Corporate Directory mail group members

Similar Messages

• Convergence 2 Corporate Directory - Removing "Groups" Dialog

  Under the Address Book, under Corporate Directory, there is a dialog for "Groups".
  There are certain internal LDAP groups that are in there that we don't want our users having access to. How do I keep these from displaying? Is it possible to disable the entire Groups dialog?

  Under the Address Book, under Corporate Directory, there is a dialog for "Groups".
  There are certain internal LDAP groups that are in there that we don't want our users having access to. How do I keep these from displaying? Is it possible to disable the entire Groups dialog?

• Convergence Corporate Address Book with Mail Groups

  Hi
  I'm not sure if this expected behavior or a bug but a search for a mail group in the Corporate Directory of Convergence returns the name of the group in the list in the left panel but no details of the group (such as mail address) in the panel on the right. The Corporate Directory search works correctly for people and returns the full set of attributes.
  The version of Convergence is:
  ./iwcadmin -V
  Sun Convergence 1.0-4.01 (built December 8 2008 - 14:54:08)Platform:
  uname -a
  SunOS mail1 5.10 Generic_138889-03 i86pc i386 i86pcThe iwcadmin options relating to search:
  ab.corpdir.[default].searchattr = entry/displayname,@uid,person/surname
  ab.corpdir.[default].searchfilter =
  ab.corpdir.[default].urlmatch = ldap://corpdirectoryThere are no errors in iwc.log and the LDAP search suggests all attributes are requested. For example, an extract from the LDAP access log when searching for a group called cn=systems:
  [01/Apr/2009:09:59:54 +0100] conn=10882 op=31 msgId=101 - SRCH base="o=xxxxx" scope=2
  filter="(|(uid=systems)(sn=systems)(cn=systems))" attrs="* createTimestamp"
  [01/Apr/2009:09:59:54 +0100] conn=10882 op=31 msgId=101 - RESULT err=0 tag=101 nentries=1 etime=0In case there are some missing objectclasses or attributes in our group definitions (which were imported from an earlier version of Messaging Server (5.2)), here is an LDIF file for an example group:
  dn: cn=systems,ou=Groups,o=xxx.com,o=isp
  mgmanHidden: false
  mgmanMemberVisibility: NONE
  mgmanJoinability: NONE
  mgrpErrorsTo: [email protected]
  preferredLanguage: en
  mailDeliveryOption: members
  inetMailGroupStatus: active
  mailHost: mail.xxx.com
  mail: [email protected]
  cn: systems
  objectClass: top
  objectClass: groupOfUniqueNames
  objectClass: inetMailGroup
  objectClass: inetMailGroupManagement
  objectClass: inetLocalMailRecipient
  objectClass: nsManagedMailList
  owner: uid=sysadmin,ou=People,o=xxx.com,o=isp
  description: Systems Team
  uniqueMember: uid=user1,ou=People,o=xxx.com,o=isp
  uniqueMember: uid=user2,ou=People,o=xxx.com,o=ispThanks,
  Alan

  cs0alu wrote:
  I'm not sure if this expected behavior or a bug but a search for a mail group in the Corporate Directory of Convergence returns the name of the group in the list in the left panel but no details of the group (such as mail address) in the panel on the right. The Corporate Directory search works correctly for people and returns the full set of attributes.This is the expected behaviour in the version of Convergence that you are using. In the next Convergence patch (-07 a.k.a. Convergence update 2) selecting a corporate directory group will display additional group related information including a brief listing of the members of the group and email address.
  Note however that group view functionality will not mirror that provided by UWC/CE i.e. the ability to expand and view details for each group member. There is an existing RFE to have this functionality added in a future revision of Convergence:
  RFE#6801528 - "Provide mechanism to view members of corporate directory groups"
  Regards,
  Shane.

• How to populate members in AD Directory Users group

  I have a Mountain Lion Server bound to Active Directory hosted on a Windows 2003 server.  After binding I can see all active directory users and groups in Server.app however some groups will not populate the group members, namely Domain Users, Domain Computers and a few other built in groups.  These groups are default groups that are populated automatically with any user or computer joined to the domain.  This isn't that big a deal except that I want to use these groups to apply settings in profile manager.  Since the group members will not populate the settings do not apply.  It kind of makes sense that these groups would not populate since users/computers are assigned to them automatically and the mac server may not be able to read the proper data to fill these groups but this seems like a major flaw.
  Any ideas to make this work?

  Hi,
  you should use OUs (an OU is they type of object (folder) that is available for you to easily create.
  The object type you are asking about is a "container", and there are various reasons why an OU is more flexible (applying GPO, etc).
  Refer: Delegating Administration by Using OU Objects
  http://technet.microsoft.com/en-us/library/cc780779(v=ws.10).aspx   
  and the sub-articles:
  Administration of Default Containers and OUs
  http://technet.microsoft.com/en-us/library/cc728418(v=ws.10).aspx
  Delegating Administration of Account and Resource OUs
  http://technet.microsoft.com/en-us/library/cc784406(v=ws.10).aspx
  Also: http://technet.microsoft.com/en-us/library/cc961764.aspx
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Convergence 2 - How to hide Corporate Directory Groups?

  first post!
  Convergence 2 shows Groups under Corporate Directory in the Address Book interface as well as the Compose autocomplete.
  We don't use CAB groups, so how do I go about disabling Groups from showing up in the interface?

  As always, you are such a reliable source of help! :-)
  That robots.txt you mentioned...do what with that?  I mean, how does that tell it "dont index the images"? For that matter, there are tons of pages on the server I don't want being indexed yet either because they are half baked for later development.
  Thanks!
  Create the file, and upload it to the root directory.  It's as simple as that.  But you'll have to read the details on the google hits to see the exact syntax of the exclusions.
  Now - here's why this is happening....
  Somewhere, google has found a link to this URL -
  http://bluehippotravel.com/photos/destinations/TH/
  The bluehippotravel host has NOT disabled directory browsing.  When you browse to that URL, instead of getting a FORBIDDEN message like you should, you get a page listing the contents of that directory.  Google is indexing that page.  Ask your host to turn off directory browsing for that folder.

• Get Password Expiration Date of Group members in Active Directory

  hi,
  How can I get password Expiration date of Group members in Active Directory – please advise me
  Fasil CV

  Or DSQUERY Commands.
  dsget group "CN=Group1,DC=myinfralab,DC=com" -members | dsget user - -acctexpires
  Santhosh Sivarajan | Houston, TX | www.sivarajan.com
  ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA
  Windows Server 2012 Book - Migrating from 2008 to Windows Server 2012
  Blogs: Blogs
  Twitter: Twitter
  LinkedIn: LinkedIn
  Facebook: Facebook
  Microsoft Virtual Academy:
  Microsoft Virtual Academy
  This posting is provided AS IS with no warranties, and confers no rights.

• How to bulk add group members in Open Directory

  So the workgroup manager interface is ghey. The + sign to add group members drag&drops users one at a time. I need to bulk add group members.
  I tried ldapadd to add all the users quickly and that doesn't seem to work. The ldap group record now has all the users populated, under the multivalued attribute memberUid), but workgroup manager doesn't see the bulk group members.
  Any idea how to do this?

  Use tcsh SHELL builtin command 'foreach' to accomplish this:
  $ tcsh
  $ which foreach
  foreach: shell built-in command.
  $ foreach user (`cat users.txt`)
  foreach? echo adding $user to group
  foreach? /usr/bin/dscl -u diradmin -P [passwd] /LDAPv3/127.0.0.1 append /Groups/yourgroup GroupMembership $user
  foreach? end

• How to define a mail group email address?

