Triggers in AD
-
30. dubna 2012 0:36
I wonder if AD has a Trigger feature? Or how can I make a trigger for AD? I mean, if the triggers are not implemented in AD, what can I do in order to emulate a trigger?
I already created a trigger in Oracle to Ldap. But I wonder if I can make it in the other direction. So I can synchronize Ldap with Oracle.
I couldn't find documentation for this, and I am not sure how can I achieve this.
Thanks in advance.
Všechny reakce
-
30. dubna 2012 1:29
I'm not 100% sure, but I'm about 80% sure that the Jet database which is used for AD does not support triggers. It's not a full relational database management system.
You might be wise to take a look at a synchronisation/identity management solution. Microsoft has one named Microsoft Forefront Identity Manager 2010.
In the case of FIM2010, it does not provide realtime replication, however if you make use of the delta import, delta synchronise and export run routines, they are extremely quick and you could - depending on your rate of change, schedule each cycle to occur, say, 5 - 10 minutes apart.
Cheers,
Lain -
30. dubna 2012 4:15You will need to look for an external synchronisation tool. If you don't want to look at coding/scripting something yourself, you could look at formal toolsets such as Microsoft's Forefront Identity Manager or Quest One Quick Connect.
Tony www.activedir.org blog:www.open-a-socket.com
-
30. dubna 2012 8:17
Hello,
For synchronizing, you can see if Oracle have an utility for that. Example: http://docs.oracle.com/cd/B14099_19/idmanage.1012/b14085/odip_actdir001.htm#CHDBHCDD
More if you contact Oracle Technical Support.
Also, you can try using 3rd party utilities like Quest ones or you can use a synchronization script and schedule it.
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.Microsoft Student Partner 2010 / 2011
Microsoft Certified Professional
Microsoft Certified Systems Administrator: Security
Microsoft Certified Systems Engineer: Security
Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft Certified Technology Specialist: Windows 7, Configuring
Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer -
30. dubna 2012 11:11
Hello,
in addition you may also check http://social.technet.microsoft.com/Forums/en-US/identitylifecyclemanager/thread/dd5d16e6-ca57-45f9-8c2e-7a88755dce0d/ and http://forums.anandtech.com/showthread.php?t=2051207.
But as other stated already, without FIM or similar tools you cannot achieve this.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
-
1. května 2012 19:04Moderátor
Active Directory is not a Database that has the same features as something such as Oracle or SQL server have. So no, there are no triggers available. I used to sync LDAP nightly with Oracle but I had to run a nightly job, there was nothing to trigger it. You could use something like SCOM to trigger changes.
--
Paul Bergson
MVP - Directory Services
MCITP: Enterprise Administrator
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, Vista, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com Twitter @pbbergs
http://blogs.dirteam.com/blogs/paulbergsonPlease no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.
-
3. května 2012 14:14
THANKS FOR ALL THE REPLIES. They are all them very usefull, and I already check the information that you gave me. Does anybody know about a open source sync tool? or imagine how to develop such a tool? Maybe implementing a persistent search or reading logs?? what do you think?..
THANKS AGAIN.
-
3. května 2012 14:20
THANKS FOR ALL THE REPLIES. They are all them very usefull, and I already check the information that you gave me. Does anybody know about a open source sync tool? or imagine how to develop such a tool? Maybe implementing a persistent search or reading logs?? what do you think?..
THANKS AGAIN.
You have to develop a script / tool which reads AD attributes and sync them with Oracle and the same from Oracle to AD attributes (That depends of what you want to achieve).
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.Microsoft Student Partner 2010 / 2011
Microsoft Certified Professional
Microsoft Certified Systems Administrator: Security
Microsoft Certified Systems Engineer: Security
Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft Certified Technology Specialist: Windows 7, Configuring
Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer- Označen jako odpověď SMJuan 3. května 2012 17:17
.png)
