MySites for non-Active Directory users

Hi,
we are planning to provide a collaboration farm for
internal users (AD)
external users (external AD, no-trust relationship)
We plan to authenticate users via Claims/ADFS. The idea is to provide a MySite-Farm.
Questions
Are there any issues with providing MySites to non-AD users?
Are there any limitations for providing MySites to non-AD users?
Sven

Hi,
According to your post, my understanding is that you wanted to create MySite for non-Active Directory users.
Yes, it is possible to create them for non-AD users on on-premises SharePoint farms.
You can use the ADFS authenticate to import the users to the user profile database, then create the MySite.
If you are trusted the users to access your site or give them appropriate permissions, I don’t think there are some limitations to create MySite for non-AD users.
Thanks,
Jason
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Jason Guo
TechNet Community Support

Similar Messages

Non Active Directory users are not able to access sharepoint top level site

I have created a sharepoint group with read permission on top level site and I added the NON AD users to that group but the non ad users are unable to access top level site ,they are able to access remaining all subsites without any issue.I am facing
this issue only with NON AD users....I have checked the page layouts , all the layouts are in published mode.All the webparts and Lists on Default.aspx page has all users access permissions.Do I need to change anything in central administration
for this webapplication.

Hi,
Could you please reproduce the issue and collect error information in ULS log for troubleshooting?
For your convenience:
http://blogs.msdn.com/b/opal/archive/2009/12/22/uls-viewer-for-sharepoint-2010-troubleshooting.aspx
Regards,
Rebecca Tu
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected]

Default preferences for every active directory users

Hi,
I have been searching for a solution to this for a long time and I hope somebody out there can help because I am sure that it is a common request on corporate networks.
I am trying to configure a default desktop that provides exactly the same settings for all users that log into the machine for example the dock to be on the left hand side with program icons in a particular order from top to bottom. I would also like to set magnification preferences on the dock bar. Currently when new users log on it defaults back to a default setting e.g dock on the bottom with applications in the wrong order etc. I work with a Windows XP network (save the sighs!!)and it is easy to set this up by logging in as a default user and configuring the start menu and desktop setting etc, which would then apply the same config to all new users on the system.
I hope I have explained the situation clearly enough!!
Thanks
J

Thanks Joe,
I recently found an article that worked for me also and didnt require me to use the command window at all. All I had to do was log in as any user, set up the dock bar to be on the left, magnification preference, icon precedence etc. Then once this was completed, all I did was copy the preference folder from the recently configured user cached account on the hard disk and paste it into the user template/english.lproj folder. I then deleted the cached user account when logged on as root and then I logged on again as a 'New' user and whoalla it worked. The dock bar was on the left with the magnification and icon precedence all in the right place.
Thanks for your help any ways, much appreciated.
One last thing.....(I wonder if you can help or point me in the right direction?) I have around 52 macs to install on our site and I want to streamline the whole process by cloning the hard disk of one mac to all of them. I need to install several applications including creative suite 2, add it to the active directoy domain and then configure the default desktop as solved previously. Remote desktop 3 has been mentioned as a solution, but can this clone actual hard disks of macs and put them onto clients? or is it a case of manually cloning it to a firewire/ USB 2 hard disk and then doing a clone one by one. We use ghost to image all the pc's by net booting to an image server, would it be something similar I would require e.g. a mac server of some kind or would remote desktop do this for me in automator?
You help or anybody elses is much appreciated!
Regards
J

Outlook 2003 mail delivery failed for Active Directory user

Server 2003/Exchange2003
We are using an outside company (Integra) to handle our email and only use Exchange for shared archived email.
When configuring active directory users the wizard automatically sets up email entries in the format: [email protected]
When responding to a meeting invite from outlook to a local AD user, all users receive undeliverable messages for the accounts in the format [email protected] as below...
The example below was a bounce back when I accepted the invite. The invite shows up on my calendar just fine.
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
[email protected]
    Unrouteable address
------ This is a copy of the message, including all the headers. ------
Return-path: <[email protected]>
Received: from wsip-70-166-120-183.ph.ph.cox.net ([70.166.120.183] helo=PK01)
   by arelay1 with esmtpa (Exim 4.72)
   (envelope-from <[email protected]>)
   id 1W8D9b-0001kB-24
   for [email protected]; Tue, 28 Jan 2014 10:12:56 -0800
From: "Kevin Simmons" <[email protected]>
To: "miguel saucedo" <[email protected]>
Subject: Accepted: Miguel Chaperone School
Date: Tue, 28 Jan 2014 11:13:05 -0700
Message-ID: <398EA47278F54C9FA9CFFB725FD6C079@PK01>
MIME-Version: 1.0
Content-Type: text/calendar; method=REPLY;
   charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Ac8cSpjUhKBGTbBKQt+PScNbb6MWwAABfTJgAABJyYAAALiiEA==
X-MimeOLE: Produced By Microsoft MimeOLE V6.3.9600.16384
BEGIN:VCALENDAR
PRODID:-//Microsoft Corporation//Outlook 11.0 MIMEDIR//EN VERSION:2.0 METHOD:REPLY BEGIN:VEVENT ORGANIZER:MAILTO:/o=PKArchitects/ou=First Administrative
Group/cn=Recipients/cn=miguel
DTSTART:20140206T070000Z
DTEND:20140208T070000Z
LOCATION:Flagstaff
TRANSP:OPAQUE
SEQUENCE:3
UID:040000008200E00074C5B7101A82E00800000000102573EC0F1CCF010000000000000000100
0000037C3D09157000340AA5D3F23F6A60078
DTSTAMP:20140128T181305Z
SUMMARY:Accepted: Miguel Chaperone School
PRIORITY:5
X-MICROSOFT-CDO-IMPORTANCE:1
CLASS:PUBLIC
ATTENDEE;PARTSTAT=ACCEPTED:MAILTO:[email protected]
END:VEVENT
END:VCALENDAR

Well it looks like none of our outlook installations actually are accessing the exchange email, nor are we able to send to those email addresses even though they exist. I have 2 email inboxes in Outlook, 1 is the Integra inbox - works fine. The
other is called Mailbox - UserName - populated with folder that are and always have been empty. If I send an email to myself at [email protected] I get the following bounce back.
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
[email protected]
    Unrouteable address
------ This is a copy of the message, including all the headers. ------
Return-path: <[email protected]>
Received: from wsip-70-166-120-183.ph.ph.cox.net ([70.166.120.183] helo=PK01)
   by arelay2.integra.engr with esmtpa (Exim 4.72)
   (envelope-from <[email protected]>)
   id 1WBtMM-0005N1-Gr
   for [email protected]; Fri, 07 Feb 2014 13:53:18 -0800
Reply-To: <[email protected]>
From: "Kevin Simmons" <[email protected]>
To: <[email protected]>
Subject: test
Date: Fri, 7 Feb 2014 14:53:18 -0700
Message-ID: <F708D49EB6A64BE69891BF9C7B528529@PK01>
MIME-Version: 1.0
Content-Type: multipart/related;
   boundary="----=_NextPart_000_0050_01CF2414.572804A0"
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Ac8kTwKRc8hlRKNXSlye9E4r5UyfJQ==
X-MimeOLE: Produced By Microsoft MimeOLE V6.3.9600.16384
This is a multi-part message in MIME format.
------=_NextPart_000_0050_01CF2414.572804A0
Content-Type: multipart/alternative;
   boundary="----=_NextPart_001_0051_01CF2414.572804A0"
------=_NextPart_001_0051_01CF2414.572804A0
Content-Type: text/plain;
   charset="us-ascii"
Content-Transfer-Encoding: 7bit
test
Thanks!
Kevin Simmons
Project Manager
4515 S McClintock Dr. Suite 206
Tempe, Arizona 85282
p 602 283 1620
f 602 283 1621
c 480 702 9687
[email protected]
------=_NextPart_001_0051_01CF2414.572804A0
Content-Type: text/html;
   charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Dus-ascii" = http-equiv=3DContent-Type> <META name=3DGENERATOR content=3D"MSHTML 11.00.9600.16476"></HEAD> <BODY>
<DIV><FONT size=3D2 face=3DArial><SPAN=20 class=3D831025321-07022014>test</SPAN></FONT></DIV>
<DIV> </DIV><?xml:namespace prefix =3D "o" ns =3D=20 "urn:schemas-microsoft-com:office:office" /><o:SmartTagType=20 namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"PostalCode"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"State"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"City"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"place"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"Street"></o:SmartTagType><o:SmartTagType=20
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
name=3D"address"></o:SmartTagType>
<STYLE>@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in = 1.25in; mso-header-margin: .5in; mso-footer-margin: .5in; =
mso-paper-source: 0; }
P.MsoNormal {
   FONT-SIZE: 12pt; FONT-FAMILY: "Times New Roman"; MARGIN: 0in 0in 0pt; =
mso-style-parent: ""; mso-pagination: widow-orphan; =
mso-fareast-font-family: "Times New Roman"
LI.MsoNormal {
   FONT-SIZE: 12pt; FONT-FAMILY: "Times New Roman"; MARGIN: 0in 0in 0pt; =
mso-style-parent: ""; mso-pagination: widow-orphan; =
mso-fareast-font-family: "Times New Roman"
DIV.MsoNormal {
   FONT-SIZE: 12pt; FONT-FAMILY: "Times New Roman"; MARGIN: 0in 0in 0pt; =
mso-style-parent: ""; mso-pagination: widow-orphan; =
mso-fareast-font-family: "Times New Roman"
SPAN.GramE {
   mso-style-name: ""; mso-gram-e: yes
DIV.Section1 {
   page: Section1
</STYLE>
<DIV class=3DSection1>
<P class=3DMsoNormal align=3Dleft><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">Thanks!</SPAN></P> <P class=3DMsoNormal> </P> <P class=3DMsoNormal><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">Kevin=20 Simmons</SPAN></P> <P
class=3DMsoNormal><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">Project=20 Manager</SPAN></P> <P class=3DMsoNormal><o:p> </o:p></P>
<P class=3DMsoNormal><IMG src=3D"cid:831025321@07022014-2937" = width=3D130 height=3D130=20 v:shapes=3D"_x0000_i1025"></P> <P class=3DMsoNormal><?xml:namespace prefix =3D "st1" ns =3D=20 "urn:schemas-microsoft-com:office:smarttags"
/><st1:Street=20 w:st=3D"on"><st1:address w:st=3D"on"><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">4515 S McClintock Dr. = Suite=20 206</SPAN></st1:address></st1:Street></P>
<P class=3DMsoNormal><st1:place w:st=3D"on"><st1:City w:st=3D"on"><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">Tempe</SPAN></st1:City><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">, <st1:State=20 w:st=3D"on">Arizona</st1:State> <st1:PostalCode=20 w:st=3D"on">85282</st1:PostalCode></SPAN></st1:place></P>
