none
Adding partitions or renaming the object in a ECMA when the dnStyle is "None" RRS feed

  • Question

  • We have several ECMA MAs where the MA Capability dnStyle is “None”.  We are adding additional Object types into these various MAs for an RBAC model. The anchors on the MAs are GUIDs.

    We want to take advantage of adding partitions in the existing MAs. This will give us the ability to run a particular partition on demand and to allow references within the CS to be used between the object types in the MAs. 

    To have partitions in a MA requires a rename of the objects to create a dnStyle of LDAP/Generic style from None.  Renames of objects are not allowed when using a None dnStyle
    (See https://msdn.microsoft.com/en-us/library/windows/desktop/hh859564(v=vs.100).aspx).  

    If anyone has a creative idea how to rename the objects, or get partitions into a MA that has a dnStyle of None, or other solution would be appreciated.

    Thank you, Robin

    Tuesday, September 6, 2016 11:40 PM

All replies

  • Robin,

    I suggest creating a new ECMA MA using dnStyle of LDAP (we'll get to the naming later). Then import from the new MA running syncs to join to existing MV objects. Then clear the connector space on your old MA (of course you need to ensure that this won't cause any MV object deletions).

    As for naming the objects you can then do just like AD does when it has GUIDs as part of DN. CN=GUID,DC=Partition1

    CN=GUID,DC=Partition2

    CN=GUID,DC=Partition3

    etc.

    Then you can setup a run profile with steps for the different partitions.

    Hopefully you have some other attribute in the CD that you can use as partition.


    David Lundell, Get your copy of FIM Best Practices Volume 1 http://blog.ilmbestpractices.com/2010/08/book-is-here-fim-best-practices-volume.html

    Friday, September 9, 2016 11:05 PM