AD Ou structure generated by Adsync process



Similar documents
Using VBScript to Automate User and Group Administration

ShoreTel Active Directory Import Application

Quick Introduction System Requirements Main features Getting Started Connecting to Active Directory... 4

ShoreTel Active Directory Import Application

Adeptia Suite LDAP Integration Guide

HELP DOCUMENTATION UMRA REFERENCE GUIDE

Usage: admodcmd [-dn BaseDN] [-p pagesize] [-s] [-server servername] [-f LDAPFilter] [modification]

Active Directory LDAP Quota and Admin account authentication and management

Migrating application users and passwords with Password Manager

Technical Overview. Active Directory Synchronization

Identity Management in Quercus. CampusIT_QUERCUS

Active Directory at the University of Michgan. The Michigan Way Since 2000

LDAP and Active Directory Guide

The following gives an overview of LDAP from a user's perspective.

Introduction Installing and Configuring the LDAP Server Configuring Yealink IP Phones Using LDAP Phonebook...

Cloudwork Dashboard User Manual

Z-Hire V4 Administration Guide

JiJi Active Directory Reports JiJi Active Directory Reports User Manual

Integrating Webalo with LDAP or Active Directory

LDAP Directory Integration with Cisco Unity Connection

Configure Directory Integration

HOW TO: Customise the style of the display name in Active Directory Users and Computers and the GAL

How To Search For An Active Directory On Goprint Ggprint Goprint.Org (Geoprint) (Georgos4) (Goprint) And Gopprint.Org Gop Print.Org

Using LDAP Authentication in a PowerCenter Domain

Thank you for using AD Bulk Export 4!

Quality Center LDAP Guide

IPedge Feature Desc. 5/25/12

GALSYNC V4.3. Manual NETSEC. 18. March NETsec GmbH & Co.KG Schillingsstrasse 117 DE Düren

Z-Term V4 Administration Guide

Z-Hire V3 Administration Guide

Managing an Active Directory Infrastructure O BJECTIVES

Active Directory Integration Notes. Introduction. Overview

ACTIVE DIRECTORY WEB SERVICE USER GUIDE LAST UPDATED: January 4, 2013

WHITE PAPER BT Sync, the alternative for DirSync during Migrations

Active Directory Synchronization Tool Architecture and Design

Technical Bulletin 005 Revised 2010/12/10

IMPLEMENTING DIRECTORY SERVICES INTEGRATION WITH HELIX MEDIA LIBRARY Revision Date: September 2014

Release Note RM Unify CSV Extraction Tool

Active Directory Friday: All Articles. Jaap Brasser

Integrating PISTON OPENSTACK 3.0 with Microsoft Active Directory

Technical Bulletin 41137

KACE Appliance LDAP Reference Guide V1.4

Steps to setup authentication and enrolment through LDAP protocol

Active Directory Commands ( )

Managing an Active Directory Infrastructure

Ciphermail Gateway Web LDAP Authentication Guide

1 JiJi AD Bulk Manager User Manual. JiJi AD Bulk Manager - User Manual

Binding an OS X computer to Active Directory at NEIU (Existing User)

User Management Resource Administrator. UMRA tables. User Guide

ADtoolkit Version History

Using LDAP for User Authentication

SMART Directory Sync Known Limitations

Integrate with Directory Sources

Here, we will discuss step-by-step procedure for enabling LDAP Authentication.

How To Use Syntheticys User Management On A Pc Or Mac Or Macbook Powerbook (For Mac) On A Computer Or Mac (For Pc Or Pc) On Your Computer Or Ipa (For Ipa) On An Pc Or Ipad

VMware Identity Manager Administration

Active Directory Adapter with 64-bit Support User Guide

PERMISSION ANALYZER USER MANUAL

Automatic Deployment and Authentication Guide

Resources You can find more resources for Sync & Save at our support site:

Step-by-Step Guide to Active Directory Bulk Import and Export

Active Directory Account Provisioning (ADAP)

VMware Identity Manager Administration

ECAT SWE Exchange Customer Administration Tool Web Interface User Guide Version 6.7

CISNTWK-492e. Microsoft Exchange Server 2003 Administration. Chapter Five Managing Addresses

SMART Directory Sync 5.0. User Guide for Windows Server Migration

How to Use Microsoft Active Directory as an LDAP Source with the Oracle ZFS Storage Appliance

How To Configure The Active Directory Module In Sitecore Cms (For A Web.Com User)

Workflow Templates Library

Introduction to Linux (Authentication Systems, User Accounts, LDAP and NIS) Süha TUNA Res. Assist.

FOREFRONT IDENTITY MANAGEMENT

Installation and Configuration Guide

Sample Configuration: Cisco UCS, LDAP and Active Directory

Administrator s Guide

Authentication Authorization Infrastructure

Citrix EasyCall Gateway Pre-Installation Checklist

and Active Directory Adding, Changing and Deleting Accounts, Compiling Addresses for Mail Lists

User management with Active Directory

Nevepoint Access Manager 1.2 BETA Documentation

AD Information Sync 3.0 User Guide

escan SBS 2008 Installation Guide

PriveonLabs Research. Cisco Security Agent Protection Series:

Configuring Reports and Alarm Information

Polycom RealPresence Resource Manager System Administrator s Guide

Security Provider Integration LDAP Server

Cummins Online Login User Instructions

Océ LDAP Adapter User Guide

SharePoint AD Information Sync Installation Instruction

Using LDAP with Sentry Firmware and Sentry Power Manager (SPM)


Administrator's Guide

Table of Contents. Welcome to ADSelfService Plus Contact AdventNet Getting Started... 6

Configuring User Identification via Active Directory

User Management Resource Administrator 7.2

Active Directory Integration

Step-by-Step Guide to Bulk Import and Export to Active Directory

How to Get Set Up for the 2014 BE-180 and Request an Extension if Needed

Transcription:

AD Ou structure generated by Adsync process WIN2K AllGroups Security Groups Alphabetical Groups Students% first char % Grouping Groups Courses groups %course_code %-%course_number%-% section_number%-% crn%-% term_code_key %-% instructor_email% DEPARTMENTS-STF %Department name%-stf FACULTIES-STD %Faculty name%-std MAJORS-STD %Faculty name%-%major%-%graduateflag% Graduates prmedicine undergraduates notstudents MCAllStaff MCAllResidents MCAllinterns AllACADstaff students AllUsers NON-ACTIVE-USERS STD DISABLED STUDENT ACCOUNTS STF DISABLED STAFF ACCOUNTS NON-Students %DEPARTMENT NAME% ACTIVE STAFF ACCOUNTS Students %FACULTY NAME% %MAJOR NAME% %GRAD FLAG% ACTIVE STUDENT ACCOUNTS

Adsync.exe scheduled job @ 4 hours interval supplied with the number of days for wich to query NETDB as arguments. Create user buffer list from oracle NETDB ID,login,first_name,last_name,PERS_TYPE,DEPT_C OLL_DESC,MAJOR_DESC,active,box,extension,cate gory,barcode,graduate,email,employment_date,p ROLE,MANAGED_BY,LOCATION,coll_code,old_uid Open the buffer user list and processes it line by line: While Not buffer user list At End Of file Each line is split into an array and values are assigned: the values are assigned from the array to the variables and global indexes are reset Fix special and empty conditions: Take care of department and majors names that contain non-allowed characters(,/().: ) take care of empty departments, majors names and graduate flag and cost centers Check If Username <> BLANK CHECK if user already exists In AD CHECK if Old User id from oracle <> BLANK update_existing_user CHECK if Old User id already Exists In AD If any called function has generated an error Log event into No username log Log event into processed users log rename_user create_new_user create_new_user Send email to aubede containing the error Loop If an error occurred in this function itself Call the adsi error msg generating function Send email to aubede containing the error Exit

create_new_user Set MAIN variables UserCn = "CN=" + Username UserPrincipalName = Username + "@win2k.aub.edu.lb" IsAccountFirstCreation = "Y" If User New State is set to Active SetuserOUforactive SetuserOUfordisabled setuserhomepath setuserinfo If User New State is set to Active createnewhomefolder setusergroups Set user.accountdisabled = Set user.accountdisabled = user.setinfo If Error occurred Ture Call adsierr("create_new_user") Log event into newly created users log

update_existing_user Set UserCn = "CN=" + Username If user has not been renamed SET UserAdsPath & OldHomeDriveLocation & intuac To values retrieved from active directory representing current status and information also SET current_activ_stat = ture if user is disabled setuserhomepath Is User New State is set to Active createnewhomefolder setuserinfo Is User New State is set to Active SetuserOUforactive SetuserOUfordisabled clearusergroupinggroups (clears users group membership to any group in,ou=security groups) If PersonType is student clearuseralphagroups (clears users group membership to any group in ou=alphabetical groups,ou=security groups) If User New State is set to Active setusergroups Set user.accountdisabled = Set user.accountdisabled = user.setinfo If Error occurred adsierr("update_existing_user")

