Active Directory Cookbook, 2nd Edition View Larger Image | Robbie Allen, Laura E. Hunter
O'Reilly Media, Paperback, 2nd edition, Published June 2006, 991 pages, ISBN 059610202X | List Price: $49.99
Our Price: $31.50
You Save: $18.49 (37% Off)
| | | Availability: Out-Of-Stock |
Read an excerpt:
Chapter 8: Computers
Excerpt provided courtesy of O'Reilly Media. Copyright © O'Reilly Media, Inc
Written permission from the publisher is required for any use of this material.
|
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: - Cisco IOS Cookbook, 2nd Edition; Kevin Dooley, et al, $37.50, 37% Off!
- Windows Server 2008 Active Directory Resource Kit; Mike Mulcare, et al, $27.25, 45% Off!
- Active Directory, 3rd Edition; Robbie Allen, et al, $31.50, 37% Off!
- Exchange Server Cookbook; Devin Ganger, et al, $27.95, 38% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
If you're among those looking for practical hands-on support, help is here with
Active Directory Cookbook, Second Edition, a unique problem-solving guide that
offers quick answers for Active Directory and updated for Window Server 2003 SP1
and R2 versions.
The book contains hundreds of step-by-step solutions for both common and uncommon
problems that you're likely to encounter with Active Directory on a daily basis--including
recipes to deal with the Lightweight Directory Access Protocol (LDAP), ADAM,
multi-master replication, Domain Name System (DNS), Group Policy, the Active
Directory Schema, and many other features. Author Robbie Allen, a Technical
Leader at Cisco Systems, MVP for Directory Services, and co-author of Active
Directory, Third Edition and Laura E. Hunter, MVP for Windows Server-Networking
and author of several books, have based this collection of troubleshooting recipes
on their own experience, along with input from Windows administrators. Each
recipe includes a discussion explaining how and why the solution works, so you
can adapt the problem-solving techniques to similar situations.
This best selling book provides solutions to over 300 problems commonly encountered
when deploying, administering, and automating Active Directory to manage users
in Windows 2000 and Windows Server 2003. The recipes include:
* creating domains and trusts
* renaming a domain controller
* finding users whose passwords are about to expire
* applying a security filter to group policy objects
* checking for potential replication problems
* restricting hosts from performing LDAP queries
* viewing DNS server performance statistics
This Cookbook is a perfect companion to Active Directory, Third Edition, the
tutorial that experts hail as the best source for understanding Microsoft's
directory service. While Active Directory provides the big picture, Active Directory
Cookbook gives you quick solutions you need to cope with day-to-day dilemmas.
Together, these books supply the knowledge and tools so you can get the most
out of Active Directory to manage users, groups, computers, domains, organizational
units, and security policies on your network.
Table of Contents
Preface
1. Getting Started
1.1 Where to Find the Tools
1.2 Getting Familiar with LDIF
1.3 Programming Notes
1.4 Replaceable Text
1.5 Where to Find More Information
2. Forests, Domains, and Trusts
2.1 Creating a Forest
2.2 Removing a Forest
2.3 Creating a Domain
2.4 Removing a Domain
2.5 Removing an Orphaned Domain
2.6 Finding the Domains in a Forest
2.7 Finding the NetBIOS Name of a Domain
2.8 Renaming a Domain
2.9 Raising the Domain Functional Level to Windows 2000
Native Mode
2.10 Raising the Functional Level of a Windows Server 2003
Domain
2.11 Raising the Functional Level of a Windows Server 2003
Forest
2.12 Using AdPrep to Prepare a Domain or Forest for Windows
Server 2003
2.13 Determining WhetherAdPrep Has Completed
2.14 Checking Whether a Windows 2000 Domain Controller
Can Be Upgraded to Windows Server 2003
2.15 Creating an External Trust
2.16 Creating a Transitive Trust Between Two AD Forests
2.17 Creating a Shortcut Trust Between Two AD Domains
