AD custom6 attribute and group memberships for shared mailboxes

Similar Messages

• How to see the group membership for a user in oidadmin

  how to see the group membership for a user in oidadmin?
  I see the memberships in oiddas, but I would like to know if its possible to see them in oidadmin? Thanks.

  Hi,
  For what I understand, you know the user and want to know the groups that the user is member of (am i wrong?)...
  With this query you pass the user's DN to the ldapsearch and the search gives you back the list of groups the member is a member of, all you need to do is change the value "uniquemember=cn=orcladmin" in the query for your own user.
  For example:
  $ORACLE_HOME/bin/ldapsearch -h localhost -p 389 -D "cn=orcladmin" -w oracle10g -b "dc=acme,dc=com,dc=au" -s sub "uniquemember=cn=orcladmin" dn
  will give you the list of groups that the user "cn=orcladmin" is a member of.
  $ORACLE_HOME/bin/ldapsearch -h localhost -p 389 -D "cn=orcladmin" -w oracle10g -b "dc=acme,dc=com,dc=au" -s sub "uniquemember=cn=smithj,cn=Users,dc=acme,dc=com,dc=au" dn
  will grive you all the groups that the user smithj is a member of.
  if you don't want to get the DN of the group you can change the last parameter of the query like this
  $ORACLE_HOME/bin/ldapsearch -h localhost -p 389 -D "cn=orcladmin" -w oracle10g -b "dc=acme,dc=com,dc=au" -s sub "uniquemember=cn=smithj,cn=Users,dc=acme,dc=com,dc=au" cn
  will give you the CN of the groups the user is member of.
  let me know if this is what you need.
  Regards,
  Juan

• Publish calendar for Shared Mailbox

  Hi,
  I have shared mailbox that I really need to have the calendar to be publish online (the ics link). I tried using the website and outlook 2013 client. Both of them saying that the "storeID provided isn't an ID of an item." Is there a way to be able
  to publish the calendar?

  Hi,
  We can enable Internet Calendar Publishing
  in exchange, then users can share calendar availability (free/busy) information with users in non-Exchange organizations and other individuals with Internet access.
  Refer to this document.
  https://technet.microsoft.com/en-us/library/ff607475%28v=exchg.141%29.aspx?f=255&MSPPError=-2147217396
  After creating a new sharing policy, use the following command to set the sharing policy Internet for shared mailbox.
  Set-Mailbox -Identity <shared mailbox> -SharingPolicy "new policy"
  Best Regards.
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Lynn-Li
  TechNet Community Support

• How to use Search Folders in Outlook for shared mailboxes

  Hello
  We use Otlook 2010/2013 with MS Exchange 2010. In outlook there is "Serarch folder" with subfolders Large e-mail, Unreaded mails.... User can create own subfolders with rules.
  Users have attahet to outlook shared mailboxex for example Import, Export....
  For these mailboxes you cannot use "Search Folders" - outlook can use it only for your personal mailbox.
  To use "Serach folders" for shared mailbox I have to create new e-mail profile in Windows. User has to run outlook using these new profile "import". Now he is directly connected with shared mailbox.
  But users want to use "Search folders" when they are on own outlook profile with shared mailboxes attahecd to their profiles.
  Is it posible to do it? Or use some third-party
  product?
  Thank you for help
  Tomasz
  Kind Regards Tomasz

  Hi,
  I suggest we ask this question on Outlook forum:
  http://social.technet.microsoft.com/Forums/office/en-US/home?forum=outlook
  Regards,
  Simon Wu
  TechNet Community Support

• Read group membership for a user object and populate every group with matching user from another domain

  I have LON\JSmith in LON domain and DEL\JimSmith in DEL domain
  I would like to extract group memberships of LON\JSmith in LON domain and append matching by email (i.e. DEL\JimSmith) user object in every group in LON domain.
  for instance
  LON\JSmith and DEL\JimSmith is the same person and has same email address [email protected]
  LON\JSmith belongs to 3 groups - LON\localadmingroup;LON\univdesktop;LON\globalsurvey
  The outcome of the script should be
  LON\JSmith; DEL\JimSmith    should be in 3 groups - LON\localadmingroup;LON\univdesktop;LON\globalsurvey.
  How can i do it?
  Navgup

  Hi Navgup,
  Please refer to the script below, to query users in other domain by specifying the parameter "-Server" in the cmdlet "get-aduser", and also note I haven't tested the script below:
  import-module activedirectory
  get-adgroupmember "group"|foreach{
  $email=(get-aduser $_.samaccountname -properties *).EmailAddress#get the user email
  Get-ADUser -filter {EmailAddress -eq $email} -properties * -server DomainB.company.com|select samaccountname, memberof}#filter user name and group with the email in other domain
  To get users across domain, please also refer this blog:
  Adding/removing members from another forest or domain to groups in Active Directory:
  http://blogs.msdn.com/b/adpowershell/archive/2010/01/20/adding-removing-members-from-another-forest-or-domain-to-groups-in-active-directory.aspx?Redirected=true
  I hope this helps.

• Design question: Change Group membership for a AD resource via SelfService

  Hi all,
  based on the OIM tutorials, I designed OIM that way that an end user can successfully request a resource. Is there a way to allow end users to modify their resource "subscriptions"? For example, I would like to allow end users to change their AD group memberships after the initial provision to the resource.
  From what I have learned from the tutorials, I would assume to create an AD group membership attribute in the user account profile form and propagate changes to that attribute back to AD.
  Or is there a way to allow end users to change their resource data directly under "My Resources" ?

  there is no concept of requesting a modification of an already provisoned account. Like you said this can be achieved thru an attribute on the user's profile and on changing that attribute, downstream applications can be propagated the new value.
  Typically if changes to an already proviisoned account needs to be done in oim and through oim, an oim admin goes to the user's resource profile and clicks on edit on the process form and can edit any data there. in case of ad groups, there will be a child process form that shows the groups that the user is a member of, you can insert(add) new groups or delete existing groups from there and save the form. In the proviisoning porcess of AD you will need to write a porcess task, which should add/remove the user from the specified group in AD on the trigger when a new group is added or an existing group is removed wehn the admin is modifying the user's AD process form/process child forms in oim.

• Report of Groups owned along with group memberships for each group, all in a single .csv file

  Hello all,
  What I'm trying to do is generate a report of all groups owned by a specific user, along with the group memberships, and output it all to a single .csv file. In the .csv file, I would like to have the group names as the column headers, and underneath
  the group name, list all the members of the group down through the column. So for example, if User1 owns 3 groups, the output would look like:
  What I'm having trouble with is outputting the objects to the .csv using New-Object psobject, and I'm starting to wonder if there is an easier way to do this and my brain is just fried.
  Any ideas?

  OK so I can try and give some code here, but I'm asking more of a concept question about how PowerShell builds objects so I'm not sure it will help....
  $User = "User1"
  get-adgroup -filter {managedby -eq $user} -pr member | %{
  $_.name
  $_.member
  OK so this is a simple script that outputs a group name followed by the membership, all in a single column. What I would like is for the group names to each be the header of a column, and have the membership listed underneath. For example:
  Is this possible in PowerShell?

• Samba winbind and group membership.

  I have a Solaris 10 (update 4) box (x86) that is joined to an active directory via samba/winbind.
  The users are working fine however their group membership is not.
  Users that should be members of certain groups do not seem to be: in that if I run
  "groups" and check the group member ship for myself I am missing entry of some groups yet I can verify that I should be a member of that group by running getent group "domain\\group name" and seing my username entered.
  winbind has the following parameters set
  winbind enum users = yes
  winbind enum groups = yes
  winbind nested groups = yes
  I am at a loss as to why it picks up some groups and not others.
  Has anyone come across something similar or know how to solve this issue?
  Regards,
  James

  Hi,
  I know this thread is very old but unfortunately I'm facing exactly the same problem under Solaris 10 Sparc. Any ideas? Maybe this issue was solved?
  Regards,
  Oliver

• RDBMSRealm and Group membership

  Hello.
  I would like to us an RDBMSRealm implementation behind some form of caching implementation.
  I have looked at and run the RDBMSRealm example that ships with 6.0.
  The major drawback is that I expect to have some groups where the number of members
  can be up to 1 million. The examples for RDBMSRealm and Custom Realm say to use
  a hash table to hold the membership of a group. This seems unrealistic in cases
  where the group membership is this large.
  Has anyone implemented an RDBMSRealm or custom realm that does not use the "hash
  table" approach?
  I am currently using WLS 6.0 sp2 and am connecting to an Oracle 8.1.7 database.
  Thanks for your time,
  Bubba

  This article from Sarge's Blog might help:
  http://www.sargeway.com/blog/index.cfm?mode=entry&entry=30

• Minimum group membership for imp/exp for ora 8i(client)  windows xp users

  Hi to all,
  For oracle 8i clients, windows xp users, what is the minimum group membership required that can be used so that the users can import or export dmps. Using Administrators imp/exp works ok... Any alternative?
  Thanks

  Hi Thierry,
  Please do not confuse the issue. Here we have the windows Operating System - privilege and then the Oracle database user privilege. In my case the Oracle database user privilege is DBA. If the user is given a Windows - Administrators privilege (which I do want to give) the exp/imp creates the DMP and log file. But any other standard windows privilege (with DBA privilege) the exp/imp does not create the dmp and log file. I hope I am clear and now you can suggest some alternative solution to OS - administrator.
  Thanks again

• Maximum number of connection profiles and group policies for Cisco ASA

  Hi,
  We have a Cisco ASA 5520 running 8.0(2) that we use only for Remote Access VPN.
  Does anyone know how many connection profiles and group policies that are supported on the box? I have not been able to find this in the manual.
  Thanks in advance for your help!
  Best regards,
  Harry

  There is no limit for connection profiles or group policies that can be configured on ASA. However the numbers do depend upon the memory available in the device as the profiles are stored in memory during execution.

• Currency Dim and Groups Dim for LegalConsolidation and IcMatching App

  Hi experts,
  I have had a look on posts about using Currency and Groups Dim, and using only Groups,
  I have developed apps with only Group Dim. Do you recommend to use Curr and Groups in the future.?
  And which dims should I include in ICmatching App with curr and groups dim?
  Regards

  Hi,
  While what the guys before have said is correct, I have a different opinion on the matter from my experience (and from the SAP starter kits since 7.5).
  I use a separate Group and Currency dimension because you may want to look at an entity's numbers in GC but without running Consolidation. For example, an entity that is only partially owned will only have GC values for its owned %, but the accountant for this entity may need to answer questions on the GC values based on 100%. With separate dimensions you can see values in GC before and after Consolidation.
  For an IC Matching application, I would have both Group and Currency dimensions. I would definitely use Group dimension because you may want to see eliminated IC balances in different groups. You should also have the Currency dimension as although only GC Interco balances are essential for matching, the LC values for each position is important as a frame of reference for the local accountant.
  Hope this helps,
  Tom.

• User and Group Ids for Standby Database

  The following oracle homes installed under the same unix account on the primary node:
  10gR2 CRS home
  10gR2 ASM home
  10gR2 RDBMS home
  Oracle Applications E-Business Suite 11.5.10.2 (concurrent admin)
  Based on note 216212.1 - Business Continuity for Oracle Applications Release 11i, Database Releases 9i and 10g
  Section 1: Design Considerations and Assumptions
  The note, verbatim, says "+The user and group Ids of the Oracle and applications software owner accounts must be the same on the production and standby servers+." Is this statement true? In other words, if the primary server software owner is the "morgan" unix account, then the unix account must also be "morgan" (not "stanley") on the standby server?

  Yes you can run a standby with different unix usernames on primary and standby, but it will be easier if the usernames are the same.

• User permissions for shared mailbox

  In a big organization, we've multiple shared mailboxes. Each mailbox is being looked at by different employees. We want to provide folder level restrictions to the employees and have primarily 3 type of access at a folder and root level:
  1) Owner access (Read, Create, Respond and Delete)
  2) Employee access (Read, Create and Respond)
  3) Read and View-only access
  Idea is to have a controlled access environment in the company where we don't want any employee to delete any e-mails and they're held accountable for their work.
  Million dollar question is - How do we achieve this in an Exchange Service 2010 Enterprise SP3 environment? Is it recommended to have such access levels? Can we've profile groups created to add users in future too with similar access restrictions?
  Please provide step by step.
  If this is not possible or advised, please suggest a better alternative with which we can track who deletes the e-mails and then change their behavior. May be some e-mail logs that help us determine this information? What is your suggestion?

  Hi,
  You can try Exfolders tool:
  http://gallery.technet.microsoft.com/office/Exchange-2010-SP1-ExFolders-e6bfd405
  How to use Exfolders:
  http://mouzzamh.wordpress.com/2012/04/01/how-to-use-exfolder-tool-for-exchange-2010/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety,
  or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Thanks,
  Simon Wu
  TechNet Community Support

• Best practices for sharing mailboxes

  Hello,
  To share mailboxes, I am not sure of the 'best practices'. 
  From my point of view, there are two scenarios :
  classic mailbox : an user A wants to share his mailbox so it assigns rights on his mailbox for an userB via Outlook. The userB will add the userA's mailbox to his profile
  shared mailbox : the rights are managed by the administrator
  Is it correct to divide the management (i.e classic user manages his own mailbox and the administrator manages rights on shared mailbox) or is not ?
  And the delegation functionnality in Outlook is not really what I want because the userB must have only access to the mailbox (+calendar+contacts) but he hasn't to manage the appointments, etc.
  Thanks for your help

  Unless there is some other reason, users should own the right to share their mailboxes - it shouldn't be something that demands administrator management (if only so that the administrators aren't swamped by user requests for sharing their mailboxes). 
  For true shared mailboxes, when the mailbox is created, full access is granted by an administrator.