setuserhomepath If PersonType = students true NewHomeDriveLocation = "\\win2k.aub.edu.lb\files\home" & UCase(UserNameFirstChar) & "\" + Username FTPRootdir = "\\win2k.aub.edu.lb\files\home" & UCase(UserNameFirstChar) & "\" If PersonType = Intern or resident true If Category = "M" Then ' AUH staff ' NewHomeDriveLocation = "\\win2k.aub.edu.lb\ files\int-rs Homes\" + Username FTPRootdir = "\\win2k.aub.edu.lb\files\int-rs Homes\" true NewHomeDriveLocation = "\\win2k.aub.edu.lb\files\ MC home Folders\" + Username FTPRootdir = "\\win2k.aub.edu.lb\files\mc home folders\" Else ' AUB Staff ' NewHomeDriveLocation = "\\win2k.aub.edu.lb\files\institutional Data\" + Username FTPRootdir = "\\win2k.aub.edu.lb\files\institutional Data\"

Createnewhomefolder If OldHomeDriveLocation <> NewHomeDriveLocation If NewHomeDrive does not exist Create home Folder If user is changing status from disabled to enabled If PersonType is student If NewHomeDrive does not exist Create hidden favorites folder recreate home folder for user since if it was deleted during the cleaning procedure If PersonType is student sethomefolderpermissions Create hidden favorites folder If OldHomeDriveLocation <> BLANK and Old Home folder exists sethomefolderpermissions Write robocopy command to log file of home transfer list Execute robocopy to move content to new home adsierr("createnewhomefolder")

Sethomefolderpermissions If PersonType = students true Set admingroup = "allhomeadmins" If PersonType = Intern or resident true Set admingroup = "MChomeadmins" If Category = "M" Then ' AUH staff ' true Else ' AUB Staff ' Set admingroup = "InstitutionalDataAdmins" Set admingroup = "MChomeadmins" Write xcacls command command to log file xcacls.log.txt Execute xcacls to set appropriate permissions on home folder adsierr("sethomefolderpermissions")

setuserinfo Is IsAccountFirstCreation flag set to "Y" false Create user in finaloupath SET THE FOLLOWING USER PROPERTIES "samaccountname","userprincipalname", Set "msnpallowdialin" to "altsecurityidentities", "Kerberos:" Username@AUB.EDU.LB" user.setinfo Set user object to found user path in MAIN then clear "profilepath" If AubManager <> "" Then search AD for the managers username to get the DN of his ACCOUNT Manager username not found Manager username found LOG EVENT invalidmanagerlog SET THE FOLLOWING USER PROPERTIES "homedirectory", "msiis-ftpdir", "msiis- FTPRoot", "HomeDrive", "description", "givenname", "sn" LastName, "displayname", "AUB-ID", "AUB-Employment-Date", "AUB- Prole", AUB-PersonType, "AUB-Location", "mail", "telephonenumber", "postofficebox", manager user.setinfo SET THE FOLLOWING USER PROPERTIES "homedirectory", "msiis-ftpdir", "msiis- FTPRoot", "HomeDrive", "description", "givenname", "sn" LastName, "displayname", "AUB-ID", "AUB-Employment-Date", "AUB- Prole", AUB-PersonType, "AUB-Location", "mail", "telephonenumber", "postofficebox", CLEAR MANAGER ATTRIBUTE user.setinfo Is IsAccountFirstCreation flag set to "Y" Set password to random If error occurred in this function adsierr("setuserinfo")

SetuserOUfordisabled If PersonType = student Set finaloupath = "OU=STD,ou=NON-ACTIVE-USERS,ou=allusers,dc=win2k,dc=aub,dc=edu,dc=lb" finaloupath = "OU=STF,OU=NON-ACTIVE-USERS,ou=allusers,dc=win2k,dc=aub,dc=edu,dc=lb" Is IsAccountFirstCreation flag set to "N" Is IsAccountFirstCreation flag set to "N" Move User account Into THE finaloupath Move User account Into THE finaloupath If error occurred in this function adsierr("setuseroufordisabled")

SetuserOUforactive If PersonType = student Set Finaloupath = "OU=" & GraduateFlag & ",OU=" & Major & ",OU=" & Department & ",OU=Students,OU=AllUsers,DC=win2k,DC=aub,DC= edu,dc=lb" And set finaluserpath = "LDAP://" & UserCn & "," & finaloupath Set Finaloupath = "OU=" & Department & ",OU=NON- Students,OU=AllUsers,DC=win2k,DC=aub,DC=edu, DC=lb" And set finaluserpath = "LDAP://" & UserCn & "," & finaloupath Is there a change in user OU location finaluserpath <> UserAdsPath Is there a change in user OU location finaluserpath <> UserAdsPath checkousexistense checkousexistense Is IsAccountFirstCreation flag set to "N" Is IsAccountFirstCreation flasg set to "N" Move User account Into THE finaloupath Move User account Into THE finaloupath If error occurred in this function adsierr("setuserouforactive")

checkousexistense If PersonType is Staff check if department OU exists check if CostCenter/CollegeCode number is in any of the existing Ous descriptions (student) Create Department organizationalunit with "description"=costcenter/collegecode rename the OU and assosiated GROUP to the new department name relevant for this CostCenter/CollegeCode as this code should be unique update OU description=costc enter/collegecode check if faculty OU exists true Create faculty organizationalunit with "description"=costcenter/collegecode update OU description=costc enter/collegecode check if MAJOR OU exists Create MAJOR organizationalunit check if gruaduateflag OU exists (UG,GR,PR) Create gruaduateflag organizationalunit If error occurred in this function adsierr("checkousexistense")

setusergroups checkgroupinggroupsexistense If PersonType is "STUDENT = STAFF Add to group CN=(Department) & "-std" in OU=FACULTIES-STD,OU=grouping groups Add to group CN=(Department) & "-stf" in OU=DEPARTMENTS-STF,OU=grouping groups Add to group CN =students in Add to group CN =notstudents in Add to alpha group CN ="Students" & (FirstChar in UserName) in ou=alphabetical groups TRUE Check if user Category = AUH STAFF Add to group cn=(department) & "-" & (Major) & "-" & (GraduateFlag) In OU=MAJORS-STD,ou=grouping groups, Add to group CN =MCAllStaff in FALSE UG CHECK GRADFLAG PR Other Other IT CHECK PersonType AC GR RS Add to group CN =undergraduates in Add to group CN =graduates in Add to group CN =prmedicine in Add to group CN =MCAllinterns in Add to group CN =MCAllResidents in Add to group CN =AllACADstaff in If error occurred in this function adsierr("setusergroups")

checkgroupinggroupsexistense If PersonType is Staff (student) check if department group (Department & "-STF") exists In OU=DEPARTMENTS-STF,OU=grouping groups check if faculty group (Department & "-STD") exists In OU=FACULTIES-STD,OU=grouping groups Create FACULTY group true Create DEPARTMENT group check if MAJOR group (Department & "-" & Major & "-" & GraduateFlag) exists In OU=MAJORS-STD, Create MAJOR group If error occurred in this function adsierr("checkgroupinggroupsexistense")

fix_special_and_empty_conditions If CostCenterCollegeCode = "" CostCenterColleg ecode = "UNDECLARED" If PersonType IS STUDENT (staff) If GraduateFlag = "" If Department = "" GraduateFlag = "UND" If Department = "" Department = "NO DEPARTMENT SPECIFIED" If Major = "" Department = "NO COLLEGE DESIGNATED" If Major = "" Major = "No major Designated" Major = "MAJORLESS" Take care of department and majors names that contain non-allowed characters : /,. ( )

rename_user Rename user object to its new CN name Fix all relevant attributes with the new name "samaccountname" "userprincipalname" "altsecurityidentities" Check if current home folder exists false setuserhomepath setuserhomepath Check if the new home folder path has changed Is ActiveFlag = "Y" Rename the users folder only Set the varaible OldHomeDriveLocation = to the existing current home createnewhomefolder createnewhomefolder Set "homedirectory" attribute in AD Connect to oracle NETDB and set the field ucr_ads_processed for the current date when the user was renamed in AD Log event in renamed users log Set Rename_stat = "Y" update_existing_user If error occurred in this function adsierr("rename_user")

adsierr Receive the name of the function where the error originated Generate an error message containing all user info and where the error occurred and error type append to log errorlog.txt the message Append the message to the email body of the mail that will be sent at the end of the process Set globalerror flag = 1

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information