Brian Svidergol

Active Directory Cookbook (eBook, PDF)

Solutions for Administrators & Developers

• Format: PDF

Produktbeschreibung

Take the guesswork out of deploying, administering, and automating Active Directory. With hundreds of proven recipes, the updated edition of this popular cookbook provides quick, step-by-step solutions to common (and not so common) problems you might encounter when working with Microsofts network directory service.This fourth edition includes troubleshooting recipes for Windows Server 2012, Windows 8, and Exchange 2013, based on valuable input from Windows administrators. Youll also find quick solutions for the Lightweight Directory Access Protocol (LDAP), Active Directory Lightweight Directory Services (AD LDS), multi-master replication, DNS, Group Policy, and many other features.Manage new AD features, such as the Recycle Bin, Group Managed Service Accounts, and fine-grained password policiesWork with AD from the command line and use Windows PowerShell to automate tasksRemove and create forests, domains, and trustsCreate groups, modify group scope and type, and manage membershipDelegate control, view and modify permissions, and handle Kerberos ticketsImport and export data with LDAP Data Interchange Format (LDIF)Synchronize multiple directories and enforce data integrity within a single or multiple storesBack up AD, and perform authoritative and non-authoritative restores

---

Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.

Produktdetails

• Verlag: O'Reilly Media
• Seitenzahl: 860
• Erscheinungstermin: 29. Mai 2013
• Englisch
• ISBN-13: 9781449361396
• Artikelnr.: 38513567

Autorenporträt

Brian Svidergol specializes in Microsoft infrastructure and cloud-based solutions around Windows, Active Directory, Microsoft Exchange, System Center, virtualization, and MDOP. He holds the MCT, MCITP (EA), MCITP (VA), MCITP (Exchange 2010), and several other Microsoft and industry certifications. Brian authored Microsoft Official Curriculum (MOC) course 6426C - Configuring and Troubleshooting Identity and Access Solutions with Windows Server 2008 Active Directory. He has also worked on Microsoft certification exam development and related training content for several years. When he isn't working on technology projects, he enjoys family time, basketball, and gaming. Robbie Allen is a technical leader at Cisco Systems, where he has been involved in the deployment of Active Directory, DNS, DHCP, and several network management solutions. Robbie was named a Windows Server MVP in 2004 and 2005 for his contributions to the Windows community and the publication of several popular O'Reilly books. Robbie is currently studying at MIT in its system design and management program. For more information, see Robbie's web site at www.rallenhome.com.

Inhaltsangabe

Preface
Who Should Read This Book?
What's in This Book?
Conventions Used in This Book
Using Code Examples
Safari® Books Online
How to Contact Us
Acknowledgments
Chapter 1: Getting Started
1.1 Approach to the Book
1.2 Where to Find the Tools
1.3 Getting Familiar with LDIF
1.4 Replaceable Text
1.5 Where to Find More Information
Chapter 2: Forests, Domains, and Trusts
2.1 Introduction
2.2 Creating a Forest
2.3 Removing a Forest
2.4 Creating a Domain
2.5 Removing a Domain
2.6 Removing an Orphaned Domain
2.7 Finding the Domains in a Forest
2.8 Finding the NetBIOS Name of a Domain
2.9 Renaming a Domain
2.10 Raising the Domain Functional Level to Windows Server 2012
2.11 Raising the Functional Level of a Windows Server 2008 or 2008 R2 Forest
2.12 Using AdPrep to Prepare a Domain or Forest for Windows Server 2012
2.13 Determining Whether AdPrep Has Completed
2.14 Checking Whether a Windows Domain Controller Can Be Upgraded to Windows Server 2003 or 2008
2.15 Creating an External Trust
2.16 Creating a Transitive Trust Between Two AD Forests
2.17 Creating a Shortcut Trust Between Two AD Domains
2.18 Creating a Trust to a Kerberos Realm
2.19 Viewing the Trusts for a Domain
2.20 Verifying a Trust
2.21 Resetting a Trust
2.22 Removing a Trust
2.23 Enabling SID Filtering for a Trust
2.24 Enabling Quarantine for a Trust
2.25 Managing Selective Authentication for a Trust
2.26 Finding Duplicate SIDs in a Domain
2.27 Adding Additional Fields to Active Directory Users and Computers
Chapter 3: Domain Controllers, Global Catalogs, and FSMOs
3.1 Introduction
3.2 Promoting a Server to a Domain Controller
3.3 Promoting a Server to a Read-Only Domain Controller
3.4 Performing a Two-Stage RODC Installation
3.5 Modifying the Password Replication Policy
3.6 Promoting a Server to a Windows Server 2012 Domain Controller from Media
3.7 Demoting a Domain Controller
3.8 Automating the Promotion or Demotion of a Domain Controller
3.9 Troubleshooting Domain Controller Promotion or Demotion Problems
3.10 Verifying the Promotion of a Domain Controller
3.11 Removing an Unsuccessfully Demoted Domain Controller
3.12 Renaming a Domain Controller
3.13 Finding the Domain Controllers for a Domain
3.14 Finding the Closest Domain Controller
3.15 Finding a Domain Controller's Site
3.16 Moving a Domain Controller to a Different Site
3.17 Finding the Services a Domain Controller Is Advertising
3.18 Restoring a Deleted Domain Controller in Windows Server 2012
3.19 Resetting the TCP/IP Stack on a Domain Controller
3.20 Configuring a Domain Controller to Use an External Time Source
3.21 Finding the Number of Logon Attempts Made Against a Domain Controller
3.22 Enabling the /3GB Switch to Increase the LSASS Cache
3.23 Enabling and Disabling the Global Catalog
3.24 Determining Whether Global Catalog Promotion Is Complete
3.25 Finding the Global Catalog Servers in a Forest
3.26 Finding the Domain Controllers or Global Catalog Servers in a Site
3.27 Finding Domain Controllers and Global Catalogs via DNS
3.28 Changing the Preference for a Domain Controller
3.29 Disabling the Global Catalog Requirement for User Logon
3.30 Finding the FSMO Role Holders
3.31 Transferring a FSMO Role
3.32 Seizing a FSMO Role
3.33 Finding the PDC Emulator FSMO Role Owner via DNS
Chapter 4: Searching and Manipulating Objects
4.1 Introduction
4.2 Viewing the RootDSE
4.3 Viewing the Attributes of an Object
4.4 Counting Objects in Active Directory
4.5 Using LDAP Controls
4.6 Using a Fast or Concurrent Bind
4.7 Connecting to an Object GUID
4.8 Connecting to a Well-Known GUID
4.9 Searching for Objects in a Domain
4.10 Searching the Global Catalog
4.11 Searching for a Large Number of Objects
4.12 Searching with an Attribute-Scoped Query
4.13 Searching with a Bitwise Filter
4.14 Creating an Object
4.15 Modifying an Object
4.16 Modifying a Bit-Flag Attribute
4.17 Dynamically Linking an Auxiliary Class
4.18 Creating a Dynamic Object
4.19 Refreshing a Dynamic Object
4.20 Modifying the Default TTL Settings for Dynamic Objects
4.21 Moving an Object to a Different OU or Container
4.22 Moving an Object to a Different Domain
4.23 Referencing an External Domain
4.24 Renaming an Object
4.25 Deleting an Object
4.26 Deleting a Container That Has Child Objects
4.27 Viewing the Created and Last-Modified Timestamp of an Object
4.28 Modifying the Default LDAP Query Policy
4.29 Exporting Objects to an LDIF File
4.30 Importing Objects Using an LDIF File
4.31 Exporting Objects to a CSV File
4.32 Importing Objects Using PowerShell and a CSV File
Chapter 5: Organizational Units
5.1 Introduction
5.2 Creating an OU
5.3 Enumerating the OUs in a Domain
5.4 Finding an OU
5.5 Enumerating the Objects in an OU
5.6 Deleting the Objects in an OU
5.7 Deleting an OU
5.8 Moving the Objects in an OU to a Different OU
5.9 Moving an OU
5.10 Renaming an OU
5.11 Modifying an OU
5.12 Determining Approximately How Many Child Objects an OU Has
5.13 Delegating Control of an OU
5.14 Assigning or Removing a Manager for an OU
5.15 Linking a GPO to an OU
5.16 Protecting an OU Against Accidental Deletion
Chapter 6: Users
6.1 Introduction
6.2 Modifying the Default Display Name Used When Creating Users in ADUC or ADAC
6.3 Creating a User
6.4 Creating a Large Number of Users
6.5 Creating an inetOrgPerson User
6.6 Converting a user Object to an inetOrgPerson Object (or Vice Versa)
6.7 Modifying an Attribute for Several Users at Once
6.8 Deleting a User
6.9 Setting a User's Profile Attributes
6.10 Moving a User
6.11 Redirecting Users to an Alternative OU
6.12 Renaming a User
6.13 Copying a User
6.14 Finding Locked-Out Users
6.15 Unlocking a User
6.16 Troubleshooting Account Lockout Problems
6.17 Viewing the Domain-Wide Account Lockout and Password Policies
6.18 Applying a Fine-Grained Password Policy to a User Object
6.19 Viewing the Fine-Grained Password Policy That Is in Effect for a User Account
6.20 Enabling and Disabling a User
6.21 Finding Disabled Users
6.22 Viewing a User's Group Membership
6.23 Removing All Group Memberships from a User
6.24 Changing a User's Primary Group
6.25 Copying a User's Group Membership to Another User
6.26 Setting a User's Password
6.27 Preventing a User from Changing a Password
6.28 Requiring a User to Change a Password at Next Logon
6.29 Preventing a User's Password from Expiring
6.30 Finding Users Whose Passwords Are About to Expire
6.31 Viewing the RODCs That Have Cached a User's Password
6.32 Setting a User's Account Options (userAccountControl)
6.33 Setting a User's Account to Expire
6.34 Determining a User's Last Logon Time
6.35 Finding Users Who Have Not Logged On Recently
6.36 Viewing and Modifying a User's Permitted Logon Hours
6.37 Viewing a User's Managed Objects
6.38 Creating a UPN Suffix for a Forest
6.39 Restoring a Deleted User
6.40 Protecting a User Against Accidental Deletion
Chapter 7: Groups
7.1 Introduction
7.2 Creating a Group
7.3 Viewing the Permissions of a Group
7.4 Viewing the Direct Members of a Group
7.5 Viewing the Nested Members of a Group
7.6 Adding and Removing Members of a Group
7.7 Moving a Group Within a Domain
7.8 Moving a Group to Another Domain
7.9 Changing the Scope or Type of a Group
7.10 Modifying Group Attributes
7.11 Delegating Control for Managing Membership of a Group
7.12 Resolving a Primary Group ID
7.13 Enabling Universal Group Membership Caching
7.14 Restoring a Deleted Group
7.15 Protecting a Group Against Accidental Deletion
7.16 Applying a Fine-Grained Password Policy to a Group Object
Chapter 8: Computer Objects
8.1 Introduction
8.2 Creating a Computer
8.3 Creating a Computer for a Specific User or Group
8.4 Deleting a Computer
8.5 Joining a Computer to a Domain
8.6 Moving a Computer Within the Same Domain
8.7 Moving a Computer to a New Domain
8.8 Renaming a Computer
8.9 Adding or Removing a Computer Account from a Group
8.10 Testing the Secure Channel for a Computer
8.11 Resetting a Computer Account
8.12 Finding Inactive or Unused Computers
8.13 Changing the Maximum Number of Computers a User Can Join to the Domain
8.14 Modifying the Attributes of a computer Object
8.15 Finding Computers with a Particular OS
8.16 Binding to the Default Container for Computers
8.17 Changing the Default Container for Computers
8.18 Listing All the Computer Accounts in a Domain
8.19 Identifying a Computer Role
8.20 Protecting a Computer Against Accidental Deletion
8.21 Viewing the RODCs That Have Cached a Computer's Password
Chapter 9: Group Policy Objects
9.1 Introduction
9.2 Finding the GPOs in a Domain
9.3 Creating a GPO
9.4 Copying a GPO
9.5 Deleting a GPO
9.6 Viewing the Settings of a GPO
9.7 Modifying the Settings of a GPO
9.8 Importing Settings into a GPO
9.9 Creating a Migration Table
9.10 Creating Custom Group Policy Settings
9.11 Assigning Logon/Logoff and Startup/Shutdown Scripts in a GPO
9.12 Installing Applications with a GPO
9.13 Disabling the User or Computer Settings in a GPO
9.14 Listing the Links for a GPO
9.15 Creating a GPO Link to an OU
9.16 Blocking Inheritance of GPOs on an OU
9.17 Enforcing the Settings of a GPO Link
9.18 Applying a Security Filter to a GPO
9.19 Delegating Administration of GPOs
9.20 Importing a Security Template
9.21 Creating a WMI Filter
9.22 Applying a WMI Filter to a GPO
9.23 Configuring Loopback Processing for a GPO
9.24 Backing Up a GPO
9.25 Restoring a GPO
9.26 Simulating the RSoP
9.27 Viewing the RSoP
9.28 Refreshing GPO Settings on a Computer
9.29 Restoring a Default GPO
9.30 Creating a Fine-Grained Password Policy
9.31 Editing a Fine-Grained Password Policy
9.32 Viewing the Effective PSO for a User
Chapter 10: Schema
10.1 Introduction
10.2 Registering the Active Directory Schema MMC Snap-in
10.3 Generating an OID to Use for a New Class or Attribute
10.4 Extending the Schema
10.5 Preparing the Schema for an Active Directory Upgrade
10.6 Documenting Schema Extensions
10.7 Adding a New Attribute
10.8 Viewing an Attribute
10.9 Adding a New Class
10.10 Viewing a Class
10.11 Indexing an Attribute
10.12 Modifying the Attributes That Are Copied When Duplicating a User
10.13 Modifying the Attributes Included with ANR
10.14 Modifying the Set of Attributes Stored on a Global Catalog
10.15 Finding Nonreplicated and Constructed Attributes
10.16 Finding the Linked Attributes
10.17 Finding the Structural, Auxiliary, Abstract, and 88 Classes
10.18 Finding the Mandatory and Optional Attributes of a Class
10.19 Modifying the Default Security of a Class
10.20 Managing the Confidentiality Bit
10.21 Adding an Attribute to the Read-Only Filtered Attribute Set (RO-FAS)
10.22 Deactivating Classes and Attributes
10.23 Redefining Classes and Attributes
10.24 Reloading the Schema Cache
10.25 Managing the Schema Master FSMO
Chapter 11: Site Topology
11.1 Introduction
11.2 Creating a Site
11.3 Listing Sites in a Domain
11.4 Renaming a Site
11.5 Deleting a Site
11.6 Delegating Control of a Site
11.7 Configuring Universal Group Caching for a Site
11.8 Creating a Subnet
11.9 Listing the Subnets
11.10 Finding Missing Subnets
11.11 Deleting a Subnet
11.12 Changing a Subnet's Site Assignment
11.13 Creating a Site Link
11.14 Finding the Site Links for a Site
11.15 Modifying the Sites That Are Part of a Site Link
11.16 Modifying the Cost for a Site Link
11.17 Enabling Change Notification for a Site Link
11.18 Modifying Replication Schedules
11.19 Disabling Site Link Transitivity or Site Link Schedules
11.20 Creating a Site Link Bridge
11.21 Finding the Bridgehead Servers for a Site
11.22 Setting a Preferred Bridgehead Server for a Site
11.23 Listing the Servers
11.24 Moving a Domain Controller to a Different Site
11.25 Configuring a Domain Controller to Cover Multiple Sites
11.26 Viewing the Site Coverage for a Domain Controller
11.27 Disabling Automatic Site Coverage for a Domain Controller
11.28 Finding the Site for a Client
11.29 Forcing a Host into a Particular Site
11.30 Creating a connection Object
11.31 Listing the connection Objects for a Server
11.32 Finding the ISTG for a Site
11.33 Transferring the ISTG to Another Server
11.34 Triggering the KCC
11.35 Determining Whether the KCC Is Completing Successfully
11.36 Disabling the KCC for a Site
11.37 Changing the Interval at Which the KCC Runs
Chapter 12: Replication
12.1 Introduction
12.2 Determining Whether Two Domain Controllers Are in Sync
12.3 Viewing the Replication Status of Several Domain Controllers
12.4 Viewing Unreplicated Changes Between Two Domain Controllers
12.5 Forcing Replication from One Domain Controller to Another
12.6 Enabling and Disabling Replication
12.7 Changing the Intra-Site Replication Notification Interval
12.8 Changing the Inter-Site Replication Interval
12.9 Disabling Inter-Site Compression of Replication Traffic
12.10 Checking for Potential Replication Problems
12.11 Enabling Enhanced Logging of Replication Events
12.12 Enabling Strict or Loose Replication Consistency
12.13 Finding conflict Objects
12.14 Finding Orphaned Objects
12.15 Listing the Replication Partners for a DC
12.16 Viewing Object Metadata
Chapter 13: DNS and DHCP
13.1 Introduction
13.2 Creating a Forward Lookup Zone
13.3 Creating a Reverse Lookup Zone
13.4 Viewing a Server's Zones
13.5 Converting a Zone to an AD Integrated Zone
13.6 Moving AD Integrated Zones into an Application Partition
13.7 Configuring Zone Transfers
13.8 Configuring Forwarding
13.9 Configuring Conditional Forwarding
13.10 Delegating Control of an Active Directory Integrated Zone
13.11 Creating and Deleting Resource Records
13.12 Querying Resource Records
13.13 Modifying the DNS Server Configuration
13.14 Scavenging Old Resource Records
13.15 Clearing the DNS Cache
13.16 Verifying That a Domain Controller Can Register Its Resource Records
13.17 Enabling DNS Server Debug Logging
13.18 Registering a Domain Controller's Resource Records
13.19 Deregistering a Domain Controller's Resource Records
13.20 Preventing a Domain Controller from Dynamically Registering All Resource Records
13.21 Preventing a Domain Controller from Dynamically Registering Certain Resource Records
13.22 Allowing Computers to Use a Domain Suffix That Is Different from Their AD Domain
13.23 Authorizing a DHCP Server
13.24 Restricting DHCP Administrators
Chapter 14: Security and Authentication
14.1 Introduction
14.2 Enabling SSL/TLS
14.3 Securing LDAP Traffic with SSL, TLS, or Signing
14.4 Disabling LDAP Signing
14.5 Enabling Anonymous LDAP Access
14.6 Using the Delegation of Control Wizard
14.7 Customizing the Delegation of Control Wizard
14.8 Revoking Delegated Permissions
14.9 Viewing the ACL for an Object
14.10 Customizing the ACL Editor
14.11 Viewing the Effective Permissions on an Object
14.12 Configuring Permission Inheritance
14.13 Changing the ACL of an Object
14.14 Changing the Default ACL for an Object Class in the Schema
14.15 Comparing the ACL of an Object to the Default Defined in the Schema
14.16 Resetting an Object's ACL to the Default Defined in the Schema
14.17 Enabling Strong Domain Authentication
14.18 Enabling List Object Access Mode
14.19 Modifying the ACL on Administrator Accounts
14.20 Viewing and Purging Your Kerberos Tickets
14.21 Forcing Kerberos to Use TCP
14.22 Modifying Kerberos Settings
14.23 Viewing Access Tokens
14.24 Creating a Claim Type
14.25 Creating a Resource Property
14.26 Configuring a Central Access Rule
14.27 Creating a Central Access Policy
14.28 Applying a Central Access Policy
14.29 Enabling Domain Controller Support for Claims and Compound Authentication
14.30 Enabling Claims for Devices in a Domain
Chapter 15: Logging, Monitoring, and Quotas
15.1 Introduction
15.2 Enabling Diagnostics Logging
15.3 Enabling NetLogon Logging
15.4 Enabling GPO Client Logging
15.5 Enabling Kerberos Logging
15.6 Viewing DNS Server Performance Statistics
15.7 Monitoring the Windows Time Service
15.8 Enabling Inefficient and Expensive LDAP Query Logging
15.9 Using the STATS Control to View LDAP Query Statistics
15.10 Monitoring the Performance of Active Directory
15.11 Using Perfmon Trace Logs to Monitor Active Directory
15.12 Creating an Administrative Alert
15.13 Emailing an Administrator on a Performance Alert
15.14 Enabling Auditing of Directory Access
15.15 Enabling Auditing of Registry Keys
15.16 Creating a Quota
15.17 Finding the Quotas Assigned to a Security Principal
15.18 Changing How Tombstone Objects Count Against Quota Usage
15.19 Setting the Default Quota for All Security Principals in a Partition
15.20 Finding the Quota Usage for a Security Principal
Chapter 16: Backup, Recovery, DIT Maintenance, and Deleted Objects
16.1 Introduction
16.2 Backing Up the Active Directory Database
16.3 Creating an Active Directory Snapshot
16.4 Mounting an Active Directory Snapshot
16.5 Accessing Active Directory Snapshot Data
16.6 Restarting a Domain Controller in Directory Services Repair Mode
16.7 Resetting the Directory Services Repair Mode Administrator Password
16.8 Performing a Nonauthoritative Restore
16.9 Performing an Authoritative Restore of an Object or Subtree
16.10 Performing a Complete Authoritative Restore
16.11 Checking the DIT File's Integrity
16.12 Moving the DIT Files
16.13 Repairing or Recovering the DIT
16.14 Performing an Online Defrag Manually
16.15 Performing a Database Recovery
16.16 Creating a Reserve File
16.17 Determining How Much Whitespace Is in the DIT
16.18 Performing an Offline Defrag to Reclaim Space
16.19 Changing the Garbage Collection Interval
16.20 Logging the Number of Expired Tombstone Objects
16.21 Determining the Size of the Active Directory Database
16.22 Searching for Deleted Objects
16.23 Undeleting a Single Object
16.24 Undeleting a Container Object
16.25 Modifying the Tombstone Lifetime for a Domain
Chapter 17: Application Partitions
17.1 Introduction
17.2 Creating and Deleting an Application Partition
17.3 Finding the Application Partitions in a Forest
17.4 Adding or Removing a Replica Server for an Application Partition
17.5 Finding the Replica Servers for an Application Partition
17.6 Finding the Application Partitions Hosted by a Server
17.7 Verifying Application Partitions Are Instantiated Correctly on a Server
17.8 Setting the Replication Notification Delay for an Application Partition
17.9 Setting the Reference Domain for an Application Partition
17.10 Delegating Control of Managing an Application Partition
Chapter 18: Active Directory Lightweight Directory Service
18.1 Introduction
18.2 Installing AD LDS
18.3 Creating a New AD LDS Instance
18.4 Creating a New Replica of an AD LDS Configuration Set
18.5 Stopping and Starting an AD LDS Instance
18.6 Changing the Ports Used by an AD LDS Instance
18.7 Listing the AD LDS Instances Installed on a Computer
18.8 Extending the AD LDS Schema
18.9 Managing AD LDS Application Partitions
18.10 Managing AD LDS Organizational Units
18.11 Managing AD LDS Users
18.12 Changing the Password for an AD LDS User
18.13 Enabling and Disabling an AD LDS User
18.14 Creating AD LDS Groups
18.15 Managing AD LDS Group Memberships
18.16 Viewing and Modifying AD LDS Object Attributes
18.17 Importing Data into an AD LDS Instance
18.18 Configuring Intra-Site Replication
18.19 Forcing AD LDS Replication
18.20 Managing AD LDS Replication Authentication
18.21 Managing AD LDS Permissions
18.22 Enabling Auditing of AD LDS Access
Chapter 19: Active Directory Federation Services
19.1 Introduction
19.2 Installing AD FS Prerequisites
19.3 Installing the AD FS Federation Service
19.4 Configuring an LDAP Attribute Store
19.5 Configuring a Microsoft SQL Server Attribute Store
19.6 Creating Claim Descriptions
19.7 Creating a Relying Party Trust
19.8 Configuring a Claims Provider Trust
19.9 Configuring an Alternate UPN Suffix
19.10 Configuring AD FS 2.x and AD FS 1.x Interoperability
19.11 Configuring Logging for AD FS
Chapter 20: Microsoft Exchange Server 2013
20.1 Introduction
20.2 Exchange Server and Active Directory
20.3 Exchange Server 2013 Architecture
20.4 Finding Exchange Server Cmdlets
20.5 Preparing Active Directory for Exchange
20.6 Installing the First Exchange Server 2013 Server in an Organization
20.7 Creating Unattended Installation Files for Exchange Server
20.8 Installing Exchange Management Tools
20.9 Stopping and Starting Exchange Server
20.10 Mail-Enabling a User
20.11 Mail-Disabling a User
20.12 Mailbox-Enabling a User
20.13 Deleting a User's Mailbox
20.14 Moving a Mailbox
20.15 Viewing Mailbox Sizes and Message Counts
20.16 Configuring Mailbox Limits
20.17 Creating an Address List
20.18 Creating a Database Availability Group
20.19 Creating a Mailbox Database
20.20 Enabling or Disabling Anti-Malware Scanning
20.21 Enabling Message Tracking
Chapter 21: Microsoft Forefront Identity Manager
21.1 Introduction
21.2 Creating a SQL Server Management Agent
21.3 Creating an Active Directory Management Agent
21.4 Setting Up a Metaverse Object Deletion Rule
21.5 Setting Up a Simple Import Attribute Flow
21.6 Setting Up a Simple Export Attribute Flow to Active Directory
21.7 Defining an Advanced Import Attribute Flow
21.8 Implementing an Advanced Attribute Flow Rules Extension
21.9 Setting Up Advanced Export Attribute Flow in Active Directory
21.10 Configuring a Run Profile to Do an Initial Load of Data from a SQL Server Management Agent
21.11 Loading Initial SQL Server Database Data into FIM 2010 R2 Using a Run Profile
21.12 Configuring a Run Profile to Load the Container Structure from Active Directory
21.13 Loading the Initial Active Directory Container Structure into FIM 2010 R2 Using a Run Profile
21.14 Setting Up a SQL Server Management Agent to Project Objects to the Metaverse
21.15 Writing a Rules Extension to Provision User Objects
21.16 Creating a Run Profile for Provisioning
21.17 Executing the Provisioning Rule
21.18 Creating a Run Profile to Export Objects from the AD MA to Active Directory
21.19 Exporting Objects to Active Directory Using an Export Run Profile
21.20 Creating a Run Profile Script
21.21 Creating a Controlling Script
21.22 Enabling Directory Synchronization from Active Directory to the HR Database
21.23 Configuring a Run Profile to Load the telephoneNumber from Active Directory
21.24 Loading telephoneNumber Changes from AD into FIM Using a Delta Import/Delta Sync Run Profile
21.25 Exporting telephoneNumber Data to a SQL Server Database
21.26 Using a SQL Server MA Export Run Profile to Export the telephoneNumber to a SQL Server Database
21.27 Searching Data in the Connector Space
21.28 Searching Data in the Metaverse
21.29 Deleting Data in the Connector Space and Metaverse
21.30 Extending Object Types to Include a New Attribute
21.31 Previewing Changes to the FIM Configuration
21.32 Committing Changes to Individual Identities Using the Commit Preview Feature
21.33 Passing Data Between Rules Extensions Using Transaction Properties
21.34 Using a Single Rules Extension to Affect Multiple Attribute Flows
21.35 Flowing a Null Value to a Data Source
21.36 Importing and Decoding the accountExpires Attribute
21.37 Exporting and Encoding the accountExpires Attribute
Colophon