Become a Columnist Microsoft Exchange Site Microsoft Support SiteMSDN Exchange Site

   

Subscribe to OutlookExchange
What's New
Columnist
Anderson Patricio
Ann Mc Donough
Bob Spurzem
Brian Veal
Catherine Creary
Cherry Beado
Colin Janssen
Collins Timothy Mutesaria
Drew Nicholson
Fred Volking
Glen Scales
Goran Husman
Guy Thomas
Henrik Walther
Jason Sherry
Jayme Bowers
John Young
Joyce Tang
Justin Braun
Konstantin Zheludev
Kristina Waters
Kuang Zhang
Mahmoud Magdy
Martin Tuip
Michael Dong
Michele Deo
Mitch Tulloch
Nicolas Blank
Pavel Nagaev
Ragnar Harper
Ricardo Silva
Richard Wakeman
Russ Iuliano
Santhosh Hanumanthappa
Steve Bryant
Steve Craig
Todd Walker
Tracey J. Rosenblath
Development
More Resources
Software
Other Links
 
   

Creating a Rules Extension
Page 1 | Page 2 | Page 3 | Page 4

c.       You should end up with the following:

d.      Review of the code

1)      If mventry("cn").IsPresent Then

?        Checks to see if the projected object in the metaverse has a value for ?cn?, which is required to create an object in the AD.

2)      Connected_AD_MA = mventry.ConnectedMAs("Target Domain")

?        This line sets the variable that tells the code which MA connector space the code will be working with.? In this code, objects will be created and manipulated in the connector space of the ?Target Domain? MA.

3)      rdn = "CN=" + mventry("cn").Value

?        Sets the rdn (relative distinguished name) for the object being created.

4)      dn = Connected_AD_MA.EscapeDNComponent(rdn).Concat(ParentContainer)

?        Builds the full dn (distinguished name) for the object.? Example: ?cn=jsherry,ou=users,ou=CTU,dc=domainC,dc=izzy,dc=org?.

?        EscapeDNComponent escapes, or encapsulates, characters that are invalid by default in a DN.

?        Concat(ParentContainer) returns an object that represents the OU that the ParentContainer points to.

5)      If Connected_AD_MA.Connectors.Count = 0 Then

?        Checks to see if there is a connection to MA CS, which there should not be.

6)      csentry = Connected_AD_MA.Connectors.StartNewConnector("user")

?        Creates a new connector, or object, in the connector space of the type ?user?.

7)      csentry.DN = dn

?        Sets the DN of the new object.

8)      csentry("unicodepwd").Values.Add("Passw0rd!")

?        Sets the password for the new object.

9)      csentry("userAccountControl").Values.Add("512")

?        Set the userAccountControl, which controls if the account is enabled among other things.

10)  csentry.CommitNewConnector()

?        Commits, or saves changes to the CS.? At this point the object is created in the CS, and when the MA for this CS runs in export mode, the object will be created in the target data source.

e.       Customize the code for your environment

1)      REQUIRED: Edit the ?Dim ParentContainer As String =? line

?        This variable stores the OU where new objects will be created. ?Change the path to be valid for your environment.? In my environment, my domain is domainc.izzy.org.? I created a root level OU called ?CTU,? and an OU called ?Users? under it.? The canonical path would be domainC.izzy.org/CTU/Users.

2)      Optional: Edit the? ?csentry("unicodepwd").Values.Add("Passw0rd!")? line. ?Change ?Passw0rd!? to be the desired default password for new users

3)      Optional: If you want the new accounts to be disabled, change 512 to 514 in the csentry("userAccountControl").Values.Add("512") line

?        For more information on the userAccountControl attribute, see KB305144

?        Another trick is to use ADSI Edit to view this attribute after you set the Account Options on an account in Active Directory Users & Computers.? All Account Options, and a few others, are stored in this single attribute in the AD.

4)      Optional: If you want to set other attributes, you can add a similar line to the one above by replacing ?userAccountControl? with the attribute you want to set

?        Only attributes that are included in the attribute list on the MA can be set.? If you try to set an attribute that isn?t included, the rules extension will fail.

4.      Compile the DLL

a.       Choose Build MVExtension from the Build pull-down menu

b.      Confirm that ?1 succeeded? is shown in the Output section

c.       Close Visual Studio

5.      Select the MVExtension rules extension created

a.       Click Browse? on the Option screen that was opened earlier in Identify Manager

b.      Select ?MVExtension.dll? and click OK

c.       Confirm your settings match those below

d.      Click OK

Creating a Rules Extension
Page 1 | Page 2 | Page 3 | Page 4

Disclaimer: Your use of the information contained in these pages is at your sole risk. All information on these pages is provided "as is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Stephen Bryant or Pro Exchange. OutlookExchange.Com, Stephen Bryant and Pro Exchange shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

Copyright Stephen Bryant 2008