Bob,
You should never use the login as the unique id anyway, so it's good
that you are looking into other fields. The reason you should never use
the samAccountName or any other field containing an aspect of the name
is because of marriage and divorce. When people's names change, you
want to be able to change their login id as well without adding or
deleting accounts.
What we did was to create a new field on the Active Directory side that
we can use to link all people data together. We have an employee_id
that comes out of our Oracle HR system, and we have decided that it
should be used as the company-wide unique identifier. Since HR is the
origin of people information anyway, it makes sense to let them decide
on what the unique id should be, not the Active Directory or Remedy
groups.
I know this doesn't directly answer your question, but it may help to
come up with a plan that can be useful to other applications in your
company as well to kill two birds with one stone.
Shawn Pierson
-Original Message-
From: Action Request System discussion list(ARSList)
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Wallace
Sent: Monday, September 25, 2006 7:23 PM
To: arslist@ARSLIST.ORG
Subject: LDAP Interface with Active Directory using objectGUID or
objectSID
Hello ARSList,
We are working with a new implementation of ARS 6.3, with ITSM 6.0
(Help
Desk and SLA) on a M/S 2003 Server accessing a SQL Server 2000 remote
server.
We are trying to populate SHR:People via entries in Active Directory
(running on Windows 2003 in mixed mode).
We have encountered problems with the normal attributes used for
uniqueness
sAMAccountName - we have some accounts that exceed the 15 char max
for
Request ID
Remedy Support suggested using uSNCreated but accounts are created
on
more that Domain Controller, which (from what I've read) can cause that
attribute to have duplicated values
It looked like the objectGUID or objectSid attributes would be good
candidates but we could not get those attributes to display properly in
the
Vendor form.
Remedy Support stated that objectGUID ... is stored
in a format that Remedy does not support. Remedy cannot interpret the
Hex data properly ... .
We manually added a objectSID field but it did not display properly
either.
I think this interface is accomplished via one of the plugins. Does
anyone know of a change that can be made which would allow access to the
hex data formatted data in objectGUID or objectSID?
Thank you,
Bob Wallace.
___
UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
The information in this e-mail, and any files transmitted with it, is intended
for the exclusive use of the recipient(s) to which it is addressed and may
contain confidential, proprietary or privileged information. If you are not an
intended recipient, you have received this transmission in error and any use,
review, dissemination, distribution, printing or copying of this information is
strictly prohibited. If you have received this e-mail in error, please notify
the sender immediately of the erroneous transmission by reply e-mail,
immediately delete this e-mail and all electronic copies of it from your system
and destroy any hard copies of it that you may have made. Thank you.
___
UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
