Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 24 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
24
Dung lượng
1,04 MB
Nội dung
Contents Overview 1 Introduction toManagement Agent Functionality 2 Overview of the Management Agent Update Cycle 3 Creating ManagementAgents and Connecting to an External Directory 4 Establishing and Populating an Organizing Structure in the Metaverse Namespace 9 Monitoring the Management Agent Process 11 Lab A: Creating and Configuring a Management Agent 12 ConfiguringManagement Agent Modes 13 Scheduling Management Agent Operation 15 Lab B: ConfiguringManagement Agent Modes and Scheduling Management Agent Operation 17 Best Practices 18 Review 19 Module3:ConfiguringManagementAgentstoManageDirectoryEntries BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Complying with all applicable copyright laws is the responsibility of the user. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation. If, however, your only means of access is electronic, permission to print one copy is hereby granted. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2000 Microsoft Corporation. All rights reserved. Microsoft, BackOffice, MS-DOS, Windows, Windows NT, <plus other appropriate product names or titles. The publications specialist replaces this example list with the list of trademarks provided by the copy editor. Microsoft is listed first, followed by all other Microsoft trademarks in alphabetical order. > are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries. <The publications specialist inserts mention of specific, contractually obligated to, third-party trademarks, provided by the copy editor> Other product and company names mentioned herein may be the trademarks of their respective owners. Module3:ConfiguringManagementAgentstoManageDirectoryEntries 1 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Overview ! Introduction to MA Functionality ! Overview of the MA Update Cycle ! Creating MAs and Connecting to an External Directory ! Establishing and Populating an Organizing Structure in the Metaverse Namespace ! Monitoring the MA Process ! Configuring MA Modes ! Scheduling MA Operation ! Best Practices Managementagentsmanage the relationship between a connected directory and the metadirectory at both the directory entry level and the attribute level. However, management agent configuration is different for managing directoryentries than it is for managing the attribute values of those entries. Managing attribute values is covered in module 4, Managing Attribute Values Using Joins and Attribute Flow Rules, in course 2062A, Implementing Microsoft Metadirectory Services 2.2. Understanding the purpose of managementagents and how to configure them tomanagedirectoryentries is key to implementing a Microsoft Metadirectory Services (MMS) version 2.2 solution. After completing this module, you will be able to: ! Describe management agent functionality. ! Explain the phases in the management agent update cycle. ! Create a management agent and configure the connection to an external directory. ! Establish and populate an organizing structure in the metaverse namespace. ! Monitor the management agent process by using the Operator’s log. ! Manageentries by configuringmanagement agent modes. ! Schedule the operation of a management agent. ! Describe best practices for using management agents. Topic Objective To provide an overview of the module topics and objectives. Lead-in In this module, you will learn how to configure managementagentstomanagedirectory entries. Note 2 Module3:ConfiguringManagementAgentstoManageDirectoryEntries BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Introduction toManagement Agent Functionality Metadirectory Connector Namespace Connector Namespace Connector Namespace Connector Namespace Metaverse Namespace Metaverse Metaverse Namespace Namespace Management Agent 1 Management Agent 2 Connector Connector JamesS Title Employee # Salary JamesS Title Employee # Salary JamesSmith E-mail Address Title JamesSmith E-mail Address Title James Smith Title Employee # E-mail Address James Smith Title Employee # E-mail Address Connector Connector JamesS Title Employee # JamesS Title Employee # M A 1 M A 2 JamesSmith E-mail Address Title JamesSmith E-mail Address Title HR Database HR Database HR Database Exchange Exchange Exchange A management agent is responsible for importing information from a specific connected directory into the metadirectory. In addition, a management agent keeps the information in the connected directory and the metadirectory synchronized. Each management agent can also export metadirectory information to its connected directory, which enables the different connected directories to remain synchronized. When a management agent imports and integrates information into the metadirectory, the process occurs in two stages: 1. The management agent imports information from its associated connected directory into the connector namespace. MMS allocates a specific portion of the connector namespace to each management agent. 2. The management agent copies information from its portion of the connector namespace to the metaverse namespace. During this process, the management agent either updates an existing entry in the metaverse namespace, or if no related entry exists, it creates one. Generally, an entry in the connector namespace presents only selected aspects of an object. In the illustration, the entry imported from the HR Database includes only the Title and Employee# attributes. An entry in the metaverse namespace is often a more complete representation of an object, as it presents information about the object from multiple connected directories. In the illustration, the metaverse namespace entry for James Smith includes information from both the HR directory and the Exchange directory. Entries in the connector namespace that form the connection between entries in the connected directory and entries in the metaverse namespace are known as connectors. Connector-namespace entries that are associated only with the connected directory and not the metaverse namespace are known as disconnectors. Topic Objective To describe basic management agent functionality. Lead-in A management agent serves as a connection between a specific external information repository, and the metadirectory. Stress that a single management agent manages the entire connection between a specific connected directory and the metadirectory. Note Module3:ConfiguringManagementAgentstoManageDirectoryEntries 3 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Overview of the Management Agent Update Cycle Discovery Discovery Discovery Synchronization Synchronization Synchronization Connected Directory Connected Connected DirectoryDirectory Metadirectory Update Import File(s) Import File(s) Create File(s) Create File(s) Export File Export File Update Metaverse Namespace Metaverse Namespace MA’s Connector Namespace MA’s Connector Namespace The management agent update cycle is composed of multiple phases, and you can configure a management agent to perform any or all of these phases, depending on your entry management requirements. For example, you can configure a management agent to perform only phases to shorten the time required for a management agent to complete an operation. The management agent update cycle consists of the following phases: 1. Discovery phase. The management agent, based upon its configuration, extracts information about objects in the connected directory into one or more import files. 2. Update phase. The management agent reads the import file(s) and creates or updates entries in the connector namespace and the metaverse namespace. The management agent then determines what information, such as new entries or changed attributes, needs to be sent back to the connected directory, and places this information into create and export files. 3. Synchronization phase. The management agent updates the connected directory with the information from the create and export files. Topic Objective To identify the phases in the management agent update cycle. Lead-in When you operate a management agent, it performs a full or partial update cycle, depending on its configuration and the options chosen. 4 Module3:ConfiguringManagementAgentstoManageDirectoryEntries BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY # ## # Creating ManagementAgents and Connecting to an External Directory ! Overview of Predefined ManagementAgents ! Creating a Management Agent ! Configuring the Connection to an External Directory Creating a management agent involves creating an instance of one of the predefined management agents. Predefined managementagents contain the capabilities to integrate a specific type of external directory, for example a cc: Mail directory, with the metadirectory. You then associate the newly created management agent with an actual connected directory by adding configuration information specifying the location and access requirements of the connected directory. Understanding how to create and connect a management agent to an external directory is essential to implementing MMS. Topic Objective To introduce the topics associated with creating managementagents and connecting to an external directory. Lead-in Creating a management agent involves creating an instance of one of the predefined management agents. Module3:ConfiguringManagementAgentstoManageDirectoryEntries 5 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Overview of Predefined ManagementAgents Novell Novell NDS NDS (LDAP) (LDAP) Novell Novell Netware Netware Banyan Banyan VINES VINES Lotus Lotus cc: Mail cc: Mail Lotus Lotus NOTES NOTES Active Active DirectoryDirectory Exchange Exchange (LDAP) (LDAP) Exchange Exchange (MAPI) (MAPI) Windows Windows NT NT Netscape Netscape LDAP LDAP Novell Novell Group Group - - Wise Wise Microsoft Microsoft Metadirectory Metadirectory Services Services ! Predefined ManagementAgents also include: $ Generic $ Report $ Together Administration MMS includes a number of predefined management agents, each of which is configured to integrate information in a specific type of external directory, for example cc: Mail, with the metadirectory. The predefined managementagents that are designed to integrate information from specific external directories are: • Banyan VINES • Microsoft NT • Lotus cc: Mail • Netscape LDAP • Lotus NOTES • Novell Groupwise API • Microsoft Active Directory • Novell NDS (LDAP-based) • Microsoft Exchange (LDAP-based) • Novell Netware • Microsoft Exchange (MAPI based) MMS includes three additional predefined management agents, each of which has a specific function: ! Generic. The Generic management agent is a starting point to build your own management agent. ! Report. The Report management agent is used for creating flat file reports. ! Together Administration. The Together Administration management agent (TAMA) works in conjunction with the other managementagentsto provide full enterprise provisioning and object management. MMS also includes four predefined managementagents that are associated with the tutorial included with the product. Topic Objective To describe the predefined managementagents provided in MMS. Lead-in MMS includes a number of predefined managementagents that are configured to integrate information in a specific type of connected directory with the metadirectory. Note 6 Module3:ConfiguringManagementAgentstoManageDirectoryEntries BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Creating a Management Agent Administrator via Vancouver – MMS Compass F ile Edit Configure Options View Help Bookmarks Actions Properties Create New Management Agent Administration Access Control The Known Universe The Known Universe vancouverdom nwtraders msft Servers ADMIN FRS BASIC FRS Vancouver Directory Methods Server Methods Together Administrators Directory Administrators Create Management Agent Name the Management Agent: Type of the Management Agent: C reate Cancel Banyan VINES Management Agent Generic Management Agent Lotus cc:Mail Management Agent Lotus NOTES Management Agent When you create a management agent, you must specify which predefined management agent you want use as the basis for that management agent. To create a management agent, perform the following steps: 1. In the directory pane of MMS Compass, navigate to and click on the entry for the MMS server. 2. In the control pane, click Create New Management Agent. 3. In the Create Management Agent dialog box, in the Name of the Management Agent box, type a name for the management agent. 4. In the Type of the Management Agent list, select the predefined management agent associated with your external directory. 5. In the Create Management Agent dialog box, click Create to create the new management agent under the entry for the MMS server. The Configure the Management Agent dialog box appears, prompting you for information regarding the connection to the external directory. Topic Objective To identify how to create a management agent. Lead-in When you create a management agent, you must specify which of the predefined managementagents in MMS you want use as the basis for that management agent. Delivery Tip Demonstrate how to create an instance of the Exchange (LDAP) management agent. Module3:ConfiguringManagementAgentstoManageDirectoryEntries 7 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Configuring the Connection to an External Directory External Directory External Directory Server Name Protocol Authentication Server Name Protocol Authentication Metadirectory Metadirectory Management Agent Management Agent Configure the Management Agent Connected Directory Specifics Metadirectory Relationships Personal Names Inclusions and Exclusions Attributes to DiscoverMailbox CreationCustom RecipientsDisplay NamesAdvanced Discovery Mode and Namespace Management LDAP server Address/name: LDAP TCP/IP port: Context prefix: Login as: Login password: 389 e.g. ldap.microsoft.com e.g. ou=MSX,o=Microsoft e.g. cn=NTAccount, cn=NTDomain Test you configuration LDAP Discovery Parameters LDAP Server Address/Name Enter the Server IP address or name that the management agent accesses to import or export Exchange directory entries. The LDAP server address is the IP address or name of the server. After you create a management agent, you need to associate it with an actual external directory. To accomplish this, you must configure the management agent with the location and access requirements of the directory. Depending on the type of management agent that you create, these parameters might include server name, IP address, protocol, authentication, or port number. The connection configuration parameters required for each predefined management agent vary depending on the functionality of the external directory. For example, the following table describes the parameters that you configure to connect the Microsoft Exchange (LDAP-based) management agent. Parameter Description LDAP Server Address/Name The Internet Protocol (IP) address or host name of the server that the management agent accesses to import or export Exchange directory entries. LDAP TCP/IP Port The LDAP Transmission Control Protocol/Internet Protocol (TCP/IP) port number. The default value is 389. Context prefix The distinguished name of the node in the Exchange Directory tree where you want to start the discovery. To discover the entire tree, do not specify a context prefix. Login as The user account that the management agent uses to log on to the Exchange Server. The management agent must log on as an Exchange administrator to modify or create Exchange Server directory entries. Login password The password associated with the user account the management agent uses to log on to the Exchange server. Topic Objective To identify how to configure the connection to an external directory. Lead-in After you create a management agent, you need to associate it with an actual external directory. Delivery Tip Continue the previous demonstration by configuring the connection to the Exchange (LDAP) directory. Point out that the arrow in the illustration indicates that the management agent is initiating the connection to the external directory. 8 Module3:ConfiguringManagementAgentstoManageDirectoryEntries BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY However, connecting a management agent to a Lotus NOTES directory requires different parameters. The following table describes the parameters that you configure to connect the Lotus NOTES management agent. Parameter Description Notes Registration Server Name The distinguished name of the Notes server, in either X.500 or Notes format Administrator Password The password referenced in the KeyFileName entry in the local Notes.ini file. Main Address Book Domain The Address Book domain name, if it is not the same as the Address Book name. For detailed information on connecting to the specific directories supported by MMS, see appendix A, “Connecting to External Directories”, in course 2062A, Implementing Microsoft Metadirectory Services 2.2. To configure a management agent’s connection to an external directory, perform the following steps: 1. In the directory pane of MMS Compass, select the entry for the management agent that you want to configure. 2. In the control pane, click Configure MA. 3. In the Configure the Management Agent dialog box, on the Connected Directory Specifics tab, specify values for the required connection parameters. After you complete the configuration of the connection to the external directory, the management agent is ready for operation. Note [...]... PREPARATION PURPOSES ONLY Module3:ConfiguringManagementAgentstoManageDirectoryEntries 11 Monitoring the Management Agent Process Topic Objective To describe the purpose of the Operator’s log during and after the operation of a management agent Lead-in Each time you operate a management agent, you can use the Operator’s log to monitor the activity of the management agent through to the completion of... Agent Topic Objective To introduce the lab Lead-in In this lab, you will Explain the lab objectives Lab .doc BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module3:ConfiguringManagementAgentstoManageDirectoryEntries 13 ConfiguringManagement Agent Modes Topic Objective Metadirectory To identify the modes in which a management agent can operate and how to configure a management. .. PURPOSES ONLY 18 Module3:ConfiguringManagementAgentstoManageDirectoryEntries Best Practices Topic Objective Import Entries from the First Connected Directory by Using Import Entries from the First Connected Directory by Using Reflector Mode; Import Entries from Additional Connected Reflector Mode; Import Entries from Additional Connected Directories by Using Association Mode Directories by Using... TRAINER PREPARATION PURPOSES ONLY Module3:ConfiguringManagementAgentstoManageDirectoryEntries 17 Lab B: ConfiguringManagement Agent Modes and Scheduling ManagementgAgent Operationp g g Topic Objective To introduce the lab Lead-in In this lab, you will configure management agent modes and schedule the operation of a management agent Explain the lab objectives Lab .doc BETA MATERIALS FOR MICROSOFT... Module3:ConfiguringManagementAgentstoManageDirectoryEntries 15 Scheduling Management Agent Operation Topic Objective Administrator via Vancouver – MMS Compass File Edit Configure Options View Help To explain how to schedule a management agent Lead-in Demonstrate how to schedule the operation of a management agent The Known Universe vancouverdom nwtraders msft Properties You can schedule the management. .. Using Association Mode To identify best practices for configuringmanagementagentstomanageentries Lead-in Plan an Enterprise Namespace Prior to the Initial Population of Plan an Enterprise Namespace Prior to the Initial Population of the Metadirectory the Metadirectory Next, we will review the best practices for configuringmanagementagentstomanageentries Check Logs after Each Management Agent Operation... after Each Management Agent Operation Test the Operation of a Management Agent Before Updating Test the Operation of a Management Agent Before Updating the Metadirectory the Metadirectory Emphasize the reason for each best practice The following list provides best practices for configuringmanagementagentstomanage entries: ! Import entries from the largest connected directory into the connector namespace... according to its configuration • In the synchronization phase, the management agent determines what information needs to be sent back to the connected directory (new entries, changed attributes), and then updates the connector namespace and connected directory accordingly BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 20 Module3:ConfiguringManagementAgentstoManageDirectory Entries. .. operation completed successfully ! Test the operation a management agent before actually updating the metadirectory to ensure that you have configured the management agent correctly BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module3:ConfiguringManagementAgentstoManageDirectoryEntries 19 Review Topic Objective To reinforce module objectives by reviewing key points Lead-in... 3 How can you monitor the management agent process? When you operate a management agent, you can use the Operator’s log to monitor the activity of the management agent through the completion of the operation 4 After you create a new management agent, what must you do before you can import entries into the metadirectory? After you create a management agent, you need to associate the management agent . learn how to configure management agents to manage directory entries. Note 2 Module 3: Configuring Management Agents to Manage Directory Entries BETA MATERIALS. that the management agent is initiating the connection to the external directory. 8 Module 3: Configuring Management Agents to Manage Directory Entries