立即与支持人员聊天
与支持团队交流

Active Roles Sync Service 8.2 - Administration Guide

Synchronization Service overview Deploying Synchronization Service Deploying Synchronization Service for use with AWS Managed Microsoft AD Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

WebApplication object attributes

In a SharePoint connection, the Synchronization Service supports the following attributes of the WebApplication object with the following synchronization operations.

Table 69: WebApplication object attributes

Attribute

Type

Description

Supported operations

AlertsEnabled

Single-valued, Boolean

Gets or sets whether alerts are allowed in the web application.

Read, write (update only)

AlertsLimited

Single-valued, Boolean

Gets or sets whether a limit is imposed on the number of lists and list items for which alerts can be created.

Read, write (update only)

AlertsMaximum

Single-valued, integer

Gets or sets the maximum number of lists and list items for which a single user can create alerts.

Read, write (update only)

AlertsMaximumQuerySet

Single-valued, integer

Gets or sets the maximum number of records in a query set that is associated with an alert object.

Read, write (update only)

AllowAccessToWebPartCatalog

Single-valued, Boolean

Gets or sets whether sites in the Web application can use Web Parts located in the global catalog.

Read, write (update only)

AllowAnalyticsCookieForAnonymousUsers

Single-valued, Boolean

Gets or sets whether analytics cookies are allowed for anonymous users.

Read, write (update only)

AllowContributorsToEditScriptableParts

Single-valued, Boolean

Gets or sets whether the contributors are allowed to edit scriptable Web Parts.

Read, write (update only)

AllowDesigner

Single-valued, Boolean

Gets or sets whether websites within the web application can be edited with SharePoint Designer.

Read, write (update only)

AllowedInlineDownloadedMimeTypes

Multivalued, string

Gets the MIME content types that are not force-downloaded to the computer of the user.

Files not listed in this attribute value are considered to be script files and can interact with the web application on the user’s behalf.

Read

AllowHighCharacterListFolderNames

Single-valued, Boolean

Gets or sets whether non-alphanumeric characters are allowed in the list folder names that are generated automatically.

Read, write (update only)

AllowMasterPageEditing

Single-valued, Boolean

Gets or sets whether the users are allowed to edit master pages.

Read, write (update only)

AllowOMCodeOverrideThrottleSettings

Single-valued, Boolean

Gets or sets whether custom object model code is allowed to override the throttle settings.

Read, write (update only)

AllowPartToPartCommunication

Single-valued, Boolean

Gets or sets whether the Web application allows communication between different Web Parts.

Read, write (update only)

AllowRevertFromTemplate

Single-valued, Boolean

Gets or sets whether customized sites can be rolled back to their base templates.

Read, write (update only)

AllowSelfServiceUpgradeEvaluation

Single-valued, Boolean

Gets or sets whether upgrade evaluation site collections can be created.

Read, write (update only)

AllowSilverlightPrompt

Single-valued, Boolean

Gets or sets whether UI elements that require Microsoft Silverlight prompt the user to download and install Silverlight.

Read, write (update only)

AlwaysProcessDocuments

Single-valued, Boolean

Gets or sets whether documents to be returned are always processed by document parsers.

Read, write (update only)

ApplicationPrincipalMaxRights

Multivalued, string

Gets or sets the maximum rights that any application principal user has in the web application.

Read, write (update only)

AutomaticallyDeleteUnusedSiteCollections

Single-valued, Boolean

Gets or sets whether to automatically delete unused site collections.

Read, write (update only)

BlockedFileExtensions

Multivalued, string

Gets the list of file name extensions that are forbidden for download from the sites within the web application.

Read

BrowserCEIPEnabled

Single-valued, Boolean

Gets or sets whether the Customer Experience Improvement Program is enabled in the web browser.

Read, write (update only)

CanRenameOnRestore

Single-valued, Boolean

Gets whether the web application can be renamed during its restore.

Read

CanSelectForBackup

Single-valued, Boolean

Gets or sets whether the web application can be backed up.

Read, write (update only)

CanSelectForRestore

Single-valued, Boolean

Gets or sets whether the web application can be restored.

Read, write (update only)

CascadeDeleteMaximumItemLimit

Single-valued, integer

Gets or sets the maximum number of items that can be checked in a Cascade or Restrict delete operation.

Read, write (update only)

CascadeDeleteTimeoutMultiplier

Single-valued, integer

Gets or sets the cost per item deleted in a referential integrity delete operation.

Read, write (update only)

CellStorageWebServiceEnabled

Single-valued, Boolean

Gets or sets whether the Web service named WebSvcCellStorage is enabled.

Read, write (update only)

ChangeLogExpirationEnabled

Single-valued, Boolean

Gets or sets whether change logs get deleted after the retention period set in the ChangeLogRetentionPeriod property expires.

Read, write (update only)

ChangeLogRetentionPeriod

Single-valued, string (TimeSpan)

Gets or sets the period (in days) during which the change logs are retained.

Read, write (update only)

CrossDomainPhotosEnabled

Single-valued, Boolean

Gets or sets whether cross-domain photos are enabled.

Read, write (update only)

CustomAppErrorLimit

Single-valued, integer

Gets or sets the maximum number of calls that the Web application can make each 24 hours to log custom errors.

Read, write (update only)

DailyStartUnthrottledPrivilegedOperationsHour

Single-valued, integer

Gets or sets the hour (in the local time zone) when the unthrottled daily time window starts.

Read, write (update only)

DailyStartUnthrottledPrivilegedOperationsMinute

Single-valued, integer

Gets or sets the minute (in the local time zone) when the unthrottled daily time window starts.

Read, write (update only)

DailyUnthrottledPrivilegedOperationsDuration

Single-valued, integer

Gets or sets the period (in hours) during which the unthrottled daily time window remains open.

Read, write (update only)

DaysToShowNewIndicator

Single-valued, integer

Gets or sets the period (in days) during which the New icon is displayed next to new list items.

Read, write (update only)

DefaultQuotaTemplate

Single-valued, string

Gets or sets the default quota template applicable to all site collections.

Read, write (update only)

DefaultServerComment

Single-valued, string

Gets the default comment for the Internet Information Services (IIS) website.

This default comment is used in situations where a comment is not specified by the web application.

Read

DefaultTimeZone

Single-valued, integer

Gets or sets the default time zone for the web application.

Read, write (update only)

DisableCoauthoring

Single-valued, Boolean

Gets or sets whether co-authoring using Microsoft Office is disabled.

Read, write (update only)

DisplayName

Single-valued, string

Gets the display name of the web application.

Read

DocumentLibraryCalloutOfficeWebAppPreviewersDisabled

Single-valued, Boolean

Gets or sets whether the Document Library Callout’s WAC previewers are disabled.

Read, write (update only)

EmailToNoPermissionWorkflowParticipantsEnabled

Single-valued, Boolean

Gets or sets whether users that have no site permissions receive a notification email when they are assigned workflow tasks.

Read, write (update only)

EnabledClaimProviders

Multivalued, string

Reserved for internal use.

Read

EventHandlersEnabled

Single-valued, Boolean

Gets or sets whether event handlers are enabled for the Web application.

Read, write (update only)

EventLogRetentionPeriod

Single-valued, string (TimeSpan)

Gets or sets the period (in days) during which the event logs are retained.

Read, write (update only)

ExternalUrlZone

Single-valued, string

Gets or sets the URL zone for cross-firewall access.

Read, write (update only)

ExternalWorkflowParticipantsEnabled

Single-valued, Boolean

Gets or sets whether external users can participate in a workflow if they have a document copy.

Read, write (update only)

FileNotFoundPage

Single-valued, string

Gets or sets the name of the HTML file that contains the error information to be displayed in a situation where a file is not found.

Read, write (update only)

ForceseekEnabled

Single-valued, Boolean

Gets or sets whether the FORCESEEK hint is enabled.

Read, write (update only)

Id

Single-valued, string

Gets or sets the object ID.

Read, write

IncomingEmailServerAddress

Single-valued, string

Gets or sets the name of the email server that is used to receive incoming email messages.

Read, write (update only)

InheritDataRetrievalSettings

Single-valued, Boolean

Gets or sets whether the web application inherits data retrieval settings from the central administration application.

Read, write (update only)

IsAdministrationWebApplication

Single-valued, Boolean

Gets or sets whether the web application is the central administration application.

Read, write (update only)

MasterPageReferenceEnabled

Single-valued, Boolean

Gets or sets whether site administrators can enable dynamic master page referencing for the web application pages.

Read, write (update only)

MaximumFileSize

Single-valued, integer

Gets or sets the maximum file size limit for files to be uploaded.

Read, write (update only)

MaxItemsPerThrottledOperation

Single-valued, integer

Gets or sets the count of items at which throttling begins for list operations.

Read, write (update only)

MaxItemsPerThrottledOperationOverride

Single-valued, integer

Gets or sets the maximum count of items for which throttling is not enabled if the current user is an administrator or auditor.

Read, write (update only)

MaxItemsPerThrottledOperationWarningLevel

Single-valued, integer

Gets or sets the warning level for the number of items in list operations.

Read, write (update only)

MaxQueryLookupFields

Single-valued, integer

Gets or sets the maximum number of lookup fields that may be included in a list item query.

Read, write (update only)

MaxSizeForSelfServiceEvalSiteCreationMB

Single-valued, LargeInteger

Gets or sets the maximum possible size (in MB) of a site collection for which the creation of evaluation sites is permitted through self-service.

Read, write (update only)

MaxUniquePermScopesPerList

Single-valued, integer

Gets or sets the maximum number unique scopes that can be in a list.

Read, write (update only)

MetaWeblogAuthenticationEnabled

Single-valued, Boolean

Gets or sets whether authentication via the MetaWeblog API is enabled for the web application.

Read, write (update only)

MetaWeblogEnabled

Single-valued, Boolean

Gets or sets whether the MetaWeblog API is enabled for the web application.

Read, write (update only)

OfficialFileName

Single-valued, string

Gets or sets the name of the Records Repository Web Service that is used to get the official file.

Read, write (update only)

OfficialFileUrl

Multivalued, string

Gets the URL of the Recovery Repository Web Service that is used to get the official file.

Read

OutboundMailCodePage

Single-valued, integer

Gets or sets the default code page that is used for sending emails.

Read, write (update only)

OutboundMailReplyToAddress

Single-valued, string

Gets or sets the default reply email address to be used in email messages.

Read, write (update only)

OutboundMailSenderAddress

Single-valued, string

Gets or sets the default sender’s email address to be displayed in the From field of outgoing email messages.

Read, write (update only)

Parent

Single-valued, string

Gets or sets the parent of the object.

Read, write

PresenceEnabled

Single-valued, Boolean

Gets or sets whether presence information is enabled in the web application.

Read, write (update only)

ReadOnlyMaintenanceLink

Single-valued, string

Gets or sets a link to the upgrade maintenance page.

Read, write (update only)

RecycleBinCleanupEnabled

Single-valued, Boolean

Gets or sets whether recycle bin cleanup is enabled.

Read, write (update only)

RecycleBinEnabled

Single-valued, Boolean

Gets or sets whether the Recycle Bin is enabled.

Read, write (update only)

RecycleBinRetentionPeriod

Single-valued, integer

Gets or sets the period (in days) during which deleted items are retained in the Recycle Bin.

Read, write (update only)

RenderingFromMetainfoEnabled

Single-valued, Boolean

Gets or sets whether page roundtrip optimization is enabled.

Read, write (update only)

RequireContactForSelfServiceSiteCreation

Single-valued, Boolean

Gets or sets whether self-service site creation requires contact information of the site owner.

Read, write (update only)

ScopeExternalConnectionsToSiteSubscriptions

Single-valued, Boolean

No description available.

Read, write (update only)

SecondStageRecycleBinQuota

Single-valued, integer

Gets or sets the storage quota (in per cent) available to the second stage Recycle Bin.

Read, write (update only)

SelfServiceCreateIndividualSite

Single-valued, Boolean

Gets or sets whether self-service should create an individual site or a site collection.

Read, write (update only)

SelfServiceCreationParentSiteUrl

Single-valued, string

Gets or sets the parent site URL under which children sites are to be created.

Read, write (update only)

SelfServiceCreationQuotaTemplate

Single-valued, string

Gets or sets the quota template to be used when creating site collections.

Read, write (update only)

SelfServiceSiteCreationEnabled

Single-valued, Boolean

Gets or sets whether sites can be created by using self-service in the Web application.

Read, write (update only)

SelfServiceSiteCustomFormUrl

Single-valued, string

Gets or sets the custom form URL to be used when creating sites through self-service.

Read, write (update only)

SendLoginCredentialsByEmail

Single-valued, Boolean

Gets or sets whether the login credentials of newly-created users are sent to them via email.

Read, write (update only)

SendSiteUpgradeEmails

Single-valued, Boolean

Gets or sets whether to send an email notification once a site upgrade completes.

Read, write (update only)

SendUnusedSiteCollectionNotifications

Single-valued, Boolean

Gets or sets whether to sent notifications to the owners of unused sites.

Read, write (update only)

ShowStartASiteMenuItem

Single-valued, Boolean

Gets or sets whether the Start a new site menu command is available.

Read, write (update only)

ShowURLStructure

Single-valued, Boolean

Gets or sets whether the users are allowed to see the file structure of the websites.

Read, write (update only)

StorageMetricsProcessingDuration

Single-valued, integer

Gets or sets the maximum duration (in second) for the processing of metric changes for documents.

Read, write (update only)

SuiteBarBrandingElementHtml

Single-valued, string

Gets or sets the HTML snippet that is displayed in the SuiteBarBrandingElement control.

Read, write (update only)

SyndicationEnabled

Single-valued, Boolean

Gets or sets whether syndication is enabled.

Read, write (update only)

TypeName

Single-valued, string

Gets the type of object for the web application.

Read

UnthrottledPrivilegedOperationWindowEnabled

Single-valued, Boolean

Gets or sets whether to enable unthrottled daily time window. When this attribute is set to TRUE, large list operations are not throttled when they occur within the time window.

Read, write (update only)

UnusedSiteNotificationPeriod

Single-valued, string (TimeSpan)

Gets the time period during which the site was unused.

Read

UnusedSiteNotificationsBeforeDeletion

Single-valued, integer

Gets or sets the number of site deletion notifications that must be sent before an unused site gets deleted.

Read, write (update only)

UpgradeEvalSitesRetentionDays

Single-valued, integer

Gets or sets the period (in days) since the evaluation site creation date after which the evaluation site gets deleted.

Read, write (update only)

UpgradeMaintenanceLink

Single-valued, string

Gets or sets a link pointing to the upgrade maintenance page.

Read, write (update only)

UpgradeReminderDelay

Single-valued, integer

Gets or sets the number of days by which the site collection administrator can put off the upgrade reminder.

When this attribute value is set to 0, the status notification shows that an upgrade is required.

Read, write (update only)

UseClaimsAuthentication

Single-valued, Boolean

Gets or sets whether claims authentication is enabled.

Read, write (update only)

UseExternalUrlZoneForAlerts

Single-valued, Boolean

Gets or sets whether to use an external URL zone in emails providing information about alerts.

If this attribute is set to TRUE and a cross-firewall URL zone is configured, then that zone is used in the emails containing alerts.

If this attribute is set to TRUE, and no cross-firewall URL zone is configured, then the emails containing alerts use the default zone URL for the web application.

Read, write (update only)

UserDefinedWorkflowMaximumComplexity

Single-valued, integer

Gets or sets the maximum number of activities and bindings that a user-defined workflow can have.

Read, write (update only)

UserDefinedWorkflowsEnabled

Single-valued, Boolean

Gets or sets whether the users can create workflows in the web application.

Read, write (update only)

UserPhotoErrorExpiration

Single-valued, string (Double)

Gets or sets the period (in hours) upon which the error window for photos expires.

Read, write (update only)

UserPhotoExpiration

Single-valued, string (Double)

Gets or sets the period (in hours) upon which the photo expires.

Read, write (update only)

UserPhotoImportEnabled

Single-valued, Boolean

Gets or sets whether photo import is enabled.

Read, write (update only)

UserPhotoOnlineImportEnabled

Single-valued, Boolean

Gets or sets whether photo import is enabled for Exchange Online.

Read, write (update only)

WebFileExtensions

Multivalued, string

Gets the list of file name extensions that identify web files.

Read

WebTemplate object attributes

In a SharePoint connection, the Synchronization Service supports the following attributes of the WebTemplate object with the following synchronization operations.

Table 70: WebTemplate object attributes

Attribute

Type

Description

Supported operations

AllowGlobalFeatureAssociations

Single-valued, Boolean

Gets whether global feature associations are allowed on sites created with the web template.

Read

CompatibilityLevel

Single-valued, integer

Gets the web template compatibility level.

Read

Description

Single-valued, string

Gets the web template description.

Read

DisplayCategory

Single-valued, string

Gets the name of the category to which the web template belongs.

Read

Id

Single-valued, string

Gets or sets the object ID.

Read, write (create only)

IDWebTemplate

Single-valued, integer

Gets the web template ID.

Read

IsCustomTemplate

Single-valued, Boolean

Gets whether this is a custom web template.

Read

IsFarmWideTemplate

Single-valued, Boolean

Gets whether the web template is a farm-wide template and can be used to create sites across the entire SharePoint farm.

Read

IsHidden

Single-valued, Boolean

Gets whether the web template is hidden from the user interface.

Read

IsRootWebOnly

Single-valued, Boolean

Gets whether the web template can only be applied to the root site in the site collection.

Read

IsSubWebOnly

Single-valued, Boolean

Gets whether the web template is only applicable to subsites within the site collection.

Read

IsUnique

Single-valued, Boolean

Gets whether the site created from the web template inherits from its parent.

Read

Lcid

Single-valued, integer

Gets the locale identifier of the web template.

Read

Name

Single-valued, string

Gets the internal name of the web template.

Read

Parent

Single-valued, string, reference (Web object)

Gets or sets the parent of the object.

Read, write (create only)

ProvisionAssembly

Single-valued, string

Gets the name of the assembly that implements the class which contains logic for provisioning sites created through the web template.

Read

ProvisionClass

Single-valued, string

Gets the name of the class which provides logic for provisioning sites created through the web template.

Read

ProvisionData

Single-valued, string

Gets the data that is passed to the site provisioning handler when creating sites.

Read

SupportsMultilingualUI

Single-valued, Boolean

Gets whether it is possible to enable alternate user interface languages for the sites created from the web template.

Read

Title

Single-valued, string

Gets the display name of the web template.

Read

UserLicensingId

Single-valued, string

Gets the per-user license.

Read

VisibilityFeatureDependencyId

Single-valued, string

Gets the GUID of the feature on which the web template depends.

Read

Considerations for creating objects in SharePoint

When creating objects in SharePoint, consider the following:

  • RoleAssignment object: To create this object, you must populate the value of the Member attribute for the object. Since Member is a reference attribute, you can only populate its value by configuring a value generation rule. For more information about value generation rules, see Using value generation rules.

  • Site object: To create this object, you must populate the values of attributes URL and Owner for the object.

Working with Microsoft 365

To create a connection to Microsoft 365, you must use Synchronization Service in conjunction with a special connector called Microsoft 365 Connector (formerly known as Office 365 Connector). This connector is included in the Synchronization Service package.

The Microsoft 365 Connector supports the following features:

Table 71: Microsoft 365 Connector – Supported features

Feature

Supported

Bidirectional synchronization

Specifies whether you can both read and write data in the connected data system.

Yes

Delta processing mode

Specifies whether the connection can process only the data that has changed in the connected data system since the last synchronization operation. This reduces the overall synchronization duration.

No

Password synchronization

Specifies whether you can synchronize user passwords from an Active Directory (AD) domain to the connected data system.

No

Secure Sockets Layer (SSL) data encryption

Specifies whether the connector can use SSL to encrypt data transmitted between Active Roles Synchronization Service and the connected data system.

Yes

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级