  Hi,
  I have defined several groups and would like to use them as a mail group. By the default the address is [email protected]
  I have defined several virtual domains on my server that can accept mails for individual user. I would like to have the following address working [email protected]
  How can I set it up as the email cannot be set for groups in the workgroup manager (It is only working for users).
  I also tried with the directory utility but I can create an Emailaddress key for a group or an user but it is not taken into account by the mail server. (workgroup manager probably does more than just creating an entry on the open directory :-( )
  Thanks for you help !
  Frédéric

  group addresses have been broken for some time.
  I've used scripts to create aliases based on a group name and its members.
  Below is a script that I've used on 10.7 with users in LDAP.
  Any group which has a comment of 'mail' will be turned into an alias with the proper recipients.
  You'll need to run it on a schedule (unless you want to run it manually) and you'll need to modify it for 10.8 and your specific environment.
  I'll try to put together a 10.8 version sometime soon...
  cd /etc/postfix
  # clear current aliases
  echo "" > group_aliases.tmp
  # Get list of groups with 'mail' in the comment field
  gr=`dscl /LDAPv3/127.0.0.1 -list /Groups Comment | grep mail | awk '{print $1}'`
  for group in $gr
     do
        echo $group: `dscl /LDAPv3/127.0.0.1 -read /Groups/$group dsAttrTypeNative:memberUid | cut -d : -f 3 | grep -v "No such key"` >> group_aliases.tmp
     done
  cmp -s group_aliases.tmp group_aliases > /dev/null
     if [ $? -eq 1 ]; then
        echo different
        cp group_aliases.tmp group_aliases
        /usr/sbin/postalias /etc/postfix/group_aliases
        /usr/bin/newaliases
     else
        echo same
     fi
  exit

• How to specify which group members have wiki write permissions

  In the 10.5 Workgroup Manager, Basic tab, there are two drop down boxes after the checked boxes for enbabling wiki, blog, mailing lists, web calendar, et al -
  Allow [group members only | some group members | authenticated users | anyone]
  to write to these services.
  If I select "some group members" how do I actually say which group members? I see nowhere that I can specify that.
  Specifically this is in regards to the wiki.

  Unless I'm missing something, the directory.app only lets me do the same thing the Server Admin does, add people to a group and enable services to that group.
  For example I have a group called Techs, they have a mailing list and wiki.
  Some of the junior techs I only want to have read access, others write access.
  I don't see how I can specify user1 has read only access but user2 and user3 have write access.

• Corporate e-mail no longer works after software update

  I recently upgraded to GB and can no longer get my work e-mail through Corporate Sync.  "The device cannot be provisioned on this server."  My IT group has changed nothing on their end.  I've tried several freeware apps with no luck getting errors like "This server requires security features your phone does not support."  Up until the software update, my phone was fine and I'd been syncing for eight months using corporate sync.  

  Thank you to the community for the replies.
  Its very frustrating to be having email issues. I'm here to help. Did Any of these suggestion resolve the issue? Have you downloaded any applications that effect or sync email? Are you still experiencing sync issues? As long as your device is backed up with Gmail and you know that log in information. Please hard reset the device and attempt to add the corporate e-mail again.
  Thank you

• Unable to find Active Directory Domain Groups via /_vti_bin/UserGroup.asmx GetRoleCollectionFromGroup

  Hi, I am writing a Powershell script locally on my machine to aggregate data from SharePoint 2010 and Active Directory.  All groups in our SP environment are Active Directory Domain Groups (AD DG).  Accessing group members via SharePoint is not
  possible (as many of you already know).  My plan was to pull Domain Group lists and aggregate AD DG data with SharePoint data (permission levels, etc...).  I unfortunately ran into a problem when I realized that AD DGs are not considered "SP
  Groups" but instead are considered user??? 
  How do I leverage SharePoint web services to perform an action similar to /_vti_bin/UserGroup.asmx > GetRoleCollectionFromGroup?  I do not want to perform this action on the server, but locally on my machine.  When I run the below script
  it throws a 401 error and complains it "can't find the group".  Keep in mind I am trying to get info on a
  AD Domain Group, not a
  SharePoint Group.  I think that is the underlying reason this request keeps failing as I tested the below script on SP groups and it worked perfectly.
  clear
  $CRED = Get-Credential
  [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
  $uri = "http://{site}/_vti_bin/UserGroup.asmx"
  $soap = '<?xml version="1.0" encoding="utf-8"?>'
  $soap+= '<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">'
  $soap+= '<soap:Body>'
  $soap+= '<GetRoleCollectionFromGroup xmlns="http://schemas.microsoft.com/sharepoint/soap/directory/">'
  $soap+= '<groupName>TestGroup</groupName>'
  $soap+= '</GetRoleCollectionFromGroup>'
  $soap+= '</soap:Body>'
  $soap+= '</soap:Envelope>'
  [xml]$WF = Invoke-RestMethod $uri -Credential $CRED -Method POST -ContentType "text/xml" -Body $soap
  echo $WF
  $WF.Envelope.Body.GetRoleCollectionFromGroupResponse.GetRoleCollectionFromGroupResult.GetRoleCollectionFromGroup.Roles.Role
  Thank you. 

