Step 4 - Create SQL Management Agent

Published: December 23, 2009

Applies To: Windows Server 2008, Windows Server 2008 R2

In this step we will be creating the ILM 2007 FP1 SQL management agent. This management agent will be used with the SQL database we create to track which users have had their SIDs successfully migrated. This database is used to build a list of users to run ADMT against. If the flag in the database is set to No, then this user will be included in the list of users our automation program will use.

The following steps show how to create the SQL management agent.

  1. Log on to RES-DC.resource.fabrikam.net as Administrator

  2. Click Start, click All Programs, click Microsoft Identity Integration Server, and click Identity Manager.

  3. In Identity Manager, click the Management Agents button at the top.

  4. In the Management Agents view, under Actions, click Create. This will bring up the Create Management Agent dialog box.

  5. On the Create Management Agent dialog box, under Management Agent for, select SQL Server. Under Name enter SQL and click Next.

  6. On the Connect to Database dialog box, for Server enter RES-DC.

  7. On the Connect to Database dialog box, for Database enter UserSidTracking.

  8. On the Connect to Database dialog box, for Table enter Users.

  9. On the Connect to Database dialog box, under Authentication mode, select Windows integrated authentication.

  10. On the Connect to Database dialog box, under User name enter Administrator.

  11. On the Connect to Database dialog box, under Password enter Pass1word$.

  12. On the Connect to Database dialog box, under Domain enter RESOURCE.

  13. On the Connect to Database dialog box, click Next.

  14. On the Configure Columns dialog box, click Set Anchor. This will bring up the Set Anchor dialog box.

  15. On the Set Anchor dialog box, under Available attributes, select EmpID and click Add. This will add the EmpID to the Selected attributes column.

  16. On the Set Anchor dialog box, Click OK. This will close the Set Anchor dialog box.

  17. On the Configure Columns dialog box, click Next.

  18. On the Configure Connector Filter dialog box, click Next.

  19. On the Configure Join and Projection Rules dialog box, select person and click New Join Rule. This will bring up the Join Rule for person dialog box.

  20. On the Join Rule for person dialog box, under Data source attribute select EmpID.

  21. On the Join Rule for person dialog box, under Mapping Type select Direct.

  22. On the Join Rule for person dialog box, under Metaverse Object Type select person.

  23. On the Join Rule for person dialog box, under Metaverse attribute select employeeID.

  24. On the Join Rule for person dialog box, click Add Condition. If you see a dialog box that says, You are attempting a join mapping with a non-indexed metaverse attribute, you can safely ignore it and click OK.

  25. On the Join Rule for person dialog box, click OK. This will close the Join Rule for person dialog box.

  26. On the Configure Join and Projection Rules dialog box, click Next.

  27. On the Configure Attribute Flow dialog box, under Data source object type select person.

  28. On the Configure Attribute Flow dialog box, under Metaverse object type select person.

  29. On the Configure Attribute Flow dialog box, under Data source attribute select FirstName.

  30. On the Configure Attribute Flow dialog box, under Mapping Type select Direct.

  31. On the Configure Attribute Flow dialog box, under Flow Direction select Export.

  32. On the Configure Attribute Flow dialog box, under Metaverse attribute select givenName.

  33. On the Configure Attribute Flow dialog box, click New. This flow rule will appear above. Repeat these steps for each attribute in the following table.

    SQL MA Direct Attribute Flow

    Data Source Object Type

    Metaverse Object Type

    Data Source Attribute

    Mapping Type

    Flow Direction

    Metaverse Attribute

    person

    person

    FirstName

    Direct

    Export

    givenName

    person

    person

    LastName

    Direct

    Export

    sn

    person

    person

    sIDHistoryPresent

    Rules Extension

    Export

    sIDHistory

  34. On the Configure Attribute Flow dialog box, under Data source object type select person.

  35. On the Configure Attribute Flow dialog box, under Metaverse object type select person.

  36. On the Configure Attribute Flow dialog box, under Data source attribute select sIDHistoryPresent.

  37. On the Configure Attribute Flow dialog box, under Mapping Type select Advanced.

  38. On the Configure Attribute Flow dialog box, under Flow Direction select Export.

  39. On the Configure Attribute Flow dialog box, under Metaverse attribute select sIDHistory.

  40. On the Configure Attribute Flow dialog box, click New. This will open the Advanced Export Attribute Flow Options dialog box.

  41. On the Advanced Export Attribute Flow Options dialog box, make sure the radio button for Rule extension is selected.

  42. On the Advanced Export Attribute Flow Options dialog box, next to Flow rule name: clear what is in the box and enter SidHistory. Click OK. This will close the Advanced Export Attribute Flow Options dialog box.

    SQL MA Advanced Attribute Flow

    Data Source Object Type

    Metaverse Object Type

    Data Source Attribute

    Mapping Type

    Flow Direction

    Metaverse Attribute

    person

    person

    SidHistoryPresent

    Advanced

    Export

    sIDHistory

  43. On the Configure Attribute Flow dialog box, click Next.

  44. On the Configure Deprovisioning dialog box, select Stage a delete on the object for the next export run and click Next.

  45. On the Configure Extensions dialog box, under Rules extension name: make sure SQLExtension.dll is in the box and click Finish.

  46. Close Identity Manager.

Community Additions

ADD
Show: