Become a Columnist Microsoft Exchange Site Microsoft Support SiteMSDN Exchange Site

   

Subscribe to OutlookExchange
What's New
Columnist
Anderson Patricio
Ann Mc Donough
Bob Spurzem
Brian Veal
Catherine Creary
Cherry Beado
Colin Janssen
Collins Timothy Mutesaria
Drew Nicholson
Fred Volking
Glen Scales
Goran Husman
Guy Thomas
Henrik Walther
Jason Sherry
Jayme Bowers
John Young
Joyce Tang
Justin Braun
Konstantin Zheludev
Kristina Waters
Kuang Zhang
Mahmoud Magdy
Martin Tuip
Michael Dong
Michele Deo
Mitch Tulloch
Nicolas Blank
Pavel Nagaev
Ragnar Harper
Ricardo Silva
Richard Wakeman
Russ Iuliano
Santhosh Hanumanthappa
Steve Bryant
Steve Craig
Todd Walker
Tracey J. Rosenblath
Development
More Resources
Software
Other Links
 
   

Configuring IIFP to Sync User Attributes
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7

7.      Click the Show All option

a.       Scroll down near the bottom of the list and select the ?unicodePwd? attribute and click Next >

?         This is the attribute that stores the user?s password.  This will be set by the rules extension created in the next part of this article.

8.      On the Configure Connector Filter screen, click Next >

?         This is where you could define filters to only include objects that have a department field equal to ?Sales?, for example.

9.      Configure join and projection rules

a.       Click on user under Data Source Object Type

b.      Then click New Join Rule? on the Configure Join and Projection Rules screen

i)        On the Join Rule for user dialog, scroll down the ?Data source attribute:? and select sAMAccountName

ii)      Under ?Metaverse attribute:,? select uid

iii)    Click Add Condition

iv)    Click OK on the warning message that the attribute is not indexed

?         We will add an index on this attribute later to address this issue.

v)      Confirm that your options match those below

?         This is the rule dialog where join rules are defined.  In the above example, the MA will search the metaverse for an object with a matching value.  If an object with a matching uid value is found, it will be linked to the connector object being created by this MA.

vi)    Click OK

c.       Confirm that the join and projection rules match those below and click on Next >

?         No projection rule is needed since all new objects will be created in the metaverse by the ?Source Domain? MA.  This MA will just be used to take objects and attributes from the metaverse and export them to the target domain.

10.  Configure the attribute flow settings

a.       Confirm that ?Mapping Type? is set to Direct and ?Flow Direction? is set to Export

b.      Select user from the ?Data source object type:? drop-down list and person from the ?Metaverse object type:? drop-down list

c.       Choose ?c? under ?Data source attribute:? and ?c? under ?Metaverse attribute? and click New

d.      Repeat for each of the following attribute pairs

Data source

Metaverse

co

co

department

department

description

description

displayName

displayName

givenName

givenName

homePhone

homePhone

info

info

initials

initials

l

l

mail

mail

mobile

mobile

postalCode

postalCode

sAMAccountName

uid

sn

sn

st

st

streetAddress

street

telephoneNumber

telephoneNumber

title

title

?         userAccountControl is not selected on purpose, this attribute will be used by the rules extension later.

e.       Confirm that your selection looks similar to those below and click Next >

11.  On Configure Deprovisioning, leave the default of Make them disconnectors and click Next >

12.  On the final screen, Configure Extensions, click Finish

C.     Adding a index on the UID attribute in the metaverse

?         When we linked the sAMAccountName attribute to the uid attribute, we were given a warning that an index did not exist on the uid attribute and performance will be impacted.  Using the steps below, we will setup an index on this attribute

1.      In the Identity Manage console, click on the Metaverse Designer button

2.      Select person from the Object type list

3.      Scroll down the list of attributes and select uid

4.      Click Edit Attribute under Actions to the right of attributes

5.      Click the Indexed check box and click OK

?         If you have extended your schema or want to sync attributes from other directories to the metaverse that are not listed, you can add new attributes on this page.

Configuring IIFP to Sync User Attributes
Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7

Disclaimer: Your use of the information contained in these pages is at your sole risk. All information on these pages is provided "as is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Stephen Bryant or Pro Exchange. OutlookExchange.Com, Stephen Bryant and Pro Exchange shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

Copyright Stephen Bryant 2008