Groups > Microsoft > Microsoft Metadirectory Services > Re: I need to score a quick win...




I need to score a quick win...

I need to score a quick win...
Wed, 12 Dec 2007 12:23:57 -080 
Hey folks, I'm hoping *someone* can help me here.

Somehow, I got put in charge of the MIIS 2003 SP2 GAL Sync
implementation.

Our environment:
- AD 2003 native mode
- Exchange 2003 SP2 native mode

Scenario:
We have a single forest with a single domain.  Another company that we
are required to work closely with has a separate forest with at least
one domain.

We want to import all the users from their domain into the MV, export
them to our domain as contacts and perform some actions on the
contacts in our domain...standard GAL Sync MA behavior.  Here's what I
want to happen:
1.  Query a certain OU in their AD and import everything that matches
the flow import rules into the MV.
2.  Query the Contacts OU in our AD and import everything into the MV.
3.  If the join is successful and
          if the contact record exists in the parent OU
               then update contact information
          else delete the contact in our OU
     else make a disconnector object out of it
4.  I don't want it to even try and update anything in their AD.  I
couldn't if I wanted to, because I have RO rights to their AD.
However, I don't even want the MA to try, when I do an export (it
wants to add another X500 addy to their accounts).

I have the symantics of how MIIS works down cold...that's not the
issue.  The issue is, that I know very little about coding.  I know I
need to change the behavior of the GAL Sync extension scripts via a VB
script editor.  I have both MS Visual Studio 2005 and Primal Script
Enterprise 2007 at my disposal.  However, when I highlight the MA and
click "Create Extension Projects", all I get is a generic file with
empty subs and functions like this:

HOWEVER...

Due to the fact that our companies work closely together, all our
employees are contacts in their AD.  Due to the way they have their AD
OUs configured, when I run the import process on the MA connected to
their domain, it imports all our people into the MV.  Additionally,
the flow import criteria that I added into the MA told it that if it
comes to a record that ends in "@ourdomain.com", not to process that
record...it does anyway.

Public Sub Initialize() Implements IMASynchronization.Initialize
        ' TODO: Add initialization code here
    End Sub

So...given that information, I have four questions:
1.  What am I doing wrong in the Import flow rules that it is still
processing contacts from our domain and how do I fix it?
2.  Where do I find the code that the MA is using to tell the MV what
to do with the data?
3.  How do I keep our MAs from trying to update their AD?
4.  How do I tell it to delete any contacts in a particular OU in our
AD, if they don't exist anymore in their AD?

PLEASE don't refer me to a MS document/walkthrough/class. I have been
to the MS 2731 class (MIIS 2003) in September.  However, classrooms
and real life don't very often match up...it's never as easy as it is
in class.  Also, I really don't have the time, nor does our company
have a working test environment for this kind of thing.  Lastly, my
micro-managing PHB wants this done by the end of next Thursday...I
really need to get this done ASAP.

Thanks for all your help,
Post Reply
Re: I need to score a quick win...
Wed, 12 Dec 2007 12:29:05 -080 
The middle of that paragraph should look like this:

...empty subs and functions like this:

Public Sub Initialize() Implements IMASynchronization.Initialize
        ' TODO: Add initialization code here
End Sub

On Dec 12, 12:23 pm, Tech Weenie <jhbl...@gmail.com> wrote:
> Hey folks, I'm hoping *someone* can help me here.
>
> Somehow, I got put in charge of the MIIS 2003 SP2 GAL Sync
> implementation.
>
> Our environment:
> - AD 2003 native mode
> - Exchange 2003 SP2 native mode
>
> Scenario:
> We have a single forest with a single domain.  Another company that we
> are required to work closely with has a separate forest with at least
> one domain.
>
> We want to import all the users from their domain into the MV, export
> them to our domain as contacts and perform some actions on the
> contacts in our domain...standard GAL Sync MA behavior.  Here's what I
> want to happen:
> 1.  Query a certain OU in their AD and import everything that matches
> the flow import rules into the MV.
> 2.  Query the Contacts OU in our AD and import everything into the MV.
> 3.  If the join is successful and
>           if the contact record exists in the parent OU
>                then update contact information
>           else delete the contact in our OU
>      else make a disconnector object out of it
> 4.  I don't want it to even try and update anything in their AD.  I
> couldn't if I wanted to, because I have RO rights to their AD.
> However, I don't even want the MA to try, when I do an export (it
> wants to add another X500 addy to their accounts).
>
> I have the symantics of how MIIS works down cold...that's not the
> issue.  The issue is, that I know very little about coding.  I know I
> need to change the behavior of the GAL Sync extension scripts via a VB
> script editor.  I have both MS Visual Studio 2005 and Primal Script
> Enterprise 2007 at my disposal.  However, when I highlight the MA and
> click "Create Extension Projects", all I get is a generic file
with
> empty subs and functions like this:
>
> HOWEVER...
>
> Due to the fact that our companies work closely together, all our
> employees are contacts in their AD.  Due to the way they have their AD
> OUs configured, when I run the import process on the MA connected to
> their domain, it imports all our people into the MV.  Additionally,
> the flow import criteria that I added into the MA told it that if it
> comes to a record that ends in "@ourdomain.com", not to process
that
> record...it does anyway.
>
> Public Sub Initialize() Implements IMASynchronization.Initialize
>         ' TODO: Add initialization code here
>     End Sub
>
> So...given that information, I have four questions:
> 1.  What am I doing wrong in the Import flow rules that it is still
> processing contacts from our domain and how do I fix it?
> 2.  Where do I find the code that the MA is using to tell the MV what
> to do with the data?
> 3.  How do I keep our MAs from trying to update their AD?
> 4.  How do I tell it to delete any contacts in a particular OU in our
> AD, if they don't exist anymore in their AD?
>
> PLEASE don't refer me to a MS document/walkthrough/class. I have been
> to the MS 2731 class (MIIS 2003) in September.  However, classrooms
> and real life don't very often match up...it's never as easy as it is
> in class.  Also, I really don't have the time, nor does our company
> have a working test environment for this kind of thing.  Lastly, my
> micro-managing PHB wants this done by the end of next Thursday...I
> really need to get this done ASAP.
>
> Thanks for all your help,
>
> Jim
Post Reply
about | contact