2.18 Creating a Trust to a Kerberos Realm
2.19 Viewing the Trusts for a Domain
2.20 Verifying a Trust
2.21 Resetting a Trust
2.22 Removing a Trust
2.23 Enabling SID Filtering for a Trust
2.24 Enabling Quarantine for a Trust
2.25 Managing Selective Authentication for a Trust
2.26 Finding Duplicate SIDs in a Domain
2.27 Adding Additional Fields to Active Directory Users
and Computers
3. Domain Controllers, Global Catalogs, and FSMOs
3.1 Promoting a Domain Controller
3.2 Promoting a Domain Controller from Media
3.3 Verifying the Promotion of a Domain Controller
3.4 Demoting a Domain Controller
3.5 Automating the Promotion or Demotion of a Domain Controller
3.6 Troubleshooting Domain Controller Promotion or Demotion
Problems
3.7 Removing an Unsuccessfully Demoted Domain Controller
3.8 Renaming a Domain Controller
3.9 Creating an NT 4.0 BDC Object
3.10 Finding the Domain Controllers for a Domain
3.11 Finding the Closest Domain Controller
3.12 Finding a Domain Controller's Site
3.13 Moving a Domain Controller to a Different Site
3.14 Finding the Services a Domain Controller Is Advertising
3.15 Restoring a Deleted Domain Controller
3.16 Resetting the TCP/IP Stack on a Domain Controller
3.17 Configuring a Domain Controller to Use an External
Time Source
3.18 Finding the Number of Logon Attempts Made Against
a Domain Controller
3.19 Enabling the /3GB Switch to Increase the LSASS Cache
3.20 Enabling the /PAE switch to Increase the Amount of
Addressable RAM
3.21 Cleaning Up Distributed Link Tracking Objects
3.22 Enabling and Disabling the Global Catalog
3.23 Determining Whether Global Catalog Promotion Is Complete
3.24 Finding the Global Catalog Servers in a Forest
3.25 Finding the Domain Controllers or Global Catalog Servers
in a Site
3.26 Finding Domain Controllers and Global Catalogs via
DNS
3.27 Changing the Preference for a Domain Controller
3.28 Disabling the Global Catalog Requirement During a
Windows 2000 or Windows Server 2003 Domain Login
3.29 Enabling Universal Group Caching in Windows Server
2003
3.30 Finding the FSMO Role Holders
3.31 Transferring a FSMO Role
3.32 Seizing a FSMO Role
3.33 Finding the PDC Emulator FSMO Role Owner via DNS
3.34 Finding the PDC Emulator FSMO Role Owner via WINS
4. Searching and Manipulating Objects
4.1 Viewing the RootDSE
4.2 Viewing the Attributes of an Object
4.3 Counting Objects in Active Directory
4.4 Using LDAP Controls
4.5 Using a Fast or Concurrent Bind
4.6 Connecting to an Object GUID
4.7 Connecting to a Well-Known GUID
4.8 Searching for Objects in a Domain
4.9 Searching the Global Catalog
4.10 Searching for a Large Number of Objects
4.11 Searching with an Attribute-Scoped Query
4.12 Searching with a Bitwise Filter
4.13 Creating an Object
4.14 Modifying an Object
4.15 Modifying a Bit Flag Attribute
4.16 Dynamically Linking an Auxiliary Class
4.17 Creating a Dynamic Object
4.18 Refreshing a Dynamic Object
4.19 Modifying the Default TTL Settings for Dynamic Objects
4.20 Moving an Object to a Different OU or Container
4.21 Moving an Object to a Different Domain
4.22 Referencing an External Domain
4.23 Renaming an Object
4.24 Deleting an Object
4.25 Deleting a Container That Has Child Objects
4.26 Viewing the Created and Last Modified Timestamp of
an Object
4.27 Modifying the Default LDAP Query Policy
4.28 Exporting Objects to an LDIF File
4.29 Importing Objects Using an LDIF File
4.30 Exporting Objects to a CSV File
4.31 Importing Objects Using a CSV File
5. Organizational Units
5.1 Creating an OU
5.2 Enumerating the OUs in a Domain
5.3 Finding an OU
5.4 Enumerating the Objects in an OU
5.5 Deleting the Objects in an OU
5.6 Deleting an OU
5.7 Moving the Objects in an OU to a Different OU
5.8 Moving an OU
5.9 Renaming an OU
5.10 Modifying an OU
5.11 Determining Approximately How Many Child Objects an
OU Has
5.12 Delegating Control of an OU
5.13 Assigning or Removing a Manager for an OU
5.14 Allowing OUs to Be Created Within Containers
5.15 Linking a GPO to an OU
6. Users
6.1 Modifying the Default Display Name Used When Creating
Users in ADUC
6.2 Creating a User
6.3 Creating a Large Number of Users
6.4 Creating an inetOrgPerson User
6.5 Converting a user Object to an inetOrgPerson Object
(or Vice Versa)
6.6 Modifying an Attribute for Several Users at Once
6.7 Setting a User's Profile Attributes
6.8 Moving a User
6.9 Redirecting Users to an Alternative OU
6.10 Renaming a User
6.11 Copying a User
6.12 Finding Locked Out Users
6.13 Unlocking a User
6.14 Troubleshooting Account Lockout Problems
6.15 Viewing the Account Lockout and Password Policies
6.16 Enabling and Disabling a User
6.17 Finding Disabled Users
6.18 Viewing a User's Group Membership
6.19 Removing All Group Memberships from a User
6.20 Changing a User's Primary Group
6.21 Transferring a User's Group Membership to Another
User
6.22 Setting a User's Password
6.23 Setting a User's Password via LDAP
6.24 Setting a User's Password from Unix
6.25 Preventing a User from Changing Her Password
6.26 Requiring a User to Change His Password at Next Logon
6.27 Preventing a User's Password from Expiring
6.28 Finding Users Whose Passwords Are About to Expire
6.29 Setting a User's Account Options (userAccountControl)
6.30 Setting a User's Account to Expire
6.31 Finding Users Whose Accounts Are About to Expire
6.32 Determining a User's Last Logon Time
6.33 Finding Users Who Have Not Logged On Recently
6.34 Viewing a User's Permitted Logon Hours
6.35 Viewing a User's Managed Objects
6.36 Creating a UPN Suffix for a Forest
7. Groups
7.1 Creating a Group
7.2 Viewing the Permissions of a Group
7.3 Viewing the Direct Members of a Group
7.4 Viewing the Nested Members of a Group
7.5 Adding and Removing Members of a Group
7.6 Moving a Group Within a Domain
7.7 Moving a Group to Another Domain
7.8 Changing the Scope or Type of a Group
7.9 Modifying Group Attributes
7.10 Creating a Dynamic Group
7.11 Delegating Control for Managing Membership of a Group
7.12 Resolving a Primary Group ID
7.13 Enabling Universal Group Membership Caching
7.14 Restoring a Deleted Group
8. Computers
8.1 Creating a Computer
8.2 Creating a Computer for a Specific User or Group
8.3 Joining a Computer to a Domain
8.4 Moving a Computer Within the Same Domain
8.5 Moving a Computer to a New Domain
8.6 Renaming a Computer
8.7 Add or Remove a Computer Account from a Group
8.8 Testing the Secure Channel for a Computer
8.9 Resetting a Computer Account
8.10 Finding Inactive or Unused Computers
8.11 Changing the Maximum Number of Computers a User Can
Join to the Domain
8.12 Modifying the Attributes of a Computer Object
8.13 Finding Computers with a Particular OS
8.14 Binding to the Default Container for Computers
8.15 Changing the Default Container for Computers
8.16 Listing All the Computer Accounts in a Domain
8.17 Identifying a Computer Role
9. Printers and Shared Folders
9.1 Installing the Print Server Role
9.2 Creating a Printer Filter
9.3 Managing Printer Drivers
9.4 Deploying Printers Through Group Policy
9.5 Publishing Printers in Active Directory
9.6 Installing the File Server Resource Manager
9.7 Managing Disk Quota Templates
9.8 Managing Disk Quotas
9.9 Managing Auto-Quotas
9.10 Modifying Quota Settings
9.11 Defining File Groups
9.12 Managing File-Screen Templates
9.13 Managing File Screens
9.14 Managing File-Screen Exceptions
9.15 Configuring File Server Reporting
9.16 Managing File Server Options
10. Group Policy Objects
10.1 Finding the GPOs in a Domain
10.2 Creating a GPO
10.3 Copying a GPO
10.4 Deleting a GPO
10.5 Viewing the Settings of a GPO
10.6 Modifying the Settings of a GPO
10.7 Importing Settings into a GPO
10.8 Creating a Migration Table
10.9 Creating Custom Group Policy Settings
10.10 Assigning Logon/Logoff and Startup/Shutdown Scripts
in a GPO
10.11 Installing Applications with a GPO
10.12 Disabling the User or Computer Settings in a GPO
10.13 Listing the Links for a GPO
10.14 Creating a GPO Link to an OU
10.15 Blocking Inheritance of GPOs on an OU
10.16 Enforcing the Settings of a GPO Link
