1. Trang chủ
  2. » Công Nghệ Thông Tin

Tài liệu Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules pdf

24 599 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 24
Dung lượng 0,99 MB

Nội dung

Contents Overview 3 What Are Attributes and Attribute Values? 4 Introduction to Managing Attribute Values 5 Linking Entries by Configuring Joins 6 Lab A: Configuring Joins 14 Establishing Attribute Flow Rules 15 Lab B: Establishing Attribute Flow Rules 21 Best Practices 22 Review 23 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 2 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Complying with all applicable copyright laws is the responsibility of the user. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation. If, however, your only means of access is electronic, permission to print one copy is hereby granted. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.  2000 Microsoft Corporation. All rights reserved. Microsoft, BackOffice, MS-DOS, Windows, Windows NT, <plus other appropriate product names or titles. Replace this example list with list of trademarks provided by copy editor. Microsoft is listed first, followed by all other Microsoft trademarks in alphabetical order. > are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries. <This is where mention of specific, contractually obligated to, third party trademarks, which are added by the Copy Editor> The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Other product and company names mentioned herein may be the trademarks of their respective owners. Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 3 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Overview ! What are Attributes and Attribute Values? ! Introduction to Managing Attribute Values ! Linking Entries by Configuring Joins ! Establishing Attribute Flow Rules ! Best Practices Management agents manage the relationship between a connected directory and the metadirectory at both the directory entry level and the attribute level. However, management agent configuration is different for managing directory entries than it is for managing the attribute values of those entries. Managing entries is covered in module 3, “Configuring Management Agents to Manage Directory Entries”, in course 2062A, Implementing Microsoft Metadirectory Services 2.2. Understanding how to manage attribute values by using joins and attribute flow rules is important in configuring a fully functional Microsoft ® Metadirectory Services version 2.2 (MMS) implementation. At the end of this module, you will be able to: ! Explain the difference between attributes and attribute values. ! Describe how joins and attribute flow rules work together to manage the flow of attribute values. ! Link entries in the connector namespace to entries in the metaverse namespace by configuring joins. ! Define which data store is authoritative for an attribute value by establishing attribute flow rules. ! Describe best practices for implementing joins and attribute flow rules to manage attribute values. Topic Objective To provide an overview of the module topics and objectives. Lead-in In this module, you will learn about managing attribute values by configuring joins and establishing attribute flow rules. Note 4 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY What Are Attributes and Attribute Values? Attribute Attribute Attribute Attribute Value Attribute Value Attribute Value Full Name Full Name James Smith James Smith Surname Surname Smith Smith Employee Number Employee Number 555-55-5555 555-55-5555 Title Title Instructional Designer Instructional Designer Department Department Human Resources Human Resources Telephone Number Telephone Number 555-1212 555-1212 E-mail Address E-mail Address Jasmith@nwtraders.msft Jasmith@nwtraders.msft Children’s Names Children’s Names Penelope Penelope Entry: James Smith Entry: James Smith Olivia Olivia Multi-Valued Multi Multi - - Valued Valued Single-Valued Single Single - - Valued Valued A directory entry consists of a number of attributes and the values of those attributes that relate to the specific object represented by the entry. An attribute is a space allocated for a particular item of information that is associated with an entry. For example, an entry representing a person may include attributes for surname, employee number, and e-mail address. An attribute value is the data associated with a particular instance of an attribute. In the previous example, the attributes identified might be assigned values of Smith, 555-55-5555, and jasmith@nwtraders.msft. Attributes can be either single or multi-valued. Surname, for instance, is a single-valued attribute, while an attribute such as Children’s Names would be defined as multi-valued, so that you could add multiple values without overwriting the existing ones. The MMS schema contains definitions of many common attributes. Some are already defined in the X.500 standard, while others are product-specific, defined explicitly for use in MMS. Topic Objective To describe the differences between attributes and attribute values. Lead-in An attribute is a space allocated for a particular item of information that is associated with an entry, while an attribute value is the data associated with a particular instance of an attribute. Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 5 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Introduction to Managing Attribute Values Metadirectory # Configure joins to link entries in the connector namespace and metaverse. # Establish attribute flow rules to determine which data store is authoritative. Metaverse Namespace Metaverse Metaverse Namespace Namespace James Smith Title Employee # E-mail Address James Smith Title Employee # E-mail Address Connector Namespace Connector Namespace Connector Connector Jamessmith Title Employee # Jamessmith Title Employee # J o i n J o i n Connector Namespace Connector Namespace Connector Connector Jasmith Title E-mail Address Jasmith Title E-mail Address J o i n J o i n James Smith Title Employee # E-mail Address James Smith Title Employee # E-mail Address Jamessmith Title Employee # Jamessmith Title Employee # Jasmith Title E-mail Address Jasmith Title E-mail Address Managing attribute values in MMS involves configuring joins and establishing attribute flow rules. Configuring Joins To manage attribute values, you must configure joins, which link entries in the connector namespace to a unified entry in the metaverse namespace. For example, if you have two entries in the connector namespace, one for Jamessmith and one for Jasmith, you would want to create a join for each entry that would link them to the unified entry in the metaverse namespace, James Smith. When a management agent operating in Reflector mode creates a new entry in the metaverse namespace, a join is automatically established between the entry in the connector namespace and the entry in the metaverse namespace. Establishing Attribute Flow Rules After you have configured the necessary joins, you can establish attribute flow rules to define the flow of attribute values between data stores. For example, if two connected directories, Human Resources Database and Exchange, each contain a Title attribute for an entry, you might specify that an attribute value in the Human Resources Database will update the corresponding value in the metaverse namespace. In addition, you can specify that changes to the attribute value in the Human Resources Database will update the corresponding value in the metaverse namespace, and the value in the metaverse namespace would update the value for the corresponding entry in Exchange. Topic Objective To provide an overview of managing attribute values in MMS. Lead-in Managing attribute values in MMS involves configuring joins and establishing attribute flow rules. For Your Information While it is recommended to specify one data store as authoritative for a particular attribute, you can establish attribute flow rules that allow multiple connected directories to update the same attribute in the metaverse namespace. Note 6 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY $ $$ $ Linking Entries by Configuring Joins ! Overview of Joins ! Linking Entries Manually ! Linking Entries by Performing a Server-Based Join ! Linking Entries Using MMS Account Joiner If the connector namespace contains entries from two or more connected directories, and those entries relate to a single entry in the metaverse namespace, you can configure joins to link the entries in the connector namespace to the single entry in the metaverse namespace. When performing joins, you can link entries manually, one entry at a time. In addition, you can configure a management agent to perform a server-based join, which links multiple entries at the same time. Finally, you can perform joins interactively by using MMS Account Joiner. Understanding how to link entries by using joins is fundamental to managing attribute values in MMS. Topic Objective To identify important topics related to linking entries by using joins. Lead-in If the connector namespace contains entries from two or more connected directories, and those entries relate to a single entry in the metaverse namespace, you can configure joins to link the entries in the connector namespace to the entry in the metaverse namespace. Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 7 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Overview of Joins Metadirectory Connector Namespace Connector Namespace Metaverse Metaverse Metaverse JaSmith E-mail Address Title JaSmith E-mail Address Title James Smith Title Employee # E-mail Address James Smith Title Employee # E-mail Address Connector Namespace Connector Namespace JamesS Title Employee # JamesS Title Employee # Connector Namespace Connector Namespace Jamessmith Division Department Jamessmith Division Department J o i n J o i n J o i n J o i n Disconnector Disconnector Connector Connector Connector Connector A join is the relationship between entries in a management agent’s connector namespace and an integrated entry in the metaverse namespace. Entries in the connector namespace are either joined to entries in the metaverse namespace or they are not. When an entry in the connector namespace is joined to an entry in the metaverse namespace, links are established between them. Essentially, these two entries represent the same object. An entry in the connector namespace that is joined to an entry in the metaverse namespace is referred to as a connector. To determine which connectors are associated with an entry in the metaverse namespace, select the metaverse namespace entry in the directory pane of MMS Compass, click Administration in the control pane, and then display the Joined To tab in the Entry Administration dialog box. An entry in the connector namespace that is not joined to an entry in the metaverse namespace is referred to as a disconnector. No links exist because the management agent has not yet determined exactly to which entry in the metaverse namespace (if any) the disconnector corresponds. The attribute values associated with a disconnector will not be included in the metaverse namespace until the disconnector is joined to an entry in the metaverse namespace. Topic Objective To provide an overview of the purpose and function of joins. Lead-in A join establishes a link between connector namespace entries and their corresponding entries in the metaverse namespace. Note Note 8 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Linking Entries Manually Connector Metaverse Name… Thu Jul 20 14:25:11 2000 Connected Disconnected Import Child Entries Exclude from JOIN O K C ancel Last Verify Time Connected Directory Entry Name Select an entry and copy and paste, or drag and drop it to the desired location Bookmarks Actions Properties Administration Access Control The Known Universe The Known Universe vancouverdom nwtraders msft Claims Adri Duhem Servers Context Security Search OK Selected: 1 Connector Metaverse Name… Last Verify Time Connected Disconnected Import Child Entries Connected Directory Entry Name Exclude from JOIN O K C ancel Thu Jul 20 15:26:19 2000 cn=Adri Duhem,ou=Claims,dc=vancouverdom,dc=nwtraders,dc=msft You can configure a join manually through the MMS Compass interface to create a link between an entry in the connector namespace and an entry in the metaverse namespace. Configuring a join manually can be useful if you need to configure joins for selected entries among a larger group of entries. To link entries manually, perform the following steps: 1. In the control pane of MMS Compass, navigate to the connector namespace entry that you want to link, and then double-click the entry. 2. In the Connector dialog box, click …. 3. In the … dialog box, under The Known Universe, navigate to the metadirectory entry to which you want to link, and then drag-and-drop the entry into the box near the top of the Connector dialog box. The distinguished name of the entry in the metaverse namespace appears in the box. 4. In the Connector dialog box, click Connected, and then click OK. You must refresh the MMS Compass interface to view the change in status of the connector namespace entry. Topic Objective To identify the process for manually linking entries in the connector namespace to entries in the metaverse namespace. Lead-in You can configure joins through the MMS Compass interface to link entries one- at-a-time. Note Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 9 BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Linking Entries by Performing a Server-Based Join Administrator via Vancouver – MMS Compass F ile Edit Configure Options View Help Bookmarks Actions Properties Operate MA Administration Access Control Update Management Agent Design MA Join Configure MA Attribute Flow Schedule The Known Universe The Known Universe vancouverdom nwtraders msft Server-Based Join Operator's Join Log Configure the Join Search using these attributes… $cd.cn Join Configuration Attempt to join Perform attribute flow during the join Test the Join Perform the Join O KCancel condition 1 $cd.empld = $mv.empld condition 2 $cn.sn = $mv.sn $cd.telephoneNumber = $mv. telephoneNumber Join using these inclusion rules… Limit joins to this search base… Join Criteria The Join link connector entries to corresponding metaverse entries based on the criteria you specify in this form. It is the same configuration form presented by the Join Action but only allows configuration , not execution. To perform the join on an entire connector space you normally use the Join Action, but, when the Attempt to join option is chosen, a management agent can also use the join search criteria on an entry- Join Criteria Join Criteria Inclusion Rules Inclusion Rules Configuration Options Configuration Options Test the Join Test the Join You can use a server-based join to link multiple entries at the same time. When you perform a server-based join, the management agent uses join criteria to match entries in the connector namespace to their corresponding entries in the metaverse namespace. You configure a server-based join on the Configure the Join tab of the Server-Based Join dialog box for a management agent. To display the Server-Based Join dialog box, in the directory pane of MMS Compass, navigate to and select the entry for a specific management agent, and then in the control pane, click Join. Establishing Join Criteria The first step in performing a server-based join is to define which attribute or attributes in the connected directory to search for in the metaverse namespace, and the order in which to search for them. You specify join criteria in the Search using these attributes box. When you establish join criteria, you can use any of the attributes in the connected directory as search attributes. MMS initiates a separate search for the value of each item in the search attributes list, in the order in which they appear. It is recommended that you order the list of attributes so that the most likely and most authoritative potential matches are listed first. After each search, the management agent checks the results against the join inclusion rules, which determine which, if any, of the possible joins the management agent should accept. If a search result passes the inclusion rules, the management agent joins the entry in the connector namespace to the corresponding entry in the metaverse namespace. Topic Objective To identify the process for linking entries by performing a server-based join. Lead-in You can use a server-based join to link multiple entries at the same time. Key Point Join criteria are used to match entries in the connected directory to entries in the metaverse namespace. You can refine a management agent’s matching capabilities by defining one of more inclusion rules. Note 10 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Defining Join Inclusion Rules Before you perform a server-based join, you can define join inclusion rules to specify criteria that a management agent can use to identify in what cases to perform a join. You define join inclusion rules in the Join using these inclusion rules box. If you do not define inclusion rules, all entries matched during the search are joined. The join inclusion rules are applied in the order listed. Therefore, as with attributes