  Hi, I am writing a Powershell script locally on my machine to aggregate data from SharePoint 2010 and Active Directory.  All groups in our SP environment are Active Directory Domain Groups (AD DG).  Accessing group members via SharePoint is not
  possible (as many of you already know).  My plan was to pull Domain Group lists and aggregate AD DG data with SharePoint data (permission levels, etc...).  I unfortunately ran into a problem when I realized that AD DGs are not considered "SP
  Groups" but instead are considered user??? 
  How do I leverage SharePoint web services to perform an action similar to /_vti_bin/UserGroup.asmx > GetRoleCollectionFromGroup?  I do not want to perform this action on the server, but locally on my machine.  When I run the below script
  it throws a 401 error and complains it "can't find the group".  Keep in mind I am trying to get info on a
  AD Domain Group, not a
  SharePoint Group.  I think that is the underlying reason this request keeps failing as I tested the below script on SP groups and it worked perfectly.
  clear
  $CRED = Get-Credential
  [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
  $uri = "http://{site}/_vti_bin/UserGroup.asmx"
  $soap = '<?xml version="1.0" encoding="utf-8"?>'
  $soap+= '<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">'
  $soap+= '<soap:Body>'
  $soap+= '<GetRoleCollectionFromGroup xmlns="http://schemas.microsoft.com/sharepoint/soap/directory/">'
  $soap+= '<groupName>TestGroup</groupName>'
  $soap+= '</GetRoleCollectionFromGroup>'
  $soap+= '</soap:Body>'
  $soap+= '</soap:Envelope>'
  [xml]$WF = Invoke-RestMethod $uri -Credential $CRED -Method POST -ContentType "text/xml" -Body $soap
  echo $WF
  $WF.Envelope.Body.GetRoleCollectionFromGroupResponse.GetRoleCollectionFromGroupResult.GetRoleCollectionFromGroup.Roles.Role
  Thank you. 

• Need to add mobile (cell) phone in corporate directory via LDAP

  Hello All
  Can I just start by saying that I am not a developer so expect some dumb questions to follow.
  We have cucm 6.1 and am using ldap sync to AD. The problem is that we would like to query the mobile phone field within AD and present it on the phone when the directory button is pressed.
  Is this possible ?
  From what I have read in the forums I have to create another directory ???
  I have downloaded the sdk 4.1 and tried to copy the asp files from the following directory C:\CiscoIPServices\ASP\ldap
  I have replaced the variables
  var s = new ActiveXObject("LDAPSEARCH.LDAPSearchList");
  s.server = "ldap.cisco.com";
  s.searchbase = "ou=people,o=cisco.com";
  with
  var s = new ActiveXObject("LDAPSEARCH.LDAPSearchList");
  s.server = "demounity.demo.voyager.net.uk";
  s.searchbase = "ou=users,ou=demo,dc=demo,dc=voyager,dc=net,dc=uk";
  s.SetOutputTitle("ActiveX Directory Search", 45);
  s.SetOutputPrompt("Records %s to %e of total %c", 45);
  s.AddReturnAttr("givenName,sn","Name","%1,%2", 20);
  s.AddreturnAttr("telephonenumber","Telephone","%1", 20);
  s.AddreturnAttr("mobile","Mobile","%1", 20);
  s.Addreturnattr("mail","Email","%1", 20);
  s.AddSortingAttr("telephonenumber", 1);
  s.SearchByEmail(email);
  I made these changes to all the asp files and referenced them all in a file called test_main.asp. Which is similar to the ASP_main.asp.
  I have run the regsvr32 LDAPSearch.dll and have added the following url to the phones directory url field ttp://192.168.9.101/CiscoIPServices/ldap/test_main.asp. Where 192.168.9.101 is my AD and IIS server (demounity.demo).
  The phone only display the Missed, received and places calls when I press the directory button. The corporate directory is missing.
  Are there any steps that I am missing or am I barking up the wrong tree all together
  to achieve what I need to ?
  I have also configured the CiscoUrlproxy for what reason I don't really understand.
  Thanks
  Feisal

