立即与支持人员聊天
与支持团队交流

Active Roles 8.2.1 - Synchronization Service Administration Guide

Synchronization Service overview Deploying Synchronization Service Deploying Synchronization Service for use with AWS Managed Microsoft AD Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

Synchronization of group membership

Synchronization Service allows you to ensure that group membership information is in sync in all connected data systems. For example, when creating a group object from an Active Directory domain to an AD LDS (ADAM) instance, you can configure rules to synchronize the Member attribute from the Active Directory domain to the AD LDS (ADAM) instance.

Windows PowerShell scripting

The Management Shell component of Synchronization Service is an automation and scripting shell that provides a command-line management interface for synchronizing data between connected systems via the Synchronization Service.

The Management Shell is implemented as a Windows PowerShell snap-in that extends the standard Windows PowerShell functionality. The cmdlets provided by the Management Shell conform to the Windows PowerShell standards and are fully compatible with the default command-line tools that come with Windows PowerShell.

The Management Shell allows administrators to perform attribute or password synchronization operations by using Windows PowerShell scripts. For example, you can compose and run a Windows PowerShell script that assigns values to the target object attributes using the values of the source object attributes. For more information, see Using PowerShell script to transform passwords.

Attribute synchronization rules

With Synchronization Service, you can create and configure synchronization rules to generate values of target object attributes. These rules support the following types of synchronization:

  • Direct synchronization: Assigns the value of a source object attribute to the target object attribute you specify.

  • Script-based synchronization: Allows you to use a Windows PowerShell script to generate the target object attribute value.

  • Rule-based synchronization: Allows you to create and use rules to generate the target object attribute value you want.

Rule-based generation of distinguished names

Synchronization Service lets you create flexible rules for generating the distinguished names (DNs) of objects being created. These rules allow you to ensure that created objects are named in full compliance with the naming conventions existing in your organization.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级