10.17 Applying a Security Filter to a GPO
10.18 Delegating Administration of GPOs
10.19 Importing a Security Template
10.20 Creating a WMI Filter
10.21 Applying a WMI Filter to a GPO
10.22 Configuring Loopback Processing for a GPO
10.23 Backing Up a GPO
10.24 Restoring a GPO
10.25 Simulating the RSoP
10.26 Viewing the RSoP
10.27 Refreshing GPO Settings on a Computer
10.28 Restoring a Default GPO
11. Schema
11.1 Registering the Active Directory Schema MMC Snap-in
11.2 Enabling Schema Updates
11.3 Generating an OID to Use for a New Class or Attribute
11.4 Generating a GUID to Use for a New Class or Attribute
11.5 Extending the Schema
11.6 Preparing the Schema for Upgrade
11.7 Documenting Schema Extensions
11.8 Adding a New Attribute
11.9 Viewing an Attribute
11.10 Adding a New Class
11.11 Viewing a Class
11.12 Indexing an Attribute
11.13 Modifying the Attributes That Are Copied When Duplicating
a User
11.14 Adding Custom Information to ADUC
11.15 Modifying the Attributes Included with ANR
11.16 Modifying the Set of Attributes Stored on a Global
Catalog
11.17 Finding the Nonreplicated and Constructed Attributes
11.18 Finding the Linked Attributes
11.19 Finding the Structural, Auxiliary, Abstract, and
88 Classes
11.20 Finding the Mandatory and Optional Attributes of
a Class
11.21 Modifying the Default Security of a Class
11.22 Managing the Confidentiality Bit
11.23 Deactivating Classes and Attributes
11.24 Redefining Classes and Attributes
11.25 Reloading the Schema Cache
11.26 Managing the Schema Master FSMO
12. Site Topology
12.1 Creating a Site
12.2 Listing the Sites
12.3 Renaming a Site
12.4 Deleting a Site
12.5 Delegating Control of a Site
12.6 Configuring Universal Group Caching for a Site
12.7 Creating a Subnet
12.8 Listing the Subnets
12.9 Finding Missing Subnets
12.10 Deleting a Subnet
12.11 Changing a Subnet's Site Assignment
12.12 Creating a Site Link
12.13 Finding the Site Links for a Site
12.14 Modifying the Sites That Are Part of a Site Link
12.15 Modifying the Cost for a Site Link
12.16 Enabling Change Notification for a Site Link
12.17 Modifying Replication Schedules
12.18 Disabling Site Link Transitivity or Site Link Schedules
12.19 Creating a Site Link Bridge
12.20 Finding the Bridgehead Servers for a Site
12.21 Setting a Preferred Bridgehead Server for a Site
12.22 Listing the Servers
12.23 Moving a Domain Controller to a Different Site
12.24 Configuring a Domain Controller to Cover Multiple
Sites
12.25 Viewing the Site Coverage for a Domain Controller
12.26 Disabling Automatic Site Coverage for a Domain Controller
12.27 Finding the Site for a Client
12.28 Forcing a Host into a Particular Site
12.29 Creating a Connection Object
12.30 Listing the Connection Objects for a Server
12.31 Load-Balancing Connection Objects
12.32 Finding the ISTG for a Site
12.33 Transferring the ISTG to Another Server
12.34 Triggering the KCC
12.35 Determining Whether the KCC Is Completing Successfully
12.36 Disabling the KCC for a Site
12.37 Changing the Interval at Which the KCC Runs
13. Replication
13.1 Determining Whether Two Domain Controllers Are in
Sync
13.2 Viewing the Replication Status of Several Domain Controllers
13.3 Viewing Unreplicated Changes Between Two Domain Controllers
13.4 Forcing Replication from One Domain Controller to
Another
13.5 Enabling and Disabling Replication
13.6 Changing the Intra-Site Replication Interval
13.7 Changing the Intra-Site Notification Delay
13.8 Changing the Inter-Site Replication Interval
13.9 Disabling Inter-Site Compression of Replication Traffic
13.10 Checking for Potential Replication Problems
13.11 Enabling Enhanced Logging of Replication Events
13.12 Enabling Strict or Loose Replication Consistency
13.13 Finding Conflict Objects
13.14 Finding Orphaned Objects
13.15 Listing the Replication Partners for a DC
13.16 Viewing Object Metadata
14. DNS and DHCP
14.1 Creating a Forward Lookup Zone
14.2 Creating a Reverse Lookup Zone
14.3 Viewing a Server's Zones
14.4 Converting a Zone to an AD-Integrated Zone
14.5 Moving AD-Integrated Zones into an Application Partition
14.6 Configuring Zone Transfers
14.7 Configuring Forwarding
14.8 Delegating Control of a Zone
14.9 Creating and Deleting Resource Records
14.10 Querying Resource Records
14.11 Modifying the DNS Server Configuration
14.12 Scavenging Old Resource Records
14.13 Clearing the DNS Cache
14.14 Verifying That a Domain Controller Can Register Its
Resource Records
14.15 Enabling DNS Server Debug Logging
14.16 Registering a Domain Controller's Resource Records
14.17 Deregistering a Domain Controller's Resource Records
14.18 Preventing a Domain Controller from Dynamically Registering
All Resource Records
14.19 Preventing a Domain Controller from Dynamically Registering
Certain Resource Records
14.20 Allowing Computers to Use a Different Domain Suffix
from Their AD Domain
14.21 Authorizing a DHCP Server
14.22 Locating Unauthorized DHCP Servers
14.23 Restricting DHCP Administrators
15. Security and Authentication
15.1 Enabling SSL/TLS
15.2 Encrypting LDAP Traffic with SSL, TLS, or Signing
15.3 Disabling LDAP Signing or Encryption
15.4 Enabling Anonymous LDAP Access
15.5 Restricting Hosts from Performing LDAP Queries
15.6 Restricting Anonymous Access to Active Directory
15.7 Using the Delegation of Control Wizard
15.8 Customizing the Delegation of Control Wizard
15.9 Revoking Delegated Permissions
15.10 Viewing the ACL for an Object
15.11 Customizing the ACL Editor
15.12 Viewing the Effective Permissions on an Object
15.13 Configuring Permission Inheritance
15.14 Changing the ACL of an Object
15.15 Changing the Default ACL for an Object Class in the
Schema
15.16 Comparing the ACL of an Object to the Default Defined
in the Schema
15.17 Resetting an Object's ACL to the Default Defined
in the Schema
15.18 Preventing the LM Hash of a Password from Being Stored
15.19 Enabling Strong Domain Authentication
15.20 Enabling List Object Access Mode
15.21 Modifying the ACL on Administrator Accounts
15.22 Viewing and Purging Your Kerberos Tickets
15.23 Forcing Kerberos to Use TCP
15.24 Modifying Kerberos Settings
15.25 Viewing Access Tokens
16. Logging, Monitoring, and Quotas
16.1 Enabling Extended dcpromo Logging
16.2 Enabling Diagnostics Logging
16.3 Enabling NetLogon Logging
16.4 Enabling GPO Client Logging
16.5 Enabling Kerberos Logging
16.6 Viewing DNS Server Performance Statistics
16.7 Monitoring the File Replication Service
16.8 Monitoring the Windows Time Service
16.9 Enabling Inefficient and Expensive LDAP Query Logging
16.10 Using the STATS Control to View LDAP Query Statistics
16.11 Using Perfmon to Monitor AD
16.12 Using Perfmon Trace Logs to Monitor AD
16.13 Creating an Administrative Alert
16.14 Emailing an Administrator on a Performance Alert
16.15 Enabling Auditing of Directory Access
16.16 Enabling Auditing of Registry Keys
16.17 Creating a Quota
16.18 Finding the Quotas Assigned to a Security Principal
16.19 Changing How Tombstone Objects Count Against Quota
Usage
16.20 Setting the Default Quota for All Security Principals
in a Partition
16.21 Finding the Quota Usage for a Security Principal
17. Backup, Recovery, DIT Maintenance, and Deleted Objects
17.1 Backing Up Active Directory
17.2 Restarting a Domain Controller in Directory Services
Restore Mode
17.3 Resetting the Directory Service Restore Mode Administrator
Password
17.4 Performing a Nonauthoritative Restore
17.5 Performing an Authoritative Restore of an Object or
Subtree
17.6 Performing a Complete Authoritative Restore
17.7 Checking the DIT File's Integrity
17.8 Moving the DIT Files
17.9 Repairing or Recovering the DIT
17.10 Performing an Online Defrag Manually
17.11 Performing a Database Recovery
17.12 Creating a Reserve File
17.13 Determining How Much Whitespace Is in the DIT
17.14 Performing an Offline Defrag to Reclaim Space
17.15 Changing the Garbage Collection Interval
17.16 Logging the Number of Expired Tombstone Objects
17.17 Determining the Size of the Active Directory Database
17.18 Searching for Deleted Objects
17.19 Undeleting a Single Object
17.20 Undeleting a Container Object
17.21 Modifying the Tombstone Lifetime for a Domain
18. Application Partitions
18.1 Creating and Deleting an Application Partition
18.2 Finding the Application Partitions in a Forest
18.3 Adding or Removing a Replica Server for an Application
Partition
18.4 Finding the Replica Servers for an Application Partition
18.5 Finding the Application Partitions Hosted by a Server
18.6 Verifying Application Partitions Are Instantiated
on a Server Correctly
18.7 Setting the Replication Notification Delay for an
Application Partition
18.8 Setting the Reference Domain for an Application Partition
18.9 Delegating Control of Managing an Application Partition
19. Active Directory Application Mode
19.1 Installing ADAM
19.2 Creating a New ADAM Instance
19.3 Creating a New Replica of an ADAM Configuration Set
19.4 Stopping and Starting an ADAM Instance
19.5 Changing the Ports Used by an ADAM Instance
19.6 Listing the ADAM Instances Installed on a Computer
19.7 Extending the ADAM Schema
19.8 Managing ADAM Application Partitions
19.9 Managing ADAM Organizational Units
19.10 Managing ADAM Users
19.11 Changing the Password for an ADAM User
19.12 Enabling and Disabling an ADAM User
19.13 Managing ADAM Groups
19.14 Managing ADAM Group Memberships
19.15 Viewing and Modifying ADAM Object Attributes
19.16 Importing Data into an ADAM Instance
19.17 Configuring Intrasite Replication
19.18 Forcing ADAM Replication
19.19 Managing ADAM Permissions
20. Interoperability and Integration
20.1 Accessing AD from a Non-Windows Platform
20.2 Programming with .NET
20.3 Programming with DSML
20.4 Programming with Perl
20.5 Programming with Java
20.6 Programming with Python
20.7 Integrating with MIT Kerberos
20.8 Integrating with Samba
20.9 Integrating with Apache
20.10 Integrating with Novell Netware
20.11 Integrating with Macintosh
20.12 Replacing the Network Information Service
20.13 Using BIND for DNS
20.14 Integrating Down-level Windows Clients
20.15 Using VMWare for Testing AD
20.16 Using Virtual Server in an Active Directory Environment
21. Active Directory Federation Services
21.1 Installing ADFS Prerequisites
21.2 Installing the Federation Service
21.3 Configuring an Active Directory Account Store
21.4 Configuring an ADAM Account Store
21.5 Configuring an Account Partner
21.6 Configuring a Resource Partner
21.7 Creating a Claim Type
21.8 Configuring an Application
21.9 Configuring a Forest Trust
21.10 Configuring an Alternate UPN Suffix
21.11 Configuring the ADFS Web Agent
21.12 Enabling Logging for the ADFS Web Agent
22. Exchange Server 2003
22.1 Preparing Active Directory for Exchange
22.2 Installing the First Exchange Server
22.3 Installing Additional Exchange Servers
22.4 Installing an Exchange Service Pack
22.5 Creating Unattended Installation Files for Exchange
and Exchange Service Pack Installations
22.6 Installing Exchange Management Tools
22.7 Delegating Exchange for the First Time
22.8 Stopping and Starting Exchange Server
22.9 Mail-Enabling a User
22.10 Mail-Disabling a User
22.11 Mailbox-Enabling a User
22.12 Deleting a User's Mailbox
22.13 Purging a Deleted Mailbox
22.14 Reconnecting a Deleted Mailbox
22.15 Enumerating Disconnected Mailboxes
22.16 Moving a Mailbox
22.17 Viewing Mailbox Sizes and Message Counts
22.18 Configuring Mailbox Limits
22.19 Mail-Enabling a Contact
22.20 Mail-Disabling a Contact
22.21 Creating a Mail-Enabled Distribution List
22.22 Creating a Query-Based Distribution List
22.23 Creating an Address List
22.24 Creating a Recipient Policy
22.25 Creating a Storage Group
22.26 Creating a Mailbox Store
22.27 Moving the Exchange Transaction Logs
22.28 Listing Domain Controllers and Global Catalog Servers
Used by an Exchange Server
22.29 Mounting and Dismounting Mailbox Stores
22.30 Enabling Message Tracking
23. Microsoft Identity Integration Server
23.1 Creating the HR Database MA
23.2 Creating an Active Directory MA
23.3 Setting Up a Metaverse Object Deletion Rule