<P class=3DMsoNormal><SPAN class=3DGramE><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">p</SPAN></SPAN><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> 602 283 1620</SPAN></P> <P class=3DMsoNormal><SPAN class=3DGramE><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">f</SPAN></SPAN><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> 602 283 1621</SPAN></P> <P class=3DMsoNormal><SPAN class=3DGramE><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">c</SPAN></SPAN><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> 480 702 9687</SPAN></P> <P class=3DMsoNormal><SPAN=20
style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">[email protected]</SPAN></P></DIV>
<DIV> </DIV></BODY></HTML>
------=_NextPart_001_0051_01CF2414.572804A0--
------=_NextPart_000_0050_01CF2414.572804A0
Content-Type: image/jpeg;
   name="image002.jpg"
Content-Transfer-Encoding: base64
Content-ID: <831025321@07022014-2937>
/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0a
HBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIy
MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCACCAIIDASIA
AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA
AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3
ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm
p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QA
p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+HwEA
AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx
BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK
U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3
uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD3
uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3++iii
gAooooAKKKKACq97dGzg81bae4O4DZAoLfXkjirFFAHltr8ZNKtPtNteadrU00V1OhZbdCABIwA+
+OgwPwqf/hdmg/8AQI13/wABk/8Ai68juv8AkL6t/wBhG5/9GtTKxdVp2PKqY+cJuKS0PfvB
+Xiwe
JdNFylnqHlyXE4WaeNVVVEjYU4bqBgdO1dZXA/Bz/knsP/X5c/8Ao1q76tkepF3SYUUUUDCiiigA
ooooAKKy9S1yz017ZZJ4B5twIWLzKuzIJyc/T9ak/t3R/wDoK2P/AIEJ/jQBoUVjXfibTLc2yxX1
nM006Q4W4XKhu/XtWvHIkqB43V1PdTkUAOoqhqWqRad9nDFC0s6QkFwpUMcZq6jpIu5GVh6g5oAd
RRRQB8sXX/IX1b/sI3P/AKNamU+6/wCQvq3/AGEbn/0a1Mrkl8TPnK/8WXqz2z4Of8k9h/6/Ln/0
a1d9XA/Bz/knsP8A1+XP/o1q76upbH0MPhQUUUEgDJOAKZQUVU0/UYNTt2uLUs0O8qshXAkx/Evq
voe+OKG1G3GqLpysz3JjMjKi5Ea9ix7Z7euD6GgC3RRRQB5X8atNsF8N2EosbYSy6pH5jiJd
voe+z5R8
5OOa8g/s2x/58rf/AL9L/hXtPxs/5FXS/wDsKRf+gSV4vPMfMECZyeWK9ceg9/ft+VYVdzyce5e0
ST6EKCHT9Rsbuy06zlmtrlJNskYEZx/C2Oo9q3L7Xtd1NDHdarNFbEki0sP9GgXPbamCfxJrHkiY
JEC21RIoCJwB+PWtbQfDq+I9Ua0zJFaRY+0SwjdK7HlYogf4yASSeFHJ7VMXJ6IypTqztTgz
JEC21RIoCJwB+PWtbQfDq+I9Ua0zJFaRY+nbyD
SYHQTi3Ehdc+Y2Wx+JzV6yjht2FxplxLav2ls7hoz+amvZZfh/aaZZWRtlXSzLdQx+TaHd/F
SYHQTi3Ehdc+Y2Wx+JzV6yjht2FxplxLav2ls7hoz+96R2
yXb3GB9etUPFPw2sLiALa2NppusAn7NdQKVt7xv+ecqnO1j2Jzz0J6Vp7N9Gdbwc0rxm7nPa
yXb3GB9etUPFPw2sLiALa2NppusAn7NdQKVt7xv+F8Tv
E2hsqXzjW7MdVmwlwo/2XAw30YfjXsvhvxRpXivTftulXBdVO2WJxtkhb+669j/PtmvmaONWVsxy
W8qMUkjPDRupwykeoIIq3pesal4a1ePV9OkC3CYVweEuE/55yD09G7GlGo07MzoYyUZclUS6/wCQ
vq3/AGEbn/0a1MqG3vV1GS7vVjaIXF3PL5b9U3SMcH3GamrKXxM4K/8AFl6s9s+Dn/JPYf8Ar8uf
/RrV31cD8HP+Sew/9flz/wCjWrvWZUUsxCqBkknAArqWx9DD4UDMqKWYhVAySTgAV8/eNvFv9uX0
1hoWo6iukgss9x9sc/aieqoCeIx69+3HW98QPiA/ieSXR9HlZNEUlZ7hDg3hHVVP/PP1P8X068no
+j6h4i1aPR9HjUzkAyysP3dtH/eb+i96zlN35YnFiMRJy9lR3J9Gi8U+INVi0bRtd1nztoMk
+hv5P
LtY+m5sH8l7/AEr3bRPB1pokMQTUNUuJwyyTTTXjkzuMfM4zg5wOOmOKn8K+FdO8I6OthYKW
LtY+Zjvn
uH5knfuzH+nQDgVuVcVZanVSpuEbSd2FFFFUanmfxvcR+EdOdui6nGT/AN8SV4zaRMkW+Ufv
uH5knfuzH+nQDgVuVcVZanVSpuEbSd2FFFFUanmfxvcR+pPmf
2J7fhXsnxvCS+E9MTcP+QrETg+ivXkeR6isKu55OYv30vIr3sqwQCZ/uowY/QV7r8KfDDaL4
2J7fhXsnxvCS+E9MTcP+QrETg+Ttb2
9jxqN6puHDDmMPg7frjbn6Adq8JvIBdi2te091DEfozgH+dfUt1fpZ3FhAqqVuZjDndjYAjN
9jxqN6puHDDmMPg7frjbn6Adq8JvIBdi2te091DEfozgH+n/x3
H41VJaXNcuguRyK3iD/V6d/2EIP/AEKtK5toby2kt7iMSQyLtZT3FZfiB0MenfOv/H/B3/2quajq
K2MEcoCvvnihxuxje4XP4ZzWp6J4B4+06TR/HMsUuSbuISFz/wAtSvAf6suAfVkY96wSARgj
K2MEcoCvvnihxuxje4XP4ZzWp6J4B4+Ir0z
44WUZTw7qiFfMju2tmweSroT+hX9a8zyPUVz1V7x4mPhy1brqZcGbLWXt+fJuU8xP95eo/LH
44WUZTw7qiFfMju2tmweSroT+hX9a8zyPUVz1V7x4mPhy1brqZcGbLWXt+5VqV
Q1PC/ZJ/4orhOfZvlP8AOrryLGAzfdzgn0+tQ9Tmn7yUj234PMqfDuNmIVRd3JJJwAPNauJ+IHxA
bxNJJo+kTFNFVik9wpwbwjqqn/nn6n+L6deStPE2oXPg1PDcG6200XE73Mit811ukYhBjomO
bxNJJo+vr06
daNxGWg8qNQCcBT2T0P4VrKelkejXxfLFU4PXq+xoaPo+oeItWj0fR41M5AMsrD93bR/3m/o
daNxGWg8qNQCcBT2T0P4VrKelkejXxfLFU4PXq+xoaPo+vevo
Twr4V07wjo62FgpZmO+e4fmSd+7Mf6dAOBXL/By50h/CLWtlAIdSt5MakGO55JT0kJ7qw6en
Twr4V07wjo62FgpZmO+e4fmSd+I7V6
JVwikjqw1CNKGmrfUKKKKs6QooooA8n+M+laZZ+G9PuYrC2ilk1WMPIkQDNlXzk98mvKPs0H
JVwikjqw1CNKGmrfUKKKKs6QooooA8n+M+laZZ+/PGP
/vkV7F8cE8zwjpyZxnU4xn0+SSvHLaYzQgtgSL8rj0Ydawq7nk5hfnTXYjljtoJ7KV4YvLS8gL5U
