Well..

[Skuggan]

You *cannot* have IMAP and Exchange accounts at the same time on the same computer.

You have to choose between Internet mode (POP and/or IMAP) or Workgroup mode (POP and/or Exchange).

But there is no problem to create a Personal Folders file and save all info into.

Then you can reconfigure mailsupport in Outlook and and change to Internet mode, open the previously created .pst file and copy all mail to the IMAP server.

LDAP + Cyrus + PAM

[maeglin]

The site here describes how to create an Exchange replacement. If you want to use RADIUS you can probably find a PAM-RADIUS module to substitute for PAM-LDAP, or conversely replace your Radius server with a FreeRADIUS instance which can be backed by the LDAP server.

For moving users, enable the LDAP directory service on the Exchange server and you should be able to script (or find) some LDAP-to-LDAP migration tools. At worst, do a full directory search and massage the data into an LDIF file to be imported. Moving the mail data would be harder but I imagine something could be rigged up using the Exchange IMAP service, fetchmail, procmail and the Cyrus deliver command.

If you can find a BackOffice resource CD you should be able to create a way to access the Exchange store without even going through the LDAP and IMAP services.

Re:LDAP + Cyrus + PAM

[tzanger]

For moving users, enable the LDAP directory service on the Exchange server and you should be able to script (or find) some LDAP-to-LDAP migration tools.

The biggest problem is that the Outlook schema isn't totally documented (at least that I've found when I on and off look for it) -- the LDIF won't give that to you so you will have trouble importing it.

Re:you're not going to find a canned solution...

[tzanger]

Steltor makes a canned solution. We're evaluating it for our company. Very nice. About the same price as Exchange, though.

Re:what about calendaring

[penguinboy]

(we don't use the groupware functions anyway)

I don't suppose the above is relevant to your remark in any way, is it?

Re:what about calendaring

[Wolfier]

FYI, Outlook's calendaring still works, does not require Exchange, and will spill out nice iCalendar MIME media type if you don't use it with an Exchange server.

What client software?

[biglig2]

Split it into two problems.

One is moving all the data; the other is configuring the new server with all the account and address book information.

Assuming it is still proper Outlook, you can use exmerge (avaialable from Microsoft) to dump all the mail from the server into .PST files, distribute them to the users.

Failing that, (and assuming Exchange 5.5 or later)as other users have suggested, configure IMAP on the server and have the users suck the data down into their IMAP clients. (IMAP, rather than POP, so you can get folders other than just the inbox)

Also you can do a directory export to get a .csv file with all the account info in, use that to make your new mail server accounts. Easier than fiddling with LDAP etc. You can get the directory export any field associated with a mailbox - hint: run exchadmin/raw to get raw properties of a mailbox, then you can find out what the fields you want are called.

What are you trying to replace?

[Diamon]

Exchange, Outlook or both?

If it's Exchange you could do Outlook front-end to POP/SMTP/LDAP backend and go the cheap route. Or look into some of the offerings Oracle is going to have coming up which target to use Outlook as the front end with Oracle backend and save you money and give more security than Exchange.

If it's Outlook, good luck. Your choices of widely accepted front-ends are pretty much Outlook and Notes and any change requires training the userbase on the new software.

If it's both RUN! Conceptually it's not a bad thing, but in a Corporate environment someone wanting to do this is just suicide unless you're a very small shop with very educated users. And management will be looking for scapegoats when it fails.

Can you write macros!

[oliverthered]

There should be plenty of documentation about setting up Mail servers on UNIX, getting the data from exchange to the UNIX system may be a little harder though.

You best bets are fetchmail, A UNIX mail transport agent, this can pull all the mail accross (hopefully).

op failing that, setup you mail servers on UNIX and write some VB script (in outlook coes you have it already) to transfer the data/accounts accross using MAPI.

Force password change.

[Zapman]

I guess the first question is:

Do you mind using windows for authentication?

You could use pam/radius or pam/ldap to talk from freebsd to windows, and do the login thing. You would have to use virtual mailboxes, and no real logins to the freebsd box. You probably want that last bit anyway. Webmail/imap can be good with this kind of setup.

Otherwise, AFAICT, you're going to have to force everyone to change their passwords. Best bet is to take a weekend. Friday, have everyone archive their email, and turn off exchange so incoming mail gets queued. Do your transition, and monday when they come in, they'll use webmail/pop/imap.

Been there, done that

[Nailer]

• Open Outlook on each PC, and use the Outlook export wizard to export your mail from the Exchange message store (what you're looking at on your Exchange system) to a pDo whatever conversion is necessary to view such items in Evo if that's what you're usingersonal store (also known as a .PST file)
• Import this into Unix mbox format, for use with Evolution (or Kmail, but I'd use Evo, with Out 2 Unix.
• Export your contacts to a Personal Address book (.PAB file)
• Use LookOut to import the .PAB file ( to KAB or Gnomecard format). You might need additional conversion depending on your mail client.
• Think about paying a local software development house with QT or GTK programmers to make a little GUI wizard application to automate this process. It'll save you and your users time. Since the app isn't giving you any competitive advantage, Open Source it.

I don't know what Outlook does.

[jhubbard]

You only have 150 users, if worse comes to worse you can just recreate accounts. As all of the others have suggested you can use LDAP. The big thing is the user data.

I don't know if outlook does this. But, using mozilla I was able to copy from one account to another by just highlighting all of the messages and then right clicking and doing a copy to.

My suggestion is setup up the new box with sendmail, imap, ldap enabled. Setup imap on the exhange box and give them a mail reader that do the move. I would think that Outlook would work. Then during the night redirect all incoming e-mail from to the new box. Turn off sending e-mail and receiving e-mail on exchange if it can be done.

One possibility is to setup a front line box and have it redirect mail for only certain users so that you can do a few users at a time. You may have to do some hand holding to them to move their e-mail.

Just a suggestion.

You don't have to give up Groupware to migrate.

[Valdrax]

There's a Texas company that makes a plugin for Outlook, called InsightConnector, that allows it to do all its groupware features over any IMAP4 server with ACL support. It's not OSS, and it's not free, but it's supposed to be cheaper than MS Exchange.

You can find a review of it here.
The company's website is here.

The practically have to have experience in moving servers like this to have any business. You might try contacting them and seeing what they cost.

Re:You don't have to give up Groupware to migrate.

[Spoing]

...and I'm all out of mod points.

I'll second the comment on Bynari's InsightConnector and I'll add a plug for InsightServer. Much of what they offer is based on open source and open protocols. After checking into it, I found a few more tempting pluses;

* They respond to email! Yep, real people and reasonable answers -- no BS. Also, when one employee reciently went on vacation, his boss followed up instead of waiting a few more days for him to return. Excellent.

* Bynari provides a 1 month trial version with free support during the trial. (Smart, because if it works well you'll be more likely to buy it and won't likely need support after the first 30 days.)

* A new InsightServer licence is about the same price as upgrading from Exchange 5.5 to 2000.

* They have both low end (x86 PC) and high end (IBM mainframe) versions so either scaling up or testing the waters with a PC first are both options.

* Feature-for-feature mapping of Exchange vs. InsightServer so that Outlook clients that you do have (including calendering) work the same.

Don't Manually Export use Exmerge

[Llama+Keeper]

use Exmerge a nifty exchange exporting tool that comes on the exchange install CD its under /tools/utilities/ Batch export all users folders to PST files from the Exchange database then follow his suggestion to import.