|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Upload toolI have some information (employee ID) that I need to add as a custom
attribute in AD. We have about 1500 users so I don't want to have to input it manually. We can get the employee ID out of SQL but I'm looking for a tool where we can upload it automatically. Does such a thing exist? No help on your bulk tool, short of Microsoft Identity Integration Server,
but AD already has an employeeID attibute. -- Show quoteHide quote/kj "Rob" <R**@discussions.microsoft.com> wrote in message news:642E5959-F276-4CA2-9C1E-AECF57BD7A3C@microsoft.com... >I have some information (employee ID) that I need to add as a custom > attribute in AD. We have about 1500 users so I don't want to have to input > it > manually. We can get the employee ID out of SQL but I'm looking for a tool > where we can upload it automatically. Does such a thing exist? LDIFDE should do the trick:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/howto/bulkstep.mspx Show quoteHide quote "Rob" wrote: > I have some information (employee ID) that I need to add as a custom > attribute in AD. We have about 1500 users so I don't want to have to input it > manually. We can get the employee ID out of SQL but I'm looking for a tool > where we can upload it automatically. Does such a thing exist? Let me give a little more info on what we're trying to do. We're going to
pull employee name and employee ID and put it into an Excel spreadsheet, csv or text file. We want that info to import into AD, Exchange tab, Custom Attributes, extensionAttribute1. Can we pull the info from one of the formats above and import using the tools listed? Show quoteHide quote "BMoritz" wrote: > LDIFDE should do the trick: > > http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/howto/bulkstep.mspx > > > "Rob" wrote: > > > I have some information (employee ID) that I need to add as a custom > > attribute in AD. We have about 1500 users so I don't want to have to input it > > manually. We can get the employee ID out of SQL but I'm looking for a tool > > where we can upload it automatically. Does such a thing exist? In your SQL database, does the employeeID map to anything that can be used
to match that row with an AD object? If so, as KJ states, MIIS is a great way to do this. However, if you don't want to invest in an identity solution, this is overkill. You can script it. But any such automated solution requires you to match the two disparate data stores. -- Paul Williams Microsoft MVP - Windows Server - Directory Services http://www.msresource.net | http://forums.msresource.net We're pulling the info from a Ceridian payroll database. We can pull last
name, first name and employee ID number. Show quoteHide quote "Paul Williams [MVP]" wrote: > In your SQL database, does the employeeID map to anything that can be used > to match that row with an AD object? If so, as KJ states, MIIS is a great > way to do this. However, if you don't want to invest in an identity > solution, this is overkill. You can script it. But any such automated > solution requires you to match the two disparate data stores. > > -- > Paul Williams > Microsoft MVP - Windows Server - Directory Services > http://www.msresource.net | http://forums.msresource.net > > > In which case you can loosely match the AD objects through CN or ANR.
However, this isn't a guaranteed match. You can script this. However you might want to look at MIIS. One of MIIS' major reasons for existing is doing what you want to do. MIIS will match those objects that it can automatically (based on your matching rules). You can then join objects that couldn't be explicitly matched. A script won't give you this luxury. MIIS will also give you much, much functionality to incorporate provisioning code, business logic, etc. -- Paul Williams Microsoft MVP - Windows Server - Directory Services http://www.msresource.net | http://forums.msresource.net We would prefer to script it as I can guarantee that my company probably
won't drop $25k for MIIS. Any script advice/examples you can share? Show quoteHide quote "Paul Williams [MVP]" wrote: > In which case you can loosely match the AD objects through CN or ANR. > However, this isn't a guaranteed match. You can script this. However you > might want to look at MIIS. One of MIIS' major reasons for existing is > doing what you want to do. > > MIIS will match those objects that it can automatically (based on your > matching rules). You can then join objects that couldn't be explicitly > matched. A script won't give you this luxury. MIIS will also give you > much, much functionality to incorporate provisioning code, business logic, > etc. > > -- > Paul Williams > Microsoft MVP - Windows Server - Directory Services > http://www.msresource.net | http://forums.msresource.net > > > I'm afraid I don't have any script examples for you. I've only done this in
a lab using MIIS. The problem is linking the two. Have a play around with reading each user from SQL into an array and then running an LDAP query for each item in the array. Use (anr=<name>), e.g. (anr=paul williams) and then writing out to file the result set of each query. You can then manually look through and see how many will "join" immediately. You can extend the code so that it does link the two if the result set only contains one object. If it contains more, write that info. to a file in such a way that you will be able to manually join the two data sources. However, you also need to think about handling changes (delta joins, etc). I would seriously look at MIIS. It can do a whole lot more for you. Otherwise, perhaps there is an open source product that does something similar... -- Paul Williams Microsoft MVP - Windows Server - Directory Services http://www.msresource.net | http://forums.msresource.net |
|||||||||||||||||||||||
Other interesting topics