Adding a field of Active Directory
Hello,
In Active Directory we have a field called Office that is populated.
We are using Portal 6.0 SP1 - which syncs with AD via a Remote Authentication Source called Domain and a Profile Source called AD Profile. SSO is enabled.
In the AD Profile I added a property called Section and mapped it to Office - but nothing shows up, it is blank.
How do I get the office field from AD to show up in my sync to the Portal?
Hope this is enough info to get started!
Thanks,
V
Computers are like Old Testament gods; lots of rules and no mercy. ~Joseph Campbell
Got it figured out.
The field Office in AD goes by the name physicalDeliveryOfficeName not office....
Check [url http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm#LDAP_Attribute_]this out
It loaded fine.
Thanks!
V
Computers are like Old Testament gods; lots of rules and no mercy. ~Joseph Campbell
Edited by vivekvp at 02/12/2008 1:29 PM
Similar Messages
-
Why do I get general access denied trying to update my own field in Active Directory?
I am trying to update a field pertaining to my own user object in Active Directory using ADSI and C++ app. The operating system
is Windows Server 2012 Standard.
I am able to read, I am able to call Put without problems, but when I call SetInfo, it returns with "General access denied". I have
confirmed that it's my own user object I'm trying to access.
I obtain my own FQDN like this:
GetUserNameEx(EXTENDED_NAME_FORMAT::NameFullyQualifiedDN, pszFullyQualifiedDN, &dwFullyQualifiedDN);
Then I use it like this:
LPTSTR pszObj = (LPTSTR)LocalAlloc(LPTR, dwMemToAlloc);
wcscpy_s(pszObj, dwMemToAlloc / sizeof(TCHAR), L"LDAP://");
wcscat_s(pszObj, dwMemToAlloc / sizeof(TCHAR), pszFullyQualifiedDN);
I bind to an object like this:
ADsGetObject(pszObj, IID_IADs, (LPVOID*)&pObject);
This call succeeds:
pObject->Get(CComBSTR("Description"), &var);
This call also succeeds:
VariantClear(&var);
V_BSTR(&var) = SysAllocString(L"Some new value");
V_VT(&var) = VT_BSTR;
hr = pObject->Put(CComBSTR("Description"), var);
Trying to commit the above change using the following:
pObject->SetInfo();
This is where it fails.
It returns E_ACCESSDENIED General access denied error.
As you can see, that is my own user object I am trying to update. To my understanding that is supposed to work provided I am a member of Domain
Users group. Which I am.
What could possibly be the problem?The problem is that in Windows Server 2012 Domain Controller, permission to write to public (and personal,
for that matter) properties is not granted to "SELF". The field I am trying to write to belongs to public properties. The only property set a user is able to change for himself in Windows Server 2012, by default, seems to be "Private-Information",
which consists of ms-PKI-Credential-Roaming-Tokens,ms-PKI-RoamingTimeStamp, ms-PKI-DPAPIMasterKeys, ms-PKI-AccountCredentials
Why on earth a user doesn't have permission to write to his own personal fields in Windows Server 2012 AD, Microsoft??!?!?! -
Adding a user in Active Directory
Hi fellows,
I am having a serious problem in creating a new user in active directory. i am using LDAP JNDI code. I can delete and update users attributes, but fail to create users.
ctx.createSubcontext("newuser,full domain", attributes);
when i specify a new user in "newuser" it gives exception invalidnameexception. I don't understand how to create a new entry within the directory structure of predefined tree. by the way, i can create users by active directory explorer but java application is giving exceptions.
Any help will be highly appreciated.A DistinguishedName is of the form e.g. "cn=username, ou=Users,dc=hostname,dc=com". In other words it contains attribute names and values for each name component. Evidently your DN doesn't do that.
-
How to update distinguishedName field in Active Directory?
HI all,
We are trying to create the Active Directory users from SAP . But we are not able to manipulate the Distingushed Name attribute to create the users inside the right OU. We tried to pass the value of OU name to the attribute 'o' which is not affecting
the distinguishedName attribute. kindly suggest ideas??You're after the Server > Directory Services forum I believe. Active Directory now covers multiple areas and the full name of the section you're interested in is Active Directory: Directory Services.
https://social.technet.microsoft.com/Forums/en-us/home?forum=winserverDS&filter=alltypes&sort=lastpostdesc -
Adding a listener to Active directory for user creation using Java
Hi,
I would like to add a listener to active directory such that when a user is created to the "Users" container, I should be notified or informed. I would like to do this with Java. What should I do ?
Regards,
Anand Kumar DYou should add a NamingListener or a NamespaceChangedListener.
-
Adding Custom Attributes in Activie Directory
hi
i've a requirement of getting few user properties from Active Directory into the user profile,for example i need the following properties.
user image
user birthday
user employee number
these properties are not available in the active directory,so how can i add these into the active directory and secondly how can i insert image of the user into the active directory property for imageThere are two ways here.
First:
You can ask your AD administrator to create an attribute for you so that you can use it.
Second:
You can use the thumbnailPhoto attribute for Images
You can use Employee ID for employee number
You can use roomnumber for Birthday. Birthday attribute is not present in AD. So, we would have to use some other attribute which matches. So, i would personally request you to create a new attribute inside AD for the same. For this please follow
this URL.
Thank You, Pallav S. Srivastav ----- If this helped you resolve your issue, please mark it Answered. -
Update distinguishedName field in Active Directory?
HI all,
We are trying to create the Active Directory users from SAP . But we are not able to manipulate the Distingushed Name attribute to create the users inside the right OU. We tried to pass the value of OU name to the attribute 'o' which is not affecting
the distinguishedName attribute. kindly suggest ideas??> As of now We are pointing the Base entry to The "Users" Folder.
What's the "base entry"?
> But the requirement is to create the users
> in their particular OU.
Then why don't you do so? I fail to understand what you're actually
doing, maybe some lines of sample code can explain.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :)) -
Problem adding some user or active directory group to sharepoint 2010 group
Hi All
I have a problem in a specific site collection in a web Application (but not on other site collection in that webApp).
whenever I add a user like some system account to a sharepoint group or create a new sharepoint group or add an ActiveDirectory group to a sharepoint group I get an error and the user / group are not added :
System.Runtime.InteropServices.COMException: [Work Email Address] - [Wrong Email Format] at Microsoft.SharePoint.Library.SPRequestInternalClass.EnsureUserExists(String bstrUrl, String bstrLogin, String bstrEmail, String bstrName, String
bstrNotes, String bstrMobilePhone, Int32 lFlags, Boolean bIsRole, Boolean bSendEmail, Boolean bForceAdd, Byte[]& ppsaSystemId, Boolean bImportDeleted, Int32& plUserId) at Microsoft.SharePoint.Library.SPRequest.EnsureUserExists(String
bstrUrl, String bstrLogin, String bstrEmail, String bstrName, String bstrNotes, String bstrMobilePhone, Int32 lFlags, Boolean bIsRole, Boolean bSendEmail, Boolean bForceAdd, Byte[]& ppsaSystemId, Boolean bImportDeleted, Int32& plUserId)
when I add a regular user - all goes well.
10x for any help
ShlomyHi Shlomy,
i was thinking, perhaps there is an application that use this checking method on your specific site collection, and perhaps it is using a hard-coded command to request it, but seems it got some issue.
as the other site collections, may not have the issue, so perhaps other site collections don't have this application, and you may check that as lead investigation process.
you may try to capture fiddler tool, it may come in handy on tracing the http requests.
http://fiddler2.com/
usually when i trace the application, i would like to create new site, and add the webpart or application one by one, then i may know which application/webpart that have the issue.
as other regular user may not have the issue, perhaps its because system account is by design to not have an email address properties, so when the application/webpart request for it, it become failure.
Regards,
Aries
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
Active Directory cn field not updated from sap HR using ldap.
Hi,
Apologies if this is in the wrong forum area.
I am using the LDAP facility to create and modify Active Directory records from sap HR. Initially, the name field cn that was coming across into AD was in the format of the logical system and employee number, eg, RD4CLNT22000000711.
I then implemented the BADI HRLDAP_ATTRIBUTES which then changed this name field cn in the active directory listing to the format; surname, forename.
It works fine when I create a new user, however the problem comes when I update the persons name in the sap hr module. The data that comes across into Active Directory shows the change to the persons surname sn, forename and displayname fields is there but the cn field is still showing as the previous name.
In short, when a new user is created, the cn field in active directory is correct
(surname, forename) but when the employees name is modified, that change is not brought across to the cn field even though the surname, forename and displayname fields are updated correctlyon AD.
We are on release 4.70.
Anyway, if anyone could help I would be very grateful.
Thanks
DavidHi
The problem it is causing us is that the cn field is incorrect and does not mirror the change in sap HR, therefore the Active Directory entry for the employee is not totally accurate.
When an employee changes their name in SAP HR - usually their surname, we would then want to update the employees active directory account to show this change and this includes the cn field also. At the moment the firstname, lastname fields do get updated with the change so we would want the cn field to show this as well otherwise the cn field would be incorrect and not match up with the employee's AD firstname & lastname fields.
Dave -
Create a User account in active directory from SharePoint online 2013 list data
Hello,
I am trying to create a SharePoint list through which i can create a user account into active directory,
1 - HR is sending the detail in the email body to a Specific email address ([email protected]) like below..
First Name: XYZ
Last Name: ABC
Address: ABC 123
Designation: Analyst
Employee ID: 10492
and so on
2 - I need to pickup every new email data of the above section into sharepoint list (in Column)
First Name Last Name Address Designation Employee ID
3 - I want to create a event receiver through which i can go ahead and find the new data in the list and then create a user in the active directory,
I tried very hard and since i dont have much experience in coding part, any help will be highly appreciated
Thank you
Aman1- Configure Incoming Email Setting at your SharePoint Farm -
https://technet.microsoft.com/en-us/library/cc262947.aspx
http://blogs.technet.com/b/harmeetw/archive/2012/12/29/sharepoint-2013-configure-incoming-emails-with-exchange-server-2013.aspx
2- Configure your Sharepoint List Incoming e-mail settings for [email protected] - ListSetting-Communications->Incoming e-mail settings. -
https://support.office.com/en-in/article/Enable-and-configure-e-mail-support-for-a-list-or-library-dcaf44a0-1d9b-451a-84c7-6c52e7db908e
3- Write an Incoming Email Receiver , and Add you Email Body Parsing Code (retrive value of fields , firstname , lastname etc) in
EmailReceived() method. also add the code for adding new user in Active Directory
http://blogs.msdn.com/b/tejasr/archive/2010/03/06/event-handler-code-to-add-incoming-emails-with-subject-discussion-id-as-replies.aspx
https://pholpar.wordpress.com/2010/01/13/creating-a-simple-email-receiver-for-a-document-library/
4- Active Directory Code Help -
http://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C
http://www.codeproject.com/Tips/534718/Add-User-to-Active-Directory
Thanks
Ganesh Jat [My Blog |
LinkedIn | Twitter ]
Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful. -
Active Directory not replicating from SBS 2003 to Server 2008 R2 Standard
I have an old SBS 2003 server and am migrating to a 2008 R2 server. I followed this guide:
http://demazter.wordpress.com/2010/04/29/migrate-small-business-server-2003-to-exchange-2010-and-windows-2008-r2/
I followed the guide (except the exchange stuff, because they are moving from exchange to Google apps for business) and everything went fine.
I removed the sbs from Domain controller status (dcpromo'ed it out) and everything seemed to go fine. I haven't turned off the old server yet, because they are still using it for a couple of other unrelated applications.
After I did this I added new computers to active directory, but they only showed up on the active directory on the old sbs (I think something went wrong when I too the old sbs out of domain controller status).
I ran dcdiag on the new server and this is the result:
Time Generated: 01/10/2014 14:57:56
Event String:
The SiSRaid4 service failed to start due to the following error:
An error event occurred. EventID: 0xC0001B58
Time Generated: 01/10/2014 14:57:56
Event String:
The stexstor service failed to start due to the following error:
An error event occurred. EventID: 0xC0001B58
Time Generated: 01/10/2014 14:57:56
Event String:
The vhdmp service failed to start due to the following error:
An error event occurred. EventID: 0xC0001B58
Time Generated: 01/10/2014 14:57:56
Event String:
The vsmraid service failed to start due to the following error:
A warning event occurred. EventID: 0x8000001D
Time Generated: 01/10/2014 14:58:00
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An error event occurred. EventID: 0x0000164A
Time Generated: 01/10/2014 14:58:20
Event String:
The Netlogon service could not create server share C:\Windows\SYSVOL
\sysvol\PIIKANIPW.local\SCRIPTS. The following error occurred:
An error event occurred. EventID: 0xC0001B58
Time Generated: 01/10/2014 14:58:21
Event String:
The Qntm3520 service failed to start due to the following error:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 14:58:36
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
A warning event occurred. EventID: 0x00002724
Time Generated: 01/10/2014 14:58:40
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
A warning event occurred. EventID: 0x800013B8
Time Generated: 01/10/2014 14:58:49
Event String:
The application '/tmsWebAgent' belonging to site '1' has an invalid
AppPoolId 'Classic .NET AppPool' set. Therefore, the application will be ignore
d.
A warning event occurred. EventID: 0x80003BC4
Time Generated: 01/10/2014 15:01:53
Event String:
SSL Certificate Settings deleted for Port : 0.0.0.0:50106 .
A warning event occurred. EventID: 0x80003BC5
Time Generated: 01/10/2014 15:01:53
Event String:
SSL Certificate Settings created by an admin process for Port : 0.0.
0.0:50106 .
An error event occurred. EventID: 0xC0001B7A
Time Generated: 01/10/2014 15:01:59
Event String:
The TMS Print Agent service terminated unexpectedly. It has done th
is 1 time(s).
A warning event occurred. EventID: 0x0000000C
Time Generated: 01/10/2014 15:02:00
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An error event occurred. EventID: 0x0000165B
Time Generated: 01/10/2014 15:02:34
Event String:
The session setup from computer 'PK-PC1' failed because the se
curity database does not contain a trust account 'PK-PC1$' referenced by t
he specified computer.
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:03:37
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
A warning event occurred. EventID: 0x000727AA
Time Generated: 01/10/2014 15:04:01
Event String:
The WinRM service failed to create the following SPNs: WSMAN/PKDC01.
PIIKANIPW.local; WSMAN/PKDC01.
A warning event occurred. EventID: 0x80003BC4
Time Generated: 01/10/2014 15:06:54
Event String:
SSL Certificate Settings deleted for Port : 0.0.0.0:50106 .
A warning event occurred. EventID: 0x80003BC5
Time Generated: 01/10/2014 15:06:54
Event String:
SSL Certificate Settings created by an admin process for Port : 0.0.
0.0:50106 .
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:08:37
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x000016AD
Time Generated: 01/10/2014 15:13:21
Event String:
The session setup from the computer PK-PC1 failed to authentic
ate. The following error occurred:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:13:38
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:18:39
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:20:28
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000457
Time Generated: 01/10/2014 15:20:33
Event String:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:23:39
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:28:40
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:33:41
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved. This issue may be
transient and could be caused by one or more of the following:
An error event occurred. EventID: 0x00000422
Time Generated: 01/10/2014 15:38:41
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\PIIKANIPW.local\sysvol\PIIKANIPW.local\Policies\{31B2F340-016D-11D2-945F
-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Po
licy settings may not be applied until this event is resolved.
......................... PKDC01 failed test SystemLog
Starting test: VerifyReferences
......................... PKDC01 passed test VerifyReferences
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : PIIKANIPW
Starting test: CheckSDRefDom
......................... PIIKANIPW passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... PIIKANIPW passed test CrossRefValidation
Running enterprise tests on : PIIKANIPW.local
Starting test: LocatorCheck
......................... PIIKANIPW.local passed test LocatorCheck
Starting test: Intersite
......................... PIIKANIPW.local passed test Intersite
I also noticed that the SYSvol share on the new server is empty and the NETLOGON share doesn't exist.
Please help! Thanks.Hi,
Do you currently have any relevant errors in your System or Application logs?
Seems like the replication is not successfully.
An SBS server shouldn't shut down upon detecting the existence of another DC as that's a fully supported scenario.
Regards.
Vivian Wang -
GRC CUP how to pull manager from Global directory or Active directory
Hi,
how can i pull manager from global directory or active directory as approver.We are designing dual control approval process.First manager from global directory can approve then role owner.In workflow stages i can only see approvers information has to be entered manaually in CAD.Also i am looking when requestor requesting request,it should automatically fetch manager information on the request page,once user id selected.
Thanks
MushuDear Mushu,
Two things you need to do
1.) Maintain the Manager's Field in Active Directory and do mapping in CUP>Configuration>Field Mapping-->LDAP Mapping
2.) Keep LDAP as authentication system so that whenever a User has to log into the CUP he will do using his network id and his manager is automatically pulled from Active Directory.
Then in the workflow you can keep the approver determinator as Manager by which the request will routed to the appropriate manager. Hope that helps.
Edited by: celestemay17 on Dec 8, 2010 12:05 PM -
Hello,
I just installed Windows Server 2012. After adding the DNS and Active Directory Features/Roles to the server, I noticed that Active Directory Services is not running, but it is disabled. When I try to start the service, I receive the error - The Active Directory
Domain Services service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.
Any ideas of what could cause this?Hi,
Please ensure that the Active Directory domain services are run under Local System account, you can find the account information from the Log On tab.
After adding the DNS and Active Directory Features/Roles to the server, I noticed that Active Directory Services is not running, but it is disabled
As Seb mentioned, did you promote the server to be Domain Controller after installation? If not, there should be a yellow warning sign in Server Manager as below.
Best Regards,
Amy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
Creating custom fields for manual entry and fields that gather data from Active Directory
So I am no SQL developer but I am being asked to do this.. I've spent the last few days researching but cannot find anything related to my particular situation.
I have made a copy of the following report to add or modify a few columns:
Hardware 01A - Summary of computers in a specific collection
So I have 2 questions:
How do I create a field that will search the "Managed By" tab in the Computer Properties window in Active Directory.
How do I create a field that can be manually updated for example: "Date Deployed" or "Deployed By: Analyst"
I understand I need edit this in SQL report builder and think I know how to create the columns. I believe all I am really asking is.. What are the SQL statements I need to write in order to get this to work?
I'm sure it's not as cut and dry as I hope it to be so I will be standing by to try to answer any further information that you will want to know.
thanks!Before you can accomplish this you need:
"Managed by" -attribute has to be added to your Active Directory System Discovery, more on this here: http://technet.microsoft.com/en-us/library/bb693618.aspx
For "Date Deployed", I'd use a custom Tattoo script in your task sequence to "Tattoo" the installation info in the registry, after that I'd configure the Hardware Inventory to pick that from the registry, more on this here: http://ccmexec.com/2012/08/script-to-tattoo-the-client-registry-during-osd/
and here: http://www.petervanderwoude.nl/post/reporting-about-the-all-the-different-os-deployment-versions-with-configmgr-2012/
After those prerequisites, you can start working with SQL reports. More info here: http://myitforum.com/myitforumwp/2012/10/29/sccm-2012-reporting-for-dummies-creating-your-own-ssrs-reports/ -
UME connected to Active Directory. How to change what fields are available
I have successfully changed my UME to point to Active Directory. I'll describe process further on in post. My issue now is how to modify what AD fields will be available in UME and what UME fields they'll be 'mapped' to.
I'll try to describe the process I've gone through so far:
1) Download the 'dataSourceConfiguration_ads_readonly_db.xml' file from Config Tool
2) Renamed file and added the following:
a) in <responsibleFor><principal type="user"> <nameSpaces><nameSpace name="com.sap.security.core.usermanagement"><attributes> section I added a <attribute name="xxx"/> tag for each new field I wanted. 'xxx' is, of course, the name of the field
b) in <attributeMapping><principals><principal type="user"> <nameSpaces><nameSpace name="com.sap.security.core.usermanagement"><attributes> section I added a <attribute name="xxx"><physicalAttribute name="yyy"/></attribute> tag for each new field I wanted. 'xxx' is, of course, the name of the field in UME and 'yyy' is the field in the LDAP
Then I uploaded the new file into Config Tool and switched the "Data source configuration file" selection to that new file. Saved the change and restarted the engine.
When I ran some test code I was getting information back from the user's AD entry. For example, I tested the email field. This is a field that is not maintained in the UME but I got the correct value back so I knew it was getting it from AD.
Then I wanted to see if I could get one of the new fields. When I ran my test code the user.getXxx() method call returend null.
Since I knew that getting the e-mail worked I thought I'd change the mapping for the email UME field to point to the 'yyy' field in AD. I did this by making this change:
<b>FROM:</b>
<attribute name="email">
<physicalAttribute name="mail"/>
</attribute>
<b>TO:</b>
<attribute name="email">
<physicalAttribute name="yyy"/>
</attribute>
I then uploaded that new xml file and switched to it in Config Tool. Then I restarted the engine.
However, when I ran my test code (see below for snippet) it still shows the email value instead of the value of field 'yyy'.
Any help would be GREATLY appreciated.
<b>Web Dynpro code snippet:</b>
String input = "smith";
IUserFactory userFactory = UMFactory.getUserFactory();
try {
IUserSearchFilter searchFilter = userFactory.getUserSearchFilter();
searchFilter.setLastName(input, ISearchAttribute.LIKE_OPERATOR, false);
ISearchResult searchResult = userFactory.searchUsers(searchFilter);
while (searchResult.hasNext()) {
String userID = (String)searchResult.next();
IUser user = userFactory.getUser(userID);
String email = user.getEmail();
} catch (UMException e1) {
//error handlingUpdate. I uploaded the wrong file the 2nd time. When I changed the XML file to 'bind' theAD field to the 'email' UME field, my code did return the AD value when I did
user.getEmail();
However, I'm still not able to get the AD field bound to any other UME field that wasn't part of the default XML file.
Is there something else I need to do besides adding the tags I described in my original entry?
Thanks
Maybe you are looking for
-
How do I share a computer account with a network account?
So I've had my Macbook for about two years now, and up until now the only account I've had is the one I initially set up for myself. This year for school I had to set up my computer so that I could log into it via a network account. This required me
-
How to prevent Microsoft word from switching which desktop I am on?
I have a 2011 Macbook Pro, OSX Version 10.9.2 as well as microsoft word for mac 2011 (the most recent update). I have had an issue for a number of years where when I have microsoft word open in one desktop and am using another application in another
-
TT89 for MN - Not calculating correctly
Hi, TT 89 for MN is not calculating correctlty - BSi Message status is as appended below. 2000 NO COMPANY UT EXPERIENCE RATE INFORMATION FOR THE MINNESOTA STATE UT TAX WAS FOU ND. THIS TAX HAS BEEN CALCULATED USING THE BASE RATE. THIS RESULT MAY
-
Quad dual 20" displays or single 23" display?
I have a Quad with the stock Nvidia Geforce 6600. I was originally thinking of a 23" HD display, but recently I was considering two 20" displays instead. I believe I coulf get two good quality 20" displays for the price of a single 23" display. What'
-
Where does one make a bug report for ios 6? I'm having an issue with video/vga output from my iphone.