|
|
The Active Directory connector technology helps to synchronize information with other directory services. As an example, this section discusses synchronization with Microsoft Exchange Server's directory services. Connectors to other directory services will be made available through Windows Server 2003 Service Packs and third-party vendors.
The Active Directory Connector (ADC) is not installed as part of the standard Active Directory setup process. Instead, ADC setup is available on the Windows Server 2003 CD in the \Valueadd\MSFT\MGMT\ADC folder, and the only decisions it requires are where to store the installed software and what to name the service account and password for the group authorized for Connector use. The Exchange Server must be available to complete the configuration.
ADC uses LDAP v3 to resolve information about objects to be synchronized. Connection agreements synchronize information among directory services. Synchronization is achieved when the services' respective databases have equivalent, but not necessarily identical, information. Connection agreements must identify servers, targeted objects, selected containers, and the schedule for data transfer.
NOTE
A fairly significant improvement of Windows Server 2003 is the ability to perform multiple LDAP binds on one connection for the purpose of authenticating users. Application developers can use this feature to bind multiple LDAP directories. The feature is designed to allow users to gain rapid authentication and to improve system performance.
The ADC must be configured to ensure proper synchronization. The Active Directory Connector snap-in is used to define the configuration properties, via the primary configuration tabs described here:
General establishes the direction of synchronization as two-way directions or one-way from/to the Active Directory or Exchange Server.
Connections establishes the method of authentication for both the Active Directory and the Exchange Server for bridgehead servers.
Schedule sets the time in which changes are to be synchronized (by default the systems are polled every 5 seconds for modifications during this scheduled period).
From Windows and From Exchange define which containers are polled, which changes are to be written, and the type of objects for synchronization.
Deletion defines where deleted objects from one directory service are stored in the corresponding directory. By default, deleted objects are not removed. However, if you select deletion, it occurs on both sides.
Advanced Settings establishes the number of entries per page of synchronization, known as paged results. It also defines the connector as primary.
 |
|
|
| Top |