you specify as join criteria, it is recommended that your join inclusion rules be ordered so that the most likely and most authoritative potential matches are listed first. Join inclusion rules consist of a series of conditions, each containing one or more conditional statements that are expressed in the template language in MMS. The following is an example of a join inclusion rule: condition 1 $cd.empid = $mv.empid condition 2 $cd.sn = $mv.sn $cd.telephoneNumber = $mv.telephoneNumber In this example, condition 1 indicates that a join will be made if the value of the Employee ID attribute (empid) in the connected directory ($cd) matches the value of the Employee ID attribute in the metaverse namespace ($mv). Condition 2 indicates that a join will be made if the value of the Surname attribute (sn) in the connected directory matches the value of the Surname attribute in the metaverse namespace, and if the value of the Telephone Number attribute (telephoneNumber) in the connected directory matches the corresponding attribute value in the metaverse namespace. There is an implicit AND between each statement within a condition group, and there is an implicit OR between each condition group. The condition numbers are for identification purposes only, and do not affect the order in which the inclusion rules are processed. The template language is discussed in more detail in module 5, “Modifying and Creating Templates”, in course 2062A, Implementing Microsoft Metadirectory Services 2.2. Note Note [...]... ONLY Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 15 $ Establishing Attribute Flow Rules Topic Objective To identify important topics related to establishing attribute flow rules Lead-in To initiate and control the flow of attribute value changes, you must define attribute flow rules for each management agent ! Overview of Attribute Flow Rules ! Establishing General Attribute. .. different values in two entries for the same object BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 17 Establishing General Attribute Flow Rules Topic Objective Configure Attribute Flow To identify the process for establishing general attribute flow rules Specific Flow Rules General Attribute Flow Advanced Flow. .. Establishing Attribute Flow Rules Topic Objective To introduce the lab Lead-in In this lab, you will establish attribute flow rules Explain the lab objectives Lab.doc BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 22 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules Best Practices Topic Objective To identify managing attribute values by using joins and attribute. .. configure joins interactively by using MMS Account Joiner 4 What is the difference between general attribute flow rules and specific attribute flow rules? General attribute flow rules establish the default attribute flow for all attribute values managed by a management agent Specific attribute flow rules apply to particular attributes managed by a management agent Specific attribute flow rules take... CERTIFIED TRAINER PREPARATION PURPOSES ONLY Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules 19 Establishing Specific Attribute Flow Rules Topic Objective To identify how to establish specific attribute flow rules Lead-in While the general flow rules might be adequate in a simple directory that uses one management agent and has an attribute flow that always moves inbound toward the... ONLY 18 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules Note You can specify general attribute flow rules for the connector namespace and the metaverse namespace independently To configure general attribute flow rules, perform the following steps: 1 In the directory pane of MMS Compass, select the entry for the management agent for which you want to configure attribute flow 2... for managing attribute values by using joins and attribute flow rules Emphasize the reason for each best practice Make One Data Store Authoritative for an Attribute to Avoid Make One Data Store Authoritative for an Attribute to Avoid Conflict Among Values for the Same Attribute Conflict Among Values for the Same Attribute The following list provides best practices for managing attribute values by using. .. taught in the module ! What are Attributes and Attribute Values? ! Introduction to Managing Attribute Values ! Linking Entries by Using Joins ! Establishing Attribute Flow Rules ! Best Practices 1 What is the difference between an attribute and an attribute value? An attribute is a generic class of information associated with an entry, whereas an attribute value is a particular instance of an attribute. .. CERTIFIED TRAINER PREPARATION PURPOSES ONLY 16 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules Overview of Attribute Flow Rules Topic Objective To provide an overview of the purpose and function of attribute flow rules in MMS Lead-in An object may be represented by an entry in a connected directory, by an entry in the connector namespace, and by an integrated entry in the metaverse... namespace, and the metaverse namespace, you must define attribute flow rules for each management agent You can establish general attribute flow rules, which apply to all entry attributes managed by the management agent You can also establish specific attribute flow rules, which apply to specific attributes for the management agent Specific attribute flow rules take precedence over general attribute flow rules . Establishing Attribute Flow Rules 15 Lab B: Establishing Attribute Flow Rules 21 Best Practices 22 Review 23 Module 4: Managing Attribute Values Using Joins and Attribute. establish inbound and outbound attribute flow at the attribute level. 20 Module 4: Managing Attribute Values Using Joins and Attribute Flow Rules BETA MATERIALS

Ngày đăng: 21/12/2013, 19:15