none
Which AD attribute of user and contact are used to join and keep link between AD user,contact ojbect and Connector Space object ? RRS feed

  • Question

  • We use MIIS.

    I guess there is AD value and SQL MIIS DB table column to join and keep link between AD user,contact ojbect and Connector Space object.

    Which AD attribute of user and contact are used to join and keep link between AD user,contact ojbect and Connector Space object ?

    Sunday, May 19, 2013 9:56 PM

Answers

  • Well you may think that the relation between AD and MIIS CS is always the DN (distinguished Name) as every AD Object has a DN.

    But that May not be True, As far as i can understand it has to be ObjectSID

    A simple test reveals that Moving an Object in AD should change the DN, still MIIS CS Object keeps connecting to the same user.

    Deleting and then adding again the SAME user in AD (no change in the DN), deletes the User from MIIS and adds it again, whereas only the ObjectSID has changed.


    Regards Furqan Asghar


    It is the objectGUID that is used as the anchor.

    My Book - Active Directory, 4th Edition
    My Blog - www.briandesmond.com

    Monday, May 20, 2013 3:29 PM
    Moderator

All replies

  • There's no default value. You have to check your MA configuration to determine which attributes are used for join. You can check it in join/projection rules tab of corresponding MA. It will be either direct, or with rules extension. Since you're on MIIS and not FIM, all joins are done in classical way.

    Monday, May 20, 2013 7:11 AM
  • Well you may think that the relation between AD and MIIS CS is always the DN (distinguished Name) as every AD Object has a DN.

    But that May not be True, As far as i can understand it has to be ObjectSID

    A simple test reveals that Moving an Object in AD should change the DN, still MIIS CS Object keeps connecting to the same user.

    Deleting and then adding again the SAME user in AD (no change in the DN), deletes the User from MIIS and adds it again, whereas only the ObjectSID has changed.


    Regards Furqan Asghar

    Monday, May 20, 2013 7:27 AM
  • Well you may think that the relation between AD and MIIS CS is always the DN (distinguished Name) as every AD Object has a DN.

    But that May not be True, As far as i can understand it has to be ObjectSID

    A simple test reveals that Moving an Object in AD should change the DN, still MIIS CS Object keeps connecting to the same user.

    Deleting and then adding again the SAME user in AD (no change in the DN), deletes the User from MIIS and adds it again, whereas only the ObjectSID has changed.


    Regards Furqan Asghar


    It is the objectGUID that is used as the anchor.

    My Book - Active Directory, 4th Edition
    My Blog - www.briandesmond.com

    Monday, May 20, 2013 3:29 PM
    Moderator