Y2+Yuc+2K+k73wlpM11p8kOk6eEhnLyjyFG5fLdcdOeSp/CvmzUYRc2hgPHmELn0zX0J8N/E
Y2+Yuc+2K+x8Q+
EbE3T/6fDEEmB6vtO0t+YIPuPpVUnpY2y+d4OJNrvh3RY47DZpNku6+hU4gUZBbp0qzqnhLSrm2i
S20iwV1uIXb9yo+VZFLdvQGrXiD/AFenf9hCD/0KtZ3WNGd2CqoyWJwAPWtT0Dxr4z2Ok2Nt
S20iwV1uIXb9yo+4fs7
SxtIJ571pG8uJVJRIznoOmWFebfZoP8AnjH/AN8iul+Imqtr3jwT5PkWdsEhQjoHOQT7sPm+jLXP
1z1X7x4uPnerZdDM1OGER20SxIGluEUYXsDk/oKvPbxPEYtoEZPzKvAPsaoA/bdcRwcw2qEj0LNw
D+Wf8mtSoZzTbikvmUtPFxDAi3ETJFM8ptZD0lVXKsM+qnqPQg1dr0fwp4Th8X/B1bPcsV7D
D+Wf8mtSoZzTbikvmUtPFxDAi3ETJFM8ptZD0lVXKsM+e3Mt
ncEf6uUStjP+yehHoa83AmjklguYWguoHMU8LdY3HUf4HuMVU421N8VQ5LTWz/MvaHrl34X1
ncEf6uUStjP+6DWr
NWfyxsuYFP8Ar4SeV/3h1X3HvX0npuo2ur6bb6hYzLNa3EYkjkXoQa+X67b4YeLf+Ef1caHeyY0v
UJM27MeILg/w+yv+jfWqpz6M3wOIt+6l8j3Siiitz1QooooA81+Nn/Iq6X/2FIv/AECSvF5YzHJ5
yHbnhj2+p9q9o+Nn/Iq6X/2FIv8A0CSvH6wq7nkZg7VF6FWaYARCQGM+YvXofoa6Pwj4ki8N
yHbnhj2+p9q9o+6o32
qd4dOuH3/aYvmazlxjeV/ijYAB19ge1c89tcyXFpbWMPnyz3CRxwbgu5j0AJ4H48U65VLG6NtqNo
9hdA8xXcXlt+GeD9QTUxutUY0XOnapBaHuur+LrNbfTRevGWN3DKk1mfPimUHOV25I+jD6E1
9hdA8xXcXlt+GeD9QTUxutUY0XOnapBaHuur+LrNbfTRevGWN3DKk1mfPimUHOV25I+R8Ye
OLO004PcPFI8mfsukxzK0lw3ZpypwkY6kd+5P3a8UWJbbDWM89qHlUsLWdowxzwcKQM+9NMW
OLO004PcPFI8mfsukxzK0lw3ZpypwkY6kd+5P3a8UWJbbDWM89qHlUsLWdowxzwcKQM+n2YZ
pPIQsdzvKwLMfUk8k1o6qtodkswjy+6ncsPdNJPNcXlyJ7y5kaadxyXduuAO3YDsAKakN5qN
pPIQsdzvKwLMfUk8k1o6qtodkswjy+1BY2
ls8tzcvsht1+9Kff+6o6k+laug+Gtc8TOq6JpjC3Y4N7cIYoFHqCRl/oor2/wX4C0/whA0oc
ls8tzcvsht1+9Kff+6o6k+laug+3mqT
DE97IoDEf3UH8K+w/HNTGDbuzGjhZ1Jc9TT8z53srOWx+1W1wyPcRXMscrp0Zlcrx7cce1Wq
DE97IoDEf3UH8K+fdf8
hfVv+wjc/wDo1qZWct2cdf8Aiy9T2z4Of8k9h/6/Ln/0a1Y3xa8IEqfFmnREywoF1GJBzJEO
hfVv+kgH9
5O/qv0FbPwc/5J7D/wBflz/6Nau9ZQ6lWAKkYII4IrptdWPe5FOnyy2aPlUEMoZSCpGQR3FNliSe
JopBlWGDXR+N/CZ8HeIPKgQ/2RfMz2Tdom6tCfp1X247Vz9c0k4ux4NWnKjPlZ7Z8MPGT+IN
JopBlWGDXR+LbSt
Sl3avYKA7HrcRdFl+vZvf6iu+r5bsr+80fVLXVtOYLe2jbkBOFkU/ejb2Yce3B7V9IeHdes/
Sl3avYKA7HrcRdFl+vZvf6iu+r5bsr+Euh2
2q2LHypl5RvvRsOGRvQg5FdEJcyPZwuI9tDXdGpRRRVnUea/Gz/kVdL/AOwpF/6BJXj9ewfGz/kV
dL/7CkX/AKBJXj9YVdzx8x/iL0Lug/8AI4eHf+wpB/OvpW8sbTUIDBe2sFzCesc0YdT+Br5q0H/k
cPDv/YUg/nX07V0vhOrL/wCF8ziNV+FvhO7MDW/h3T42FwjS7E8vKZ+YfLWvp/gXwppcgksvD2mx
SDo/2dSw/EjNHh3xpovim/1Sy0u4eSbTZfKnDJtGckZX1GVPNc3qfxq8IaRqt5pt098J7SVoZdls
SoZTg856Vodx6IAAMAYAqte2n22DyvtFxB8wO+B9jfTPpWLN478OQeEU8UPqSf2TIPklAOWb
SoZTg856Vodx6IAAMAYAqte2n22DyvtFxB8wO+ONoX
ruyCMexql4X+JnhvxdNc2+nTzpdW8Zle3uItjlB/EB3HT86AMG2+Dei3P2i4vbnWI55bqZyF
ruyCMexql4X+JnhvxdNc2+vOCD
IxB6dxg/jU//AApXw1/z/a1/4G//AFq6K08daLe+CpfFkLTnS4ldmJiw+Fbafl+oqtd/Ejw/Zm3E
rXWZ9M/tVNsJP7jGf++valZEOnB6tIk8G+Eo/DVgIIri/Ecc85SGW43qVaRtrEY6kYP1rqq81tfj
n4Nu7yK1ibUDLK6xqDanqTgZ5qfVPjT4R0jVrzTLlr/7RaTNDLstiwDKcHBzTLOh8SeDNO8U2k9v
qE975cuGVUuGCxuPusq9AQea5Sw+DWgSWaG+/tSO5GVkCagxViDjcPY9cdRnFdDe/Efw5p3h
qE975cuGVUuGCxuPusq9AQea5Sw+DWgSWaG+Oz8S
XVzLFZXv/HvGYz5spyRgJ+H0qnY/FjwrqPh7UdZgnuPK07b9pgaEiZAzBQdvcZPUGlZEuMXuin/w
pbwr/wA9tW/8Dnq3pXw+tvDN6i6Rdap9huWJuYvtzAq+OJPfptI+h7Gqel/Gvwjq+q2um2rX5uLm
ZYYw1qQNzHAyc8danv8A4x+DtO1+TSJrycyRTCCa4SEmGJ84IZvY9SMiiyBRitkd9RSAhlDK
ZYYw1qQNzHAyc8danv8A4x+DtO1+QQRk
Ed6KZR5t8bP+RV0v/sKRf+gSV4/XsvxK0TXvENjYWEB02NDqSNC0jyZOFfG7C+npXH/8Kh8Y
Ed6KZR5t8bP+f8/e
hf8Afyb/AOJrKpByeh52Mw9SrNOC6HL6D/yOHh3/ALCkH86998ca8PDPgrVtW3ASQQN5We8jfKn/
AI8RXlUPw28U6LrWjX9xcaM6xahCwWOSXJbPHVelem+JPCbeMtHtLDWbjyEhuluJY7Q5SYLn
AI8RXlUPw28U6LrWjX9xcaM6xahCwWOSXJbPHVelem+CksM
455qqaaVmb4SlKnT5Zb3PD/hdr+h6J458ORabePLJqdi1pqgdGUC5LF1OT15IXI9PerMniHxX4a1
Lx/qGiaZp91pqatILuS4Qu0RJIBCgjK888GvafFHgjTPE2n21uf9BltrlLmG4to1Do6dO3TmjSfB
Gn6Y3iHfLJdRa7O81zHKBtG4EFRjtyas6jyWDQrXSofhZpst3DqGm3N9NdSSqP3UkrbWQAHsM4wf
f6V6pq1v4VXxfFNOLdfExsJBbDcQ7RYbPA4P8XXnrWbB8J9JXwR/wi11fXlzaxTm4tJ2KrLat/sE
D1J6+pqTwt8MNP8ADmoXWp3Gp3+q6pPCYBd3sm5o4z2X/GgDxrSZPHQ+B90lpBpJ8M+VNvdy
D1J6+pqTwt8MNP8ADmoXWp3Gp3+ftG3
ed2OcZznHFdt4cAPxL8CgjI/4RJP5Gu4sfh5Y2Hw6m8GJe3LWkqSIZ2C+YN7Fj2x3qWw8B2Wn+IN
H1dLy4aXS9MGmxowXa6D+I8daAOd8Hov/C7PHo2rgR2mOOnyVy3h0eOD4w8bf8IpForwf2vJ
H1dLy4aXS9MGmxowXa6D+5x1D
du3ZONu3tivV9L8J22leLta8RR3Mzz6qsQkibG1Ni4GO/wCdcjffBuC61rUdTtvFWuWDX9w1xLFa
zBF3E57devegCldx3dx8ZPBcPiOO1NxHpMsgSIZh+0/Nu2A+gAI+grtrS28KJ48v3thbjxK9
zBF3E57devegCldx3dx8ZPBcPiOO1NxHpMsgSIZh+qv2p
VJ3mLIwSOn93nr0rM1L4Y6fq3hjTdKu9T1F7zTWZ7XVfN/0lGJyfm7jp+Qq14L+H2n+DZby7S7u9
Q1O8x9ovbt90jAdB7D/PYUAYPw2Rf+E3+IXyjjVFxx04auM+y6p4e0rXLzRBpPinwJPdS3F7bsds
0YyC4zwcqMc89M4r2DQPClt4f1fXNRguJpZNXuRcSq4GEIzwuO3PeuRv/grpF3qt1PBq+qWenXk3
nXemQTbYZWzkjHYH9O2KAPQtLmtrjSbOazXbayQI8K4xhCoKj8sUVYhhjt4I4YUCRRqERR0UAYAo
oAcVVsblBwcjI6GloooARlVsblBwcjI6GloooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP
/9k=
------=_NextPart_000_0050_01CF2414.572804A0--
beyond that - the Global Address Book does not update!