  Since the CCM is a black box now, unless you pull out a HD and mount it on another Linux box where you have full access, or booting from a Linux boot CD there's no way to access the file system.
  However, you posted an ASP sample so I'm not sure if a jsp (java server page) would help you a lot - there's also no way of telling how much logic will be in the jsp page and how much logic will be behind in a compiled class - e.g. my own directories only have very basic logic (reading input, writing output, limit the number of results per page) and everything else is done in a bunch of jar files - so using them would only work if you can restrict yourself to doing exactly what my frontend page does.

• Missing group members in ADSI & LDAP

  Hi there. I have an AD problem here (obviously :))
  It started by wanting to list all members of a group (recursivly, but that does not matter for now, the problem occurs on a single group).
  I tried this in Powershell, but our AD is still  on 2003, so no AD web services, so no powershell.
  In PHP & Java I got the same results: It only shows 3 members, where there should be 23.
  In Active Directory Computers & Users, these 23 (including a group) are listed on the member tab.
  In ADSI I see only the 3 entries mentioned above in the attribute "member", and the other users don't have the membersOf attribute backlink.
  dsget group -members (-expand) works properly.
  Where do Active Directory Computers & Users and dsget get their information regarding group members from, and how can I access that programmatically via LDAP access from php or Java?

  Sorry, forgot about the Domain Users or the Domain Admins group over the link/image upload issue.
  No, it wasn't these groups.
  But: you were on the right path. The term primary group is what I was missing.
  The group is for one of our roadwarrior subsidiaries, and they are not Domain users as primary group, but the one shown here.
  Do you happen to know which LDAP attributes represent the primary group association?
  The primaryGroupID attriute store the RID of the group that is assigned as the primary group. This was to work around the limitation in Windows 2000 before LVR (Linked-Value Replication) so that more than 5000 users could be member of the same group. (It also
  plays a role for POSIX - Services for Mac clients)
  Enfo Zipper
  Christoffer Andersson – Principal Advisor
  http://blogs.chrisse.se - Directory Services Blog

• Authentication on external quarantine for group members

  Hi there,
  we're using LDAP as end-user authentication method to our external quarantine box (M670, 7.2.1-036).
  How does the authentication works, if a message to a distribution list ("[email protected]") is identified as positive spam ? I think there is no password for "dl", since this is a Active Directory mail-enabled group. How can a group member release/delete these quarantined messages, when "New Message Table" is not used in spam notifications?
  Thomas

  Hi,
  a message sent to a distribution list flagged as Spam needs to be released/deleted by each single recipient.  If the list of new Spam messages is not listed in the Spam digest, then the user needs to login to the ISQ using the LDAP authentication credentials to access the ISQ directly. 
  Best regards,
  Enrico

• Using Microsoft Exchange to access Gmail (Google Apps for Business) contacts, what is the best way to sync the Corporate Directory?

  Using Microsoft Exchange to access Gmail (Google Apps for Business) contacts, what is the best way to sync the Corporate Directory? For instance, we have 40 staff members and wish to populate each phone with the Gmail profile. Right now we have a third party Android app that does this and copies my contacts to each phone. This is problematic. Any solutions to populate a phone with email and phone contacts? Even it it requires double entry for me...thats ok.

  Oh, I meant Leopard does do more than Tiger Server.
  I don't know enough about Server, even less abut Syncing.
  SL is to new, not enough time to iron out the kinks yet imho.
  One day SL will be better than Leo, but...
  I'd ask over in server...
  http://discussions.apple.com/category.jspa?categoryID=96
  Or perhaps Collaboration Services...
  http://discussions.apple.com/forum.jspa?forumID=1352
  They may even have a different opinion on SL.