Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Active Roles 8.1.1 - Synchronization Service Administration Guide

Synchronization Service overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector Objects and operations supported by the SCIM Connector Example of using the Generic SCIM Connector for data synchronization
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

DistributionGroup object attributes

Table 78: DistributionGroup object attributes

Attribute

Description

Supported operations

AcceptMessagesOnlyFrom

Gets or sets the senders that can send email messages to the distribution group.

This reference attribute can take senders in any of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • MailUser

  • Mailbox

  • Contact

Read, Write

AcceptMessagesOnlyFromDLMembers

Gets or sets the distribution groups whose members are allowed to send email messages to the distribution group.

This reference attribute can take distribution groups in any of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • DistributionGroup

  • DynamicDistributionGroup

Read, Write

AcceptMessagesOnlyFromSendersOrMembers

Gets or sets the senders who can send email messages to the distribution group.

This attribute can take senders in any of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • Contact

  • DistributionGroup

  • DynamicDistributionGroup

  • Mailbox

  • MailUser

Read, Write

Alias

Gets or sets the alias of the distribution group.

Read, Write

BypassModerationFromSendersOrMembers

Gets or sets the senders whose messages bypass moderation for the distribution group.

This reference attribute can take senders in any of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • Contact

  • DistributionGroup

  • DynamicDistributionGroup

  • Mailbox

  • MailUser

Read, Write

BypassNestedModerationEnabled

Gets or sets whether moderators of parent groups are allowed to moderate nested groups for which moderation is enabled.

This attribute can take one of the following values:

  • TRUE: Specifies that email messages approved by parent group moderators bypass any moderation in nested groups.

  • FALSE: Specifies that email messages approved by parent group moderators still can be moderated in nested groups.

Read, Write

CreateDTMFMap

Sets whether to create a dual-tone multi-frequency (DTMF) map for the distribution group.

This attribute can take one of the following values:

  • TRUE: Specifies to create a DTMF map for the distribution group.

  • FALSE: Specifies not to create a DTMF map for the distribution group.

Write

CustomAttribute1

Get or set the additional custom values you specify.

Read, Write

CustomAttribute2

CustomAttribute3

CustomAttribute4

CustomAttribute5

CustomAttribute6

CustomAttribute7

CustomAttribute8

CustomAttribute9

CustomAttribute10

CustomAttribute11

CustomAttribute12

CustomAttribute13

CustomAttribute14

CustomAttribute15

Description

Gets or sets the description of the distribution group.

Read, Write

DisplayName

Gets or sets the display name of the distribution group.

Read, Write

EmailAddresses

Gets or sets the email alias of the distribution group.

Read, Write

ExtensionCustomAttribute1

Get or set the additional custom values you specify. These attributes are multivalued. To specify multiple values, use a comma as a separator.

Read, Write

ExtensionCustomAttribute2

ExtensionCustomAttribute3

ExtensionCustomAttribute4

ExtensionCustomAttribute5

GrantSendOnBehalfTo

Gets or sets the senders that can send messages on behalf of the distribution group.

This reference attribute can take senders in any of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute only accepts the following object type:

  • Mailbox

Read, Write

HiddenFromAddressListsEnabled

Gets or sets whether or not Microsoft 365 hides the distribution group from the address lists.

This attribute can take one of the following values:

  • TRUE: Specifies to hide the distribution group from the address lists.

  • FALSE (default): Specifies to display the distribution group in the address lists.

Read, Write

IgnoreNamingPolicy

Sets whether or not to ignore the naming policy applicable to the distribution groups created in the organization.

This attribute can take one of the following values:

  • TRUE: Specifies to ignore the applicable naming policy.

  • FALSE: Specifies to use the applicable naming policy.

Write

IsSecurity

Gets or sets whether the distribution group is a security distribution group.

Read, Write

NOTE: This attribute allows you to write data only when you use the Office 365 Connector to perform a create operation in Microsoft 365.

MailTip

Gets or sets the message displayed to senders when they start writing an email message to the distribution group.

Read, Write

MailTipTranslations

Gets or sets the MailTip message translations in additional languages.

This attribute accepts the following format:

<LanguageLocale>:<MailTipMessageTranslation>

A MailTip message translation cannot exceed 250 characters.

Read, Write

ManagedBy

Gets or sets the owner of the distribution group.

This reference attribute accepts the following object types:

  • Mailbox

  • MailUser

Read, Write

Member

Gets or sets the members of the distribution group by using their Object IDs.

Read, Write

NOTE: This attribute only allows you to write data when you use the Office 365 Connector to perform an update operation in Microsoft 365.

MemberDepartRestriction

Gets or sets the restrictions applicable to the members who want to leave the distribution group.

This attribute can take one of the following values:

  • Open

  • Closed

  • ApprovalRequired

Read, Write

MemberJoinRestriction

Gets or sets the restrictions applicable to the members who want to join the distribution group.

This attribute can take one of the following values:

  • Open

  • Closed

  • ApprovalRequired

Read, Write

Member

Gets or sets the members of the distribution group

Read, Write

ModeratedBy

Gets or sets the users who are moderating the messages sent to the distribution group. To specify multiple users, use a comma as a separator.

This reference attribute can take users in any of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This attribute is required if you set the value of the ModerationEnabled attribute to TRUE.

This reference attribute accepts the following object types:

  • Mailbox

  • MailUser

Read, Write

ModerationEnabled

Gets or sets whether moderation is enabled for the distribution group.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

Name

Gets or sets the name of the distribution group.

Read, Write

Notes

Gets or sets notes about the distribution group.

Read, Write

NOTE: This attribute allows you to write data only when you use the Office 365 Connector to create an object in Microsoft 365.

ObjectID

Gets the unique object identifier (GUID).

Read

PrimarySmtpAddress

Gets or sets primary SMTP address of the distribution group.

Read, Write

PrimarySmtpAddress

Gets or sets the primary email address of the distribution group.

Read, Write

RejectMessagesFrom

Gets or sets the senders whose messages to the distribution group are rejected.

This attribute can take senders in one of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • Contact

  • Mailbox

Read, Write

RejectMessagesFromDLMembers

Gets or sets the distribution groups whose members cannot send email messages to the distribution group (their messages are rejected).

This reference attribute can take distribution groups in one of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • DistributionGroup

  • DynamicDistributionGroup

Read, Write

RejectMessagesFromSendersOrMembers

Gets or sets the senders that cannot send email messages to the distribution group (their messages are rejected).

This reference attribute can take senders in one of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • Contact

  • DynamicDistributionGroup

  • DistributionGroup

  • Mailbox

Read, Write

ReportToManagerEnabled

Gets or sets whether delivery reports are sent to the manager of the distribution group.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

ReportToOriginatorEnabled

Gets or sets whether delivery reports are sent to the senders who sent email messages to the distribution group.

Read, Write

RequireSenderAuthenticationEnabled

Gets or sets whether the senders that send messages to this distribution group must be authenticated.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

SendModerationNotifications

Gets or sets whether to send status notifications to senders when a message they send to the moderated distribution group is rejected by a moderator.

This attribute can take one of the following values:

  • Always: Specifies that notifications are sent to all senders.

  • Internal: Specifies that notifications are only sent to the senders internal to your organization.

  • Never: Specifies that all status notifications are disabled.

Read, Write

SendOofMessageToOriginatorEnabled

Gets or sets a value that specifies whether or not to deliver out-of-office messages to the user who sent an email message to the distribution group.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

SimpleDisplayName

Gets or sets an alternate description of the distribution group in a situation where a limited set of characters is allowed.

The limited set of characters includes ASCII characters from 26 to 126.

Read, Write

UMDtmfMap

Gets or sets whether to create a user-defined DTMF map for the distribution group if it has Unified Messaging enabled.

Read, Write

WindowsEmailAddress

Gets or sets the email address of the distribution group stored in Active Directory.

Read, Write

Domain object attributes

Table 79: Domain object attributes

Attribute

Description

Supported operations

Authentication

Gets the authentication method with which the domain in Microsoft 365 authenticates users.

This attribute can take one of the following values:

  • Managed: Indicates that the domain uses Microsoft 365 authentication.

  • Federated: Indicates that the domain uses Single Sign-on (SSO) to authenticate users.

Read

DomainName

Gets the domain name in Microsoft 365.

Read

DomainServices

Gets the Microsoft 365 services available in the domain.

Read

IsDefault

Gets whether the domain is default in Microsoft 365.

Read

IsInitial

Gets whether the domain is initial in Microsoft 365.

Read

ObjectID

Gets the unique object identifier (GUID).

Read

Status

Gets whether the domain is verified with Microsoft 365. This attribute can take one of the following values:

  • Verified: Indicates that the domain is verified.

  • Unverified: Indicates that the domain is not verified.

Read

DynamicDistributionGroup object attributes

Table 80: DynamicDistributionGroup object attributes

Attribute

Description

Supported operations

AcceptMessagesOnlyFrom

Gets or sets the senders that can send email messages to the dynamic distribution group.

This reference attribute can take senders in any of the following formats:

  • Alias

  • Canonical name

  • Display name

  • DN

  • Exchange DN

  • GUID

  • Name

  • Primary SMTP email address

This reference attribute accepts the following object types:

  • MailUser

  • Mailbox

  • Contact

Read, Write

AcceptMessagesOnlyFromDLMembers

Gets or sets the distribution groups whose members are allowed to send email messages to the dynamic distribution group.

This reference attribute accepts any of the following values for the distribution groups:

  • DN

  • Canonical name

  • GUID

  • Name

  • Display name

  • Legacy Exchange DN

  • Primary SMTP email address

This reference attribute accepts the following object types:

  • DistributionGroup

  • DynamicDistributionGroup

Read, Write

AcceptMessagesOnlyFromSendersOrMembers

Gets or sets the senders who can send email messages to the dynamic distribution group.

This reference attribute can take any of the following values for the senders:

  • DN

  • Canonical name

  • GUID

  • Name

  • Display name

  • Alias

  • Exchange DN

  • Primary SMTP email address

This reference attribute accepts the following object types:

  • Contact

  • DistributionGroup

  • DynamicDistributionGroup

  • Mailbox

  • MailUser

Read, Write

Alias

Gets or sets the alias of the dynamic distribution group.

Read, Write

BypassModerationFromSendersOrMembers

Gets or sets the senders whose messages bypass moderation for the dynamic distribution group.

This reference attribute can take any of the following values for the senders:

  • DN

  • Canonical name

  • GUID

  • Name

  • Display name

  • Legacy Exchange DN

  • Primary SMTP email address

The values in this attribute do not apply to the senders that are the moderators of the dynamic distribution group.

This reference attribute accepts the following object types:

  • Contact

  • DistributionGroup

  • DynamicDistributionGroup

  • Mailbox

  • MailUser

Read, Write

ConditionalCustomAttribute1

Allow you to get or set recipients based on the corresponding CustomAttribute<Number> value.

For example, ConditionalCustomAttribute1 corresponds to CustomAttribute1, ConditionalCustomAttribute2 corresponds to CustomAttribute2, and so on.

Read, Write

ConditionalCustomAttribute2

ConditionalCustomAttribute3

ConditionalCustomAttribute4

ConditionalCustomAttribute5

ConditionalCustomAttribute6

ConditionalCustomAttribute7

ConditionalCustomAttribute8

ConditionalCustomAttribute9

ConditionalCustomAttribute10

ConditionalCustomAttribute11

ConditionalCustomAttribute12

ConditionalCustomAttribute13

ConditionalCustomAttribute14

ConditionalCustomAttribute15

ConditionalDepartment

Uses the Department field to get or set the recipients used to build the dynamic distribution group.

A comma that separates values of this multivalued attribute acts as the OR operator.

Read, Write

NOTE: When writing data using this attribute, you cannot use the RecipientFilter attribute to write data.

ConditionalStateOrProvince

Uses the State/Province field to get or set the recipients used to build the dynamic distribution group.

A comma that separates values of this multivalued attribute acts as the OR operator.

Read, Write

CustomAttribute1

Get or set the additional custom values you specify.

Read, Write

CustomAttribute2

CustomAttribute3

CustomAttribute4

CustomAttribute5

CustomAttribute6

CustomAttribute7

CustomAttribute8

CustomAttribute9

CustomAttribute10

CustomAttribute11

CustomAttribute12

CustomAttribute13

CustomAttribute14

CustomAttribute15

DisplayName

Gets or sets the display name of the dynamic distribution group.

Read, Write

EmailAddresses

Gets or sets the email addresses of the dynamic distribution group. When specifying two or more email addresses in this multivalued attribute, use a comma as a separator.

Read, Write

GrantSendOnBehalfTo

Gets or sets the distinguished name (DN) of other senders that can send messages on behalf of the dynamic distribution group.

This reference attribute only accepts the following object type:

  • Mailbox

Read, Write

IncludedRecipients

Gets or sets the recipient types used to build the dynamic distribution group.

This attribute can take the following values:

  • AllRecipients

  • MailContacts

  • MailGroups

  • MailUsers

  • MailboxUsers

  • Resources

  • None

NOTE: You can use combinations of these values, except the AllRecipients value. No other value can be used along with the AllRecipients value.

Read, Write

LdapRecipientFilter

Gets the recipient filter that was created by using the RecipientFilter attribute.

Read

ManagedBy

Gets or sets the owner of the dynamic distribution group.

This reference attribute accepts the following object types:

  • Mailbox

  • MailUser

Read, Write

ManagedBy

Gets or sets the name of the mail-enabled user, group, or contact displayed on the Managed by tab of the Active Directory object.