23.4 Setting Up Simple Import Attribute Flow-HR Database
MA
23.5 Setting Up a Simple Export Attribute Flow to AD
23.6 Defining an Advanced Import Attribute Flow-HR Database
MA
23.7 Implementing an Advanced Attribute Flow Rules Extension-HR
Database MA
23.8 Setting Up Advanced Export Attribute Flow in Active
Directory
23.9 Configuring a Run Profile to Do an Initial Load of
Data from the HR Database MA
23.10 Loading Initial HR Database Data into MIIS Using
a Run Profile
23.11 Configuring a Run Profile to Load the Container Structure
from AD
23.12 Loading the Initial AD Container Structure into MIIS
Using a Run Profile
23.13 Setting Up the HR Database MA to Project Objects
to the Metaverse
23.14 Writing a Rules Extension to Provision User Objects
to the ADMA from Objects in the HR Database MA
23.15 Creating a Run Profile for Provisioning
23.16 Executing the Provisioning Rule
23.17 Creating a Run Profile to Export Objects from the
ADMA to Active Directory
23.18 Exporting Objects to AD Using an Export Run Profile
23.19 Testing Provisioning and De-Provisioning of User
Accounts in AD
23.20 Creating a Run Profile Script
23.21 Creating a Controlling Script
23.22 Enabling Directory Synchronization from AD to the
HR Database
23.23 Configuring a Run Profile to Load the telephoneNumber
from AD
23.24 Loading telephoneNumber Changes from AD into MIIS
Using a Delta Import and Delta Synchronization Run Profile
23.25 Exporting telephoneNumber Data to the HR Database
23.26 Using the HR Database MA Export Run Profile to Export
the Telephone Number to the HR Database
23.27 Searching Data in the Connector Space
23.28 Searching Data in the Metaverse
23.29 Deleting Data in the Connector Space and Metaverse
Index
About the Authors
Robbie Allen is a technical leader at Cisco Systems, where he has been involved
in the deployment of Active Directory, DNS, DHCP, and several network management
solutions. He enjoys working on Unix and Windows, and his favorite programming
language is Perl. Robbie was named a Windows Server MVP in 2004 and 2005 for
his contributions to the Windows community and the publication of several popular
O'Reilly books. Robbie is currently studying at MIT in its system design and
management program. For more information, see Robbie's web site at www.rallenhome.com.
Laura E. Hunter (CISSP, MCSE, MCT, MCDBA, MCP, MCP+I, CCNA, A+, Network+, iNet+,
CNE-4, CNE-5) is a Senior IT Specialist with the University of Pennsylvania,
where she provides network planning, implementation, and troubleshooting services
for various business units and schools within the university. Her specialties
include Microsoft Windows NT and 2000 design and implementation, troubleshooting,
and security topics. As an "MCSE Early Achiever" on Windows 2000,
Laura was one of the first in the country to renew her Microsoft credentials
under the Windows 2000 certification structure.
Laura's previous experience includes a position as the Director of Computer
Services for the Salvation Army and as the LAN administrator for a medical supply
firm. She also operates as an independent consultant for small businesses in
the Philadelphia metropolitan area and is a regular contributor to the TechTarget
family of Web sites. Laura has previously contributed to the Syngress Publishing's
Configuring Symantec Antivirus, Corporate Edition (ISBN 1-931836-81-7). She
has also contributed to several other exam guides in the Syngress Windows Server
2003 MCSE/MCSA DVD Guide & Training System series as a DVD presenter, contributing
author, and technical reviewer.
Laura was recently awarded the prestigious MVP award as a Microsoft "Most
Valued Professional." Laura holds a bachelor's degree from the University
of Pennsylvania and is a member of the Network of Women in Computer Technology,
the Information Systems Security Association, and InfraGard, a cooperative undertaking
between the U.S. Government and other participants dedicated to increasing the
security of United States critical infrastructures.
|