Best practice for Active Directory User Templates regarding Distribution Lists

Hello All
I am looking to implement Active Directory User templates for each department in the company to make the process of creating user accounts for new employees easier. Currently when a user is created a current user's Active directory account is copied, but
this has led to problems with new employees being added to groups which they should not be a part of.
I have attempted to implement this in the past but ran into an issue regarding Distribution Lists. I would like to set up template users with all group memberships that are needed for the department, including distribution lists. Previously I set this up
but received complaints from users who would send e-mail to distribution lists the template accounts were members of.
When sending an e-mail to the distribution list with a member template user, users received an error because the template account does not have an e-mail address.
What is the best practice regarding template user accounts as it pertains to distribution lists? It seems like I will have to create a mailbox for each template user but I can't help but feel there is a better way to avoid this problem. If a mailbox is created
for each template user, it will prevent the error messages users were receiving, but messages will simply build up in these mailboxes. I could set a rule for each one that deletes messages, but again I feel like there is a better way which I haven't thought
of.
Has anyone come up with a better method of doing this?
Thank you

You can just add arbitrary email (not a mailbox) to all your templates and it should solve the problem with errors when sending emails to distribution lists.
If you want to further simplify your user creation process you can have a look at Adaxes (consider it's a third-party app). If you want to use templates, it gives you a slightly better way to do that (http://www.adaxes.com/tutorials_WebInterfaceCustomization_AllowUsingTemplatesForUserCreation.htm)
and it also can automatically perform tasks such as mailbox creation for newly created users (http://www.adaxes.com/tutorials_AutomatingDailyTasks_AutomateExchangeMailboxesCreationForNewUsers.htm).
Alternatively you can abandon templates at all and use customizable condition-based rules to automatically perform all the needed tasks on user creation such as OU allocation, group membership assignment, mailbox creation, home folder creation, etc. based on
the factors you predefine for them.

SMB access for Active Directory users

Hi there,
My server is an OD Master bound to AD for authentication and my institution's Kerberos realm.
When I try to share files from the server via SMB and connect as an Active Directory user I get the following error in the logs:
[2009/06/11 12:02:27, 1, pid=5308] /SourceCache/samba/samba-187.8/samba/source/libads/kerberosverify.c:ads_verifyticket(428)
adsverifyticket: smbkrb5_parse_name(myserver$) failed (Configuration file does not specify default realm)
[2009/06/11 12:02:27, 1, pid=5308] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:replyspnegokerberos(340)
Failed to verify incoming ticket with error NTSTATUS_LOGONFAILURE!
I've read something vague about having to Kerberize the SMB service seperately so I'm not sure if that's the problem.
My smb.conf file is as follows:
; Configuration file for the Samba software suite.
; ============================================================================
; For the format of this file and comprehensive descriptions of all the
; configuration option, please refer to the man page for smb.conf(5).
; The following configuration should suit most systems for basic usage and
; initial testing. It gives all clients access to their home directories and
; allows access to all printers specified in /etc/printcap.
; BEGIN required configuration
; Parameters inside the required configuration block should not be altered.
; They may be changed at any time by upgrades or other automated processes.
; Site-specific customizations will only be preserved if they are done
; outside this block. If you choose to make customizations, it is your
; own responsibility to verify that they work correctly with the supported
; configuration tools.
[global]
debug pid = yes
log level = 1
server string = Mac OS X
printcap name = cups
printing = cups
encrypt passwords = yes
use spnego = yes
passdb backend = odsam
idmap domains = default
idmap config default: default = yes
idmap config default: backend = odsam
idmap alloc backend = odsam
idmap negative cache time = 5
map to guest = Bad User
guest account = nobody
unix charset = UTF-8-MAC
display charset = UTF-8-MAC
dos charset = 437
vfs objects = darwinacl,darwin_streams
; Don't become a master browser unless absolutely necessary.
os level = 2
domain master = no
; For performance reasons, set the transmit buffer size
; to the maximum and enable sendfile support.
max xmit = 131072
use sendfile = yes
; The darwin_streams module gives us named streams support.
stream support = yes
ea support = yes
; Enable locking coherency with AFP.
darwin_streams:brlm = yes
; Core files are invariably disabled system-wide, but attempting to
; dump core will trigger a crash report, so we still want to try.
enable core files = yes
; Configure usershares for use by the synchronize-shares tool.
usershare max shares = 1000
usershare path = /var/samba/shares
usershare owner only = no
usershare allow guests = yes
usershare allow full config = yes
; Filter inaccessible shares from the browse list.
com.apple:filter shares by access = yes
; Check in with PAM to enforce SACL access policy.
obey pam restrictions = yes
; Don't be trying to enforce ACLs in userspace.
acl check permissions = no
; Make sure that we resolve unqualified names as NetBIOS before DNS.
name resolve order = lmhosts wins bcast host
; Pull in system-wide preference settings. These are managed by
; synchronize-preferences tool.
include = /var/db/smb.conf
[printers]
comment = All Printers
path = /tmp
printable = yes
guest ok = no
create mode = 0700
writeable = no
browseable = no
; Site-specific parameters can be added below this comment.
; END required configuration.
Any help would be much appreciated!!
Thanks.

I am now having the same problem - a Windows server trying to access a file share on the Mac Server is presented with the same error message in the log files:
[2009/06/29 21:34:56, 2, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:setupnew_vcsession(1260)
setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
[2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/libads/kerberosverify.c:ads_verifyticket(428)
adsverifyticket: smbkrb5_parsename(vifile$) failed (Configuration file does not specify default realm)
[2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:replyspnegokerberos(340)
Failed to verify incoming ticket with error NTSTATUS_LOGONFAILURE!
Workgroup manager can read from Active Directory - seems to be jiving correctly - my server (SMB) is in Domain Member mode...
When I try to access system from \\UNC command, I am presented with username/password prompt and nothing works.
Not feeling the Mac OS X love tonight.
Bill
System is bound to active directory - green light in Directory Utility

Setting disk quota on Mac server for Active Directory users

I'm having trouble setting disk quotas for Active Directory users with home folders on our Mac server.
I've enabled disk quotas on the disk I'm putting home folders on, and I can set disk quotas for local users on the server just fine. But it doesn't seem to work for Active Directory users. I've tried setting disk quotas via Workgroup Manager and via the command line using edquota. But when I use the repquota command there is no quota entry for the AD user. I've run quotacheck and that didn't help either.
I also understand there's a setquota command but there's no man page on how that works.
Has anyone got disk quota for AD users working.
Better still has someone got a shell or perl script for setting quotas they could post.
Thanks
- Cameron

sorry.. I am soooooo stupid... I have to activate "File Sharing" as well.. for the user everything was already pre-activated, not for the AD users, I just saw the Time Machine checkbox grayed out ...

Building a Basic Runbook to disable a Active Directory User who has not logged in for 90 days.

I am new to Orchestrator. I am using Orchestrator 2012 R2 on a Hyper-V running Server 2008. I have been trying to set up a Runbook to sweep AD for user accounts that have not logged in for 90 days and have those accounts automatically disabled
and moved to another OU. However, I would be happy just to have the account just be disabled. If you need any more info or I have posted in the wrong forum, please let me know.
Thanks

Hi,
there is no SCO Activity to do this.
Problem with this is, the LastLogedOn Times are not synced between DomainControllers.
Best will be you take a look at this PowerShell Script
http://gallery.technet.microsoft.com/scriptcenter/Get-Active-Directory-User-bbcdd771
and change it to your needs
Seidl Michael | http://www.techguy.at |
twitter.com/techguyat | facebook.com/techguyat

10.7.4 Web Access for Active Directory Users

Does anyone know how to permantly set the AuthType in Web Services to Basic ?
The reason I ask is I have a web site I want to protect and allow active directory users access to it.
I have added the users to a local group, added the group to the Who Can Access option.
Local users can log in but not Active Directory. If I edit the conf file for the site in /etc/apache2/sites and change the AuthType from Digist to Basic it works fine until I change something in the server app then the conf file gets rewritten.
Dan

I am now having the same problem - a Windows server trying to access a file share on the Mac Server is presented with the same error message in the log files:
[2009/06/29 21:34:56, 2, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:setupnew_vcsession(1260)
setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
[2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/libads/kerberosverify.c:ads_verifyticket(428)
adsverifyticket: smbkrb5_parsename(vifile$) failed (Configuration file does not specify default realm)
[2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:replyspnegokerberos(340)
Failed to verify incoming ticket with error NTSTATUS_LOGONFAILURE!
Workgroup manager can read from Active Directory - seems to be jiving correctly - my server (SMB) is in Domain Member mode...
When I try to access system from \\UNC command, I am presented with username/password prompt and nothing works.
Not feeling the Mac OS X love tonight.
Bill
System is bound to active directory - green light in Directory Utility

How can add and push updates to1000 clintes in WSUS non active directory

Hi Can any one please help me on my requirement .
We have 1000+Clients and we are going to use WSUS standalone server for push the updates to cleints in Non-Active Directory.p
Please let me know do we have any way push the updates from WSUS server without GPO updates... ?

Hi Can any one please help me on my requirement .
We have 1000+Clients and we are going to use WSUS standalone server for push the updates to cleints in Non-Active Directory.p
Please let me know do we have any way push the updates from WSUS server without GPO updates... ?
This is almost an exercise in futility; at best it will be extremely painful.
Aside from trying to wrap my head around why a 1000+ system environment would not have Active Directory deployed (in 2014!) in the first place, there's only one way you'll be able to achieve this objective: One Client At A Time!
In short, you'll need to either use Local Policy on each individual system, or perform a REG IMPORT of the necessary settings. There may be ways to expedite the REG IMPORT, but that highly depends on the trust factor of the individual end-users, and whether
they have local admin privileges on their system.
Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
SolarWinds Head Geek
Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
http://www.solarwinds.com/gotmicrosoft
The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

Cannot log into DTR with Active Directory User

Greetings,
I have set up and installed JDI correctly. I can log into /devinf, the cbs, cms and sld systems with no problem using both Administrator and my JDI.Administrator that I assigned to an Active Directory user. I can log into the DTR using a user from the database (i.e. Administrator), however, when trying to access the DTR with an Active Directory user, I get the following message:
500 Internal Server Error
SAP J2EE Engine/6.40
Application error occurred during the request procession.
Details: Error [javax.servlet.ServletException: Group found, but unique name "businessUnit.all.guests" is not unique!], with root cause [com.tssap.dtr.server.deltav.InternalServerException: Group found, but unique name "businessUnit.all.guests" is not unique!]. The ID of this error is
Exception id: [0012798F81680042000000090000165C0003FE9AA3C0B86B].
This group exists in multiple domainshowever, this has not caused us any issues to date with our portal and other pieces of SAP WASit's only this DTR error.
Any help is greatly appreciated.
Thanks,
Marty

Hi Marty,
In the document available at the link enclosed below, there is a part that explains how to configure DTR so that it always uses "Unique-IDs".
http://help.sap.com/saphelp_nw04/helpdata/en/20/f4a94076b63713e10000000a155106/frameset.htm
It is mentioned that this is valid for LDAP, but the information is applicable for Active Directory as well.
Regards,
Manohar

Issue with Active Directory User Target Recon

Hi ,
I am facing an issue with Active Directory User Target Recon
My environment is OIM 11g R2 with BP03 patch applied
AD Connector is activedirectory-11.1.1.5 with bundle patch 14190610 applied
In my Target there are around 28000 users out of which 14000 have AD account (includes Provisioned,Revoked,Disabled accounts)
When i am running Active Directory User Target Recon i am not putting any filter cleared the batch start and batch size parameters and ran the recon job .Job ran successfully but it stopped after processing around 3000 users only.
Retried the job two three times but every time it is stopping after processing some users but not processing all the users.
Checked the log file oimdiagnostic logs and Connector server logs cannot see any errors in it.
Checked the user profile of users processed can see AD account provisioned for users
My query is why this job is not processing allthe users.Please point if i am missing some thing .
thanks in advance

Check the connector server load when you are running the recon. Last time I checked the connector, the way it was written is that it loads all the users from AD into the connector server memory and then sends them to OIM. So if the number was huge, then the connector server errored out and did not send data to OIM. We then did recon based on OUs to load/link all the users into OIM. Check the connector server system logs and check for memory usage etc.
-Bikash

Windows 2008 Server - Cannot run Active Directory Users and Computers

Hi,
I am running Windows 2008 Server with latest windows updates installed. Directory Services Role also.
I attempt to open Active Directory Users and Computers tool and I get a;
Microsoft Visual C++ Runtime Library error;
"The Application has requested the runtime to terminate it in a unusual way. Please contact the application's support team for more information"
I click ok, then get the following debug info;
Problem signature:
Problem Event Name: APPCRASH
Application Name: mmc.exe
Application Version: 6.0.6001.18000
Application Timestamp: 47919524
Fault Module Name: msvcrt.dll
Fault Module Version: 7.0.6001.18000
Fault Module Timestamp: 4791ad6b
Exception Code: 40000015
Exception Offset: 0000000000029b06
OS Version: 6.0.6001.2.1.0.272.7
Locale ID: 3081
Additional Information 1: 43aa
Additional Information 2: cf3a46656318492c1997480001b6b0e0
Additional Information 3: 3837
Additional Information 4: 92f72e0d0589ff77cef51e0a413aeff6
Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
If someone could please assist, it would be very much appreciated.
Regards
B

Hi,
To solidly troubleshoot this kind of issue, we need to debug dump file. A suggestion would be to contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request.
To obtain the phone numbers for specific technology request please take a look at the web site listed below:
http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607
However, I am also glad to share my research.
Some third party applications may lead to this error. Please check if you install other third party applications on Windows server 2008?
Also, please follow the article below to perform necessary steps to see how it's going?
FIX: You receive an "invalid page fault in module MSVCRT.DLL" error message after you install the run-time libraries from Visual C++ 6.0
http://support.microsoft.com/kb/190536/en-us
Hope this helps.
Best wishes
Morgan Che

How to import your MS Active Directory users in an Oracle table

Hello,
I first tried to get a Heterogenous Connection to my MS Active Directory to get information on my Active Directory users.
This doesn't work so I used an alternative solution:
How to import your MS Active Directory users in an Oracle table
- a Visual Basic script for export from Active Directory
- a table in my database
- a SQL*Loader Control-file
- a command-file to start the SQL*Loader
Now I can schedule the vsb-script and the command-file to get my information in an Oracle table. This works fine for me.
Just to share my scripts:
I made a Visual Basic script to make an export from my Active Directory to a CSV-file.
'Export_ActiveDir_users.vbs                              26-10-2006
'Script to export info from MS Active Directory to a CSV-file
'     Accountname, employeeid, Name, Function, Department etc.
'       Richard de Boer - Wetterskip Fryslan, the Nethterlands
'     samaccountname          Logon Name / Account
'     employeeid          Employee ID
'     name               name
'     displayname          Display Name / Full Name
'     sn               Last Name
'     description          Description / Function
'     department          Department / Organisation
'     physicaldeliveryofficename Office Location     Wetterskip Fryslan
'     streetaddress          Street Address          Harlingerstraatweg 113
'     l               City / Location          Leeuwarden
'     mail               E-mail adress
'     wwwhomepage          Web Page Address
'     distinguishedName     Full unique name with cn, ou's, dc's
'Global variables
    Dim oContainer
    Dim OutPutFile
    Dim FileSystem
'Initialize global variables
    Set FileSystem = WScript.CreateObject("Scripting.FileSystemObject")
    Set OutPutFile = FileSystem.CreateTextFile("ActiveDir_users.csv", True)
    Set oContainer=GetObject("LDAP://OU=WFgebruikers,DC=Wetterskip,DC=Fryslan,DC=Local")
'Enumerate Container
    EnumerateUsers oContainer
'Clean up
    OutPutFile.Close
    Set FileSystem = Nothing
    Set oContainer = Nothing
    WScript.Echo "Finished"
    WScript.Quit(0)
Sub EnumerateUsers(oCont)
    Dim oUser
    For Each oUser In oCont
        Select Case LCase(oUser.Class)
               Case "user"
                    If Not IsEmpty(oUser.distinguishedName) Then
                        OutPutFile.WriteLine _
               oUser.samaccountname      & ";" & _
               oUser.employeeid     & ";" & _
               oUser.Get ("name")      & ";" & _
               oUser.displayname      & ";" & _
               oUser.sn           & ";" & _
               oUser.description      & ";" & _
               oUser.department      & ";" & _
               oUser.physicaldeliveryofficename & ";" & _
               oUser.streetaddress      & ";" & _
               oUser.l           & ";" & _
               oUser.mail           & ";" & _
               oUser.wwwhomepage      & ";" & _
               oUser.distinguishedName     & ";"
                    End If
               Case "organizationalunit", "container"
                    EnumerateUsers oUser
        End Select
    Next
End SubThis give's output like this:
rdeboer;2988;Richard de Boer;Richard de Boer;de Boer;Database Administrator;Informatie- en Communicatie Technologie;;Harlingerstraatweg 113;Leeuwarden;[email protected];;CN=Richard de Boer,OU=Informatie- en Communicatie Technologie,OU=Afdelingen,OU=WFGebruikers,DC=wetterskip,DC=fryslan,DC=local;
tbronkhorst;201;Tjitske Bronkhorst;Tjitske Bronkhorst;Bronkhorst;Configuratiebeheerder;Informatie- en Communicatie Technologie;;Harlingerstraatweg 113;Leeuwarden;[email protected];;CN=Tjitske Bronkhorst,OU=Informatie- en Communicatie Technologie,OU=Afdelingen,OU=WFGebruikers,DC=wetterskip,DC=fryslan,DC=local;I made a table in my Oracle database:
CREATE TABLE     PG4WF.ACTD_USERS
     samaccountname          VARCHAR2(64)
,     employeeid          VARCHAR2(16)
,     name               VARCHAR2(64)
,     displayname          VARCHAR2(64)
,     sn               VARCHAR2(64)
,     description          VARCHAR2(100)
,     department          VARCHAR2(64)
,     physicaldeliveryofficename     VARCHAR2(64)
,     streetaddress          VARCHAR2(128)
,     l               VARCHAR2(64)
,     mail               VARCHAR2(100)
,     wwwhomepage          VARCHAR2(128)
,     distinguishedName     VARCHAR2(256)
)I made SQL*Loader Control-file:
LOAD DATA
INFILE           'ActiveDir_users.csv'
BADFILE      'ActiveDir_users.bad'
DISCARDFILE      'ActiveDir_users.dsc'
TRUNCATE
INTO TABLE PG4WF.ACTD_USERS
FIELDS TERMINATED BY ';'
(     samaccountname
,     employeeid
,     name
,     displayname
,     sn
,     description
,     department
,     physicaldeliveryofficename
,     streetaddress
,     l
,     mail
,     wwwhomepage
,     distinguishedName
)I made a cmd-file to start SQL*Loader
: Import the Active Directory users in Oracle by SQL*Loader
D:\Oracle\ora92\bin\sqlldr userid=pg4wf/<password>@<database> control=sqlldr_ActiveDir_users.ctl log=sqlldr_ActiveDir_users.logI used this for a good list of active directory fields:
http://www.kouti.com/tables/userattributes.htm
Greetings,
Richard de Boer

I have a table with about 50,000 records in my Oracle database and there is a date column which shows the date that each record get inserted to the table, for example 04-Aug-13.
Is there any way that I can find out what time each record has been inserted?
For example: 04-Aug-13 4:20:00 PM. (For my existing records not future ones)
First you need to clarify what you mean by 'the date that each record get inserted'. A row is not permanent and visible to other sessions until it has been COMMITTED and that commit may happen seconds, minutes, hours or even days AFTER a user actually creates the row and puts a date in your 'date column'.
Second - your date column, and ALL date columns, includes a time component. So just query your date column for the time.
The only way that time value will be incorrect is if you did something silly like TRUNC(myDate) when you inserted the value. That would use a time component of 00:00:00 and destroy the actual time.

How to create "folders" in Active Directory Users and Computers?

Hello Community
    In Windows Server 2008R2 when you go to Active Directory Users and Computer
you will see icons of folders such as:
    - Builtin has a folder icon
    - Computers has a folder icon
    - ForeignSecurityPrinicpals has a folder icon
    - Domain Controller as a folder icon
    - Managed Service Accounts has a folder icon
    - Users has a folder icon
    All of the above folders are visually identical.
    If you right click and select “File” – “New”
on any of the selections the icon
will not look like the folder icon they have their own icons which look different
from the "Folder" icon.
    I would like to create a “Folder” that looks just visually exactly like the ones
mentioned above, how can I create those types of Folders in Active Directory User
and Computers?
    Note: I would like to put users in the folders.
    Thank you
    Shabeaut

Hi,
you should use OUs (an OU is they type of object (folder) that is available for you to easily create.
The object type you are asking about is a "container", and there are various reasons why an OU is more flexible (applying GPO, etc).
Refer: Delegating Administration by Using OU Objects
http://technet.microsoft.com/en-us/library/cc780779(v=ws.10).aspx
and the sub-articles:
Administration of Default Containers and OUs
http://technet.microsoft.com/en-us/library/cc728418(v=ws.10).aspx
Delegating Administration of Account and Resource OUs
http://technet.microsoft.com/en-us/library/cc784406(v=ws.10).aspx
Also: http://technet.microsoft.com/en-us/library/cc961764.aspx
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

MySites for non-Active Directory users

Similar Messages

Maybe you are looking for