Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

 

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: RE: [ActiveDir] System.DirectoryServices namespace in .NET: site awareness
Prev Next
You are not authorized to post a reply.

AuthorMessages
bdesmondUser is Offline

Posts:843

05/30/2010 9:45 PM  
Yep what was recommended to me was to define an AD MA which projects every user/group to the MV as a custom object type and just import the samAccountName to a custom attribute (e.g. samAccountNameIndex or something) and then you can call Utils.FindMvEntries(yourVal, "samAccountNameIndex").

Thanks,
Brian Desmond
brian@briandesmond.com

c - 312.731.3132

From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Thomas Vuylsteke
Sent: Sunday, May 30, 2010 2:51 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] System.DirectoryServices namespace in .NET: site awareness
Sensitivity: Confidential

I think the following article can serve as a reference for everyone stumblin on this topic:
http://msdn.microsoft.com/en-us/library/ms696019(VS.85).aspx

That indeed uses functions such as "Utils.FindMVEntries" which query the MV.

Thanks for the push in the right direction Brian.

From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Thomas Vuylsteke
Sent: zondag 30 mei 2010 21:39
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] System.DirectoryServices namespace in .NET: site awareness
Sensitivity: Confidential

I have followed a 4-day course of FIM and I have been playing around with it, so my experience is rather limited.

What I want to accomplish is an attribute flow which generates a unique account name based on the first and last name which comes from an HR source. Currently I'm using the sub MapAttributesForImport which I extended to query AD and do it's magic.

I can see how querying the MV is advised,but at first (and currently) I had no clue how to search it. So I will take a look into that. Thanks for the advise.

Regards,
Thomas


From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: zondag 30 mei 2010 21:23
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] System.DirectoryServices namespace in .NET: site awareness
Sensitivity: Confidential

Yeah all that uses ADSI which will ultimately invoke DC Locator. You want the second option with "LDAP://DC=constoso,DC=com". The syntax for the third option is "LDAP://dc01.contoso.com/dc=contoso,dc=com". I don't know if Option 1 is even a permitted constructor.

As a side note my understanding is that it's not really best practice to make calls out from provisioning code/rules extensions like this. I've been advised in the past to import all samaccountname values in AD into a custom object type/attribute and then search the MV.

Thanks,
Brian Desmond
brian@briandesmond.com<mailto:brian@briandesmond.com>

c - 312.731.3132

From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Thomas Vuylsteke
Sent: Sunday, May 30, 2010 2:18 PM
To: activedir@mail.activedir.org
Subject: [ActiveDir] System.DirectoryServices namespace in .NET: site awareness

I've been playing around a bit in .NET to get a rules extension for a FIM MA.

In the extension I do a LDAP search against Active Directory to find out whether a given AccountName is already in use. Now I was wondering if anyone knows whether the following lines of code are "AD sites&services" - aware. Meaning it will locate a DC to use in the same site as the code is being ran from.

Dim objDeSearchRoot As New DirectoryEntry()

è Should take the domain of the server where the code is being ran

è How will it locate a DC? Will it bluntly use the current logon server? What if that one is unavailable, will it use search another one?

Dim objDeSearchRoot As New DirectoryEntry("LDAP://contoso.com")

è Same question as above, how will it locate a DC? Will it use DNS to lookup an IP for "contoso.com" and hence use some round roubin and 0 site-awareness

Dim objDeSearchRoot As New DirectoryEntry("LDAP://DC01.contoso.com")

è Well can't see how this makes sense, DC down is no more lookups


The following MSDN site explains the different options for binding, but not really how the DC location process works.
http://msdn.microsoft.com/en-us/library/ms815618


P.S. either way I'm not hardcoding strings in the DLL, I'm using a XML besides it.

You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > RE: [ActiveDir] System.DirectoryServices namespace in .NET: site awareness



ActiveForums 3.7
Friends

Friends

VisualClickButoton
Members

Members

MembershipMembership:
Latest New UserLatest:Dallas
New TodayNew Today:1
New YesterdayNew Yesterday:2
User CountOverall:4871
People OnlinePeople Online:
VisitorsVisitors:53
MembersMembers:0
TotalTotal:53
Online NowOnline Now:

Ads

Copyright 2009 ActiveDir.org
Terms Of Use