Chatta subito con l'assistenza
Chat con il supporto

Active Roles 8.1.1 - Synchronization Service Administration Guide

Synchronization Service overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector Objects and operations supported by the SCIM Connector Example of using the Generic SCIM Connector for data synchronization
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

Getting help

This section provides instructions on how to get help information for the cmdlets added by Management Shell to the Windows PowerShell environment.

Table 2: To view help

To view this

Run this command

A list of all the Synchronization Service Management Shell cmdlets available to the shell.

Get-QCCommand

Information about the parameters and other components of a Synchronization Service Management Shell cmdlet.

Run one of the following:

  • Get-QCCommand <CmdletName>

  • Get-Command <CmdletName>

NOTE: You can use wildcard character expansion. For example, to view information about the cmdlets with the names ending in Workflow, run this command: Get-Command *Workflow.

Basic help information for a Synchronization Service Management Shell cmdlet.

Get-Help <CmdletName>

Detailed help information for a Synchronization Service Management Shell cmdlet, including the descriptions of available parameters and usage examples.

Get-Help <CmdletName> -full

Basic information about how to use the help system in Windows PowerShell, including Help for the Synchronization Service Management Shell.

Get-Help

Connections to external data systems

  • External data systems supported out of the box

  • Using connectors installed remotely

  • Creating a connection

  • Renaming a connection

  • Deleting a connection

  • Modifying synchronization scope for a connection

  • Using connection handlers

  • Specifying password synchronization settings for a connection

External data systems supported with built-in connectors

Active Roles Synchronization Service supports the following external data systems with built-in connectors:

Working with Active Directory

This section describes how to create or modify a connection to Active Directory so that Synchronization Service could work with data in that data system.

To create a connection to Active Directory domain, you need to use Synchronization Service in conjunction with a special connector called Active Directory Connector. This connector is included in the Synchronization Service package.

The Active Directory Connector supports the following features:

Table 3: Active Directory Connector – Supported features

Feature

Supported

Bidirectional synchronization

Specifies whether you can both read and write data in the connected data system.

Yes

Delta processing mode

Specifies whether the connection can process only the data that has changed in the connected data system since the last synchronization operation. This reduces the overall synchronization duration.

Yes

Password synchronization

Specifies whether you can synchronize user passwords from an Active Directory (AD) domain to the connected data system.

Yes

The Active Directory Connector supports linked attributes existing in the Active Directory schema. Linked attributes allow you to establish associations between two objects.

Linked attributes exist in pairs, as follows:

  • Forward link attribute: This is a linked attribute that exists on a source object (for example, the member attribute on the Group object). Forward link attributes can be single-valued or multivalued.

  • Back link attribute: This is a linked attribute that can be specified on a target object (for example, the memberOf attribute on the User object). Back link attributes are multivalued and they must have a corresponding forward link attribute. Back link attributes are not stored in Active Directory. Rather, they are calculated based on the corresponding forward link attribute each time a query is issued.

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione