Here is a script I wrote to do a simple GAL synchronization between two Exchange organizations. The script finds the mail-enabled users in one domain, and creates contacts for them in the other domain. Existing contacts will also be updated and deleted as needed. I’ve only tested this between two single-domain forests so far, and error checking [...]
I last blogged about provisioning home directories such a long time ago that I talked about Netware. I also used a SQL table alongside to keep track of a status field as I was doing some end-of-life management – zipping up the folder and stowing it in an archive location. But we don’t need to [...]
Here’s an unpleasant little fact you only find out if you need to: while you could rename a domain that hosted Exchange 2003, this functionality has been removed with Exchange 2007. Hmm. So what if you need to? Well a customer is insisting that it must be done, so I’ve had to do some investigations.
The AD management agent uses an account to connect to AD and, more often than not, this account is a member of Domain Admins. However in some organisations this is not acceptable. So what rights does it actually need?
This is a repost of an article which was originally about multivalue attributes in general, but with a focus on group members. I realised I had made some generalisations about multivalue attributes which actually specifically apply only to attributes like member, which contain reference DN values. So I am now re-releasing the post, with a [...]
I’ve already posted about the configuration options that are common to all MAs, so this post is about the options specific to the Active Directory MA, though much of it will also apply to the other LDAP-types – Sun and Netscape, Netware, ADAM, IBM Directory Server and openLDAP.
You don’t always have access to a proper IdM system. At the moment I’m at an organisation which still uses the old, manual ways of updating AD. I was asked if I knew an easy way to update the mobile phone numbers of a list of users, the data having been sent to Helpdesk in [...]
Here’s another trick that is really very simple, but, for reasons I can’t figure out, difficult to find out about. Despite what the documentation seems to say (and despite what I have read MS employees categorically stating), you CAN add an Exchange mailbox to an account that already exists in AD. Bundled with MIIS are [...]
