I actually like the idea of assigning a unique ID from
another system (say like a UID) but as an alternative possibility that
doesn't require using another store...
If a single domain, use the RID of the
users.
If multiple domain, use some value for each domain like
0=domain0, 1=domain1, 2=domain2, or actual prefix like Dom1, Dom2,
Dom3, to prepend to the RID.
Of course the question that has to be asked, what about
users who are moved from one domain to another. Does it happen? And if so, what
does it mean in relation to this remedy ID?
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Monday, March 13, 2006 2:51 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How to make EmployeeNumber unique?
Storing it in another database or file would be helpful. If that
doesn't work for you, if the information is indexed and in the GC, you *could*
generate a new unique number (based on your criteria) and search for it.
If the search comes up empty, then create it; if you get a hit, discard and take
appropriate action to get that resolved. Rinse. Repeat as desired.
-ajm
On 3/13/06, Steve
Evans <[EMAIL PROTECTED]>
wrote:
What if . . .
Use a SQL table with an identity column. So you find the users without
employee ID's (simple LDAP query), shove those into the SQL table, and get
back the new ID's for the AD accounts.
Steve Evans
_____
From: [EMAIL PROTECTED]
[mailto: [EMAIL PROTECTED]] On Behalf Of AD
Sent: Monday, March 13, 2006 9:44 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] How to make EmployeeNumber unique?
You are all right. Thanks for the quick response guys. Once again, this
group came through.
I should have gave a little more background of my problem. We would like to
connect Remedy to AD. Remedy's requirements are unique alpha numeric number
and a maximum of 15 characters. I got it to work using 5 users but know I
have to build a script that will 'stamp' 40000 users with a unique number.
The script will then run every 4 hours are so looking for any new user and
then stamp then with a unique number.
I have to make sure that new users do not get an already used number.
Scanning 40000 accounts every time I find a new user is not very effective.
Thanks again.
Y
_____
From: [EMAIL PROTECTED] on behalf of Al Mulnick
Sent: Mon 13/03/2006 12:05 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] How to make EmployeeNumber unique?
In the end, it really does come down to ensuring that your source value is
unique. Not having your global repository ensuring it's uniuqe for you.
Subtle yet distinct difference that you'll find has it's own set of
tradeoffs.
If you want employeeID to be unique across your forest, ensure it's indexed
and in your global catalogs. Add a step into your creation process that
checks for that value prior to commit.
Al
On 3/13/06, joe <[EMAIL PROTECTED]> wrote:
Hope away, won't help. :o)
Even sAMAccountName uniqueness can be sidestepped, it is a distributed
system, the only way to get true enforced uniqueness is to
singlehome/singlemaster the updates that you want to be unique.
I have asked for triggers and business rules in AD but was told by Stuart
Kwan of the Ottawa Kwan Clan that they have already implemented those for
us.... in MIIS.
joe
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
_____
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of AD
Sent: Monday, March 13, 2006 11:34 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] How to make EmployeeNumber unique?
I was hoping I can flick a switch to enforce uniqueness. Kinda like
samaccount name or DN.
_____
From: [EMAIL PROTECTED] on behalf of Darren Mar-Elia
Sent: Mon 13/03/2006 11:24 AM
To: ActiveDir@mail.activedir.org <mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] How to make EmployeeNumber unique?
I suspect you will need an external process to do this. There is no
built-in capability for enforcing this kind of uniqueness. So you will
need some centralized script or application that all changes to this
attribute go through for validation.
Darren
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of AD
Sent: Monday, March 13, 2006 8:12 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] How to make EmployeeNumber unique?
Hey,
Can anyone tell me how I can force uniqueness on the EmployeeNumber
attribute? I researched it for about 30 minutes but could not find an
answer. I usually would take more time but I am in a hurry.
Thanks
Yves St-Cyr
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
<http://www.mail-archive.com/activedir%40mail.activedir.org/>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