This reference attribute accepts the name in one of the following formats:

  • Alias

  • Canonical DN

  • Display Name

  • Distinguished Name (DN)

  • Domain\Account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP Address

  • User Principal Name

This reference attribute accepts the following object types:

  • Mailbox

  • MailUser

Read, Write

ModeratedBy

Gets or sets the users who are moderating the messages sent to the dynamic distribution group.

To specify multiple users, use a comma as a separator.

This reference attribute is required if you set the value of the ModerationEnabled attribute to TRUE.

This reference attribute accepts the following object types:

  • Mailbox

  • MailUser

Read, Write

ModerationEnabled

Gets or sets whether moderation is enabled for the dynamic distribution group.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

Name

Gets or sets the name of the dynamic distribution group.

Read, Write

Notes

Gets or sets comments for the dynamic distribution group.

Read, Write

ObjectID

Gets the unique object identifier (GUID).

Read

PhoneticDisplayName

Gets or sets a phonetic pronunciation of the value specified in the DisplayName attribute.

Read, Write

PrimarySmtpAddress

Gets or sets the primary return SMTP email address of the dynamic distribution group. You can use this attribute if the group has two or more SMTP email addresses.

Read, Write

RecipientContainer

Gets or sets the recipients used to build the dynamic distribution group, based on their location in Active Directory.

This attribute can take the canonical name of the Active Directory Organizational Unit (OU) or domain where the recipients reside.

When this attribute is omitted, the local container is used.

Read, Write

RecipientFilter

Gets or sets the mail-enabled recipients to be included in the dynamic distribution group. This attribute accepts OPATH filtering syntax.

Syntax example:

((Company -eq 'MyCompany') -and (City -eq 'London'))

Read, Write

When writing data using this attribute, you cannot use any of the following attributes to write data:

  • IncludedRecipients

  • ConditionalCompany

  • ConditionalCustomAttribute<Number>

  • ConditionalDepartment

  • ConditionalStateOrProvince

RejectMessagesFrom

Gets or sets the senders whose messages to the dynamic distribution group are rejected.

This reference attribute can take senders in one of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • Contact

  • Mailbox

Read, Write

RejectMessagesFromDLMembers

Gets or sets the distribution groups whose members cannot send email messages to the dynamic distribution group (their messages are rejected).

This reference attribute can take distribution groups in one of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • DistributionGroup

  • DynamicDistributionGroup

Read, Write

RejectMessagesFromSendersOrMembers

Gets or sets the senders that cannot send email messages to the dynamic distribution group (their messages are rejected).

This reference attribute can take senders in one of the following formats:

  • Alias

  • Canonical DN

  • Display name

  • Distinguished name (DN)

  • Domain\account

  • GUID

  • Immutable ID

  • Legacy Exchange DN

  • SMTP address

  • User principal name

This reference attribute accepts the following object types:

  • Contact

  • DistributionGroup

  • DynamicDistributionGroup

  • Mailbox

Read, Write

ReportToManagerEnabled

Gets or sets a value that specifies whether or not to send delivery reports to the dynamic distribution group manager.

This Boolean attribute can take one of the following values:

  • TRUE: Indicates that delivery reports are enabled.

  • FALSE (default): Indicates that delivery reports are disabled.

Read, Write

ReportToOriginatorEnabled

Gets or sets a value that specifies whether or not to send a delivery reports to the user who sent an email message to the dynamic distribution group.

This Boolean attribute can take one of the following values:

  • TRUE: Indicates that delivery reports are enabled.

  • FALSE (default): Indicates that delivery reports are disabled.

Read, Write

SendModerationNotifications

Gets or sets whether or not to send a notification to the sender whose message to the moderated dynamic distribution group is rejected by a moderator.

This attribute can take one of the following values:

  • Always: Indicates that moderation notifications are sent to all senders.

  • Internal: Indicates that moderation notifications are sent to the internal senders only.

  • Never: Indicates that moderation notifications are disabled.

Read, Write

SendOofMessageToOriginatorEnabled

Gets or sets a value that specifies whether or not to deliver out-of-office messages to the user who sent an e-mail message to the dynamic distribution group.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

ExternalAccessPolicy object attributes

Table 81: ExternalAccessPolicy object attributes

Attribute

Description

Supported operations

Anchor

Gets the Anchor property value of the policy.

Read

Description

Gets the policy description.

Read

Identity

Gets the unique identifier assigned to the policy.

Read

Members

Gets the users who have been assigned the policy.

Read

ObjectID

Gets the unique object identifier (GUID).

Read

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation