Identifying Rules Extension Requirements

Applies To: Windows Server 2003 with SP1

Previous Sections in This Guide

To identify the requirements for each rules extension, read the synchronization rule specification included in the metadirectory design document. The specification tells you all the rules that are planned and it should define rules that require extensions as extension implemented. If you have any questions about what is required for the rules extensions, ask the synchronization rules planner for clarification.

Steps for Planning Rules Extensions

This section details procedures that you can use to build rules extensions for your deployment scenario. When you create rules extensions, remember the following:

  • You can create an XML initialization file for any configuration information that the rules extension requires but that you do not want to include as constants in your code. You should place this file in the MIIS 2003 Extensions folder so that all such files are in a known location and are available to be restored. MIIS 2003 automatically backs up the extension directory into a Microsoft SQL Server table in the MIIS 2003 database, and the XML files are restored during the MIISactivate process. For more information about MIISActivate.exe, see the MIIS 2003 Developer Reference. You can make configuration changes to the rules extension without having to rebuild it by using a control file in this way. Examples of the sort of information you might store in the XML file are:

    • A flag to indicate if provisioning is to be carried out for a particular management agent, providing you with more detailed provisioning control than the UI provides. In the UI, you can only enable or disable provisioning globally.

noteNote
This can be particularly useful, when introducing a new connected data source to your solution, if you wish to disable its provisioning during a discover process but when you want to allow provisioning to occur for other connected data sources.

  • LDAP container definitions used for account provisioning. You might also include a flag to control whether the provisioning code creates a parent organizational unit (OU) in the connector space if one does not exist.

  • Do not create rules extensions that implement or call unsafe code. Use only .NET Framework classes rather than direct application programming interface (API) calls within your rules extension code.

  • Avoid calling external modules for the following reasons:

    • If the external module stops responding, MIIS 2003 terminates the operation as if the extension has “crashed.”

    • Relying on data that is provided by external sources means that the solution is no longer state based, and you might confuse the synchronization engine.

    • You will have to manage the external modules to ensure that they are available when required by your rules extension.

  • Set the connector space or metaverse object attributes based on object state, not based on any assumptions about the order in which MIIS 2003 executes attribute mapping rules. Object state is determined by the values of all attributes on an object. For more information about object state, see the MIIS 2003 Developer Reference.

  • Use the naming conventions, including case, specified in the metadirectory design document for all object and attribute names.

  • When you debug your code, you have to run a rules extension “in process.” This in-process configuration also enables the best performance even when you are not debugging. A rules extension crash can bring down the service when you run the rules extension in the same process as the MIIS 2003 service. Test your rules extensions thoroughly, and if any doubt remains about their reliability, run them in a separate process.

  • Do not design your rules extensions to write any actual data into a file in the Extensions folder for MIIS 2003. Your rules extension assembly is saved to the Extensions folder in the directory containing the installed MIIS 2003 files. The Extensions folder is used for instructions only and contains files that are called by the server during its operation. If you write data to this folder, you might terminate the execution of management agents.

Next

See Also

Community Additions

ADD
Show: