Tài liệu Lab A: Creating and Configuring an Active Directory Management Agent pptx

Create and configure the Active Directory management agent.. Perform attribute flow on Active Directory data.. Exercise 1 Creating an Active Directory Management Agent In this exercise,

Trang 1

Lab A: Creating and Configuring an

Active Directory Management Agent

Objectives

After completing this lab, you will be able to:

! Create and configure the Active Directory management agent

! Integrate data from Active Directory into the metadirectory

! Perform attribute flow on Active Directory data

Prerequisites

Before working on this lab, you must have:

! Knowledge about attribute flow rules

! Experience joining connector namespace entries with metaverse namespace entries

! Experience operating management agents

Lab Setup

To complete this lab, you need the following:

! MMS Server and MMS Compass installed

! Human Resources and Microsoft Exchange 5.5 data integrated into the metaverse namespace

Estimated time to complete this lab: 30 minutes

Trang 2

Exercise 1

Creating an Active Directory Management Agent

In this exercise, you will create an Active Directory management agent to integrate the information from the Claims and Investigations departments into the metadirectory

Scenario

The Claims and Investigations departments of Northwind Traders have started to deploy Active

Directory You need to integrate the department’s Active Directory information into the

metadirectory This will lay the groundwork for deploying Active Directory throughout the

organization

start MMS Compass, and

then log on to your MMS

server

password

mmsadmin@nwtraders.msft with a password of password

Active Directory

management agent called

domain MA (where domain

is your domain name)

click Management Agents

name), and then in the control pane, click Create New Management

Agent

Management Agent box, type domain MA (where domain is your

domain name)

Directory Management Agent, and then click Create

agent with the following

parameters:

Mode: Association

domain.nwtraders.msft

domain\Administrator

Connected Directory Specifics tab, on the Mode and Namespace Management tab, under Management Agent Mode, click Association

Settings, in the Forest to discover box, type domain.nwtraders.msft

type domain\Administrator and in the Password box, type password

and then click OK

for UserPassword box, type password and then click OK

Trang 3

Exercise 2

Joining Active Directory Entries into the Metaverse Namespace

In this exercise, you will integrate the Claims and Investigations information into the metadirectory

by joining the Active Directory data with the existing metaverse namespace data

Scenario

The Claims and Investigations departments of Northwind Traders have started to deploy Active

Directory You need to integrate their Active Directory information into the metadirectory This

will lay the groundwork for deploying Active Directory throughout the organization

displayname and sn for the

join criteria attributes

the control pane, click Join

in the Search using these attributes box, add the following attributes:

$cd.displayname

$cd.sn

Important: Do not perform the join at this time

1 (continued) c Click OK to close the Server-Based Join dialog box

management agent

the control pane, click Operate MA

The Operator's Log displays the management agent's progress This process may take some time to complete

Was the management agent configured for delta mode? What mode did the management run in and why?

Yes, from the Operational Settings tab, the mode is set to delta From the Operator's Log, the

management agent ran in full mode because it automatically switches to this mode the first time the management agent runs, thereby initially populating the metadirectory

2 (continued) d Click OK to close the Operate the Management Agent dialog box

Trang 4

Tasks Detailed Steps

What do the two entries directly beneath domain MA represent?

The configuration.domain.nwtraders.msft entry represents Active Directory's configuration partition

The domain.nwtraders.msft entry represents Active Directory's domain partition

configure a new query to

facilitate joins by using the

surname attribute

Services menu, and then log on to your MMS server as mmsadmin@nwtraders.msft with a password of password

Last Name

type Match by last name and then click OK

A Last Name button is added to Predefined Queries.

manually join any remaining

disconnectors that have a

matching entry in the

metaverse namespace

name defined

Join, and then click Yes to close the Join confirmation dialog box Note: There are a number of default Active Directory accounts that are still disconnectors This is acceptable

because there are no corresponding entries in the metaverse namespace that match these Active Directory accounts

5 (continued) d Close the Microsoft Account Joiner window

Trang 5

Exercise 3

Establishing Attribute Flow

In this exercise, you will establish attribute flow rules to update the metaverse namespace with the

Active Directory user principal name

Scenario

Northwind Traders recently integrated their Active Directory user accounts from their Claims and

Investigations departments The Microsoft Exchange Server e-mail address must match the Active

Directory user principal names for these users

to flow the mail attribute

from Active Directory to the

metaverse namespace

the control pane, click Attribute Flow

Rules tab, in the Metaverse Attributes box, click mail

<

The specific attribute flow rule $mv.mail = $cd.mail appears

address for the metaverse

namespace entry for Adri

Duhem in the Claims

department is blank

msft \ nwtraders \ domain \ metaverse \ Claims

Properties

Email box is blank

to update the mail attribute

values in the metaverse

namespace from Active

Tiêu đề	Lab A: Creating and Configuring an Active Directory Management Agent
Thể loại	Lab manual

Định dạng
Số trang	6
Dung lượng	182,79 KB