Store in Active Directory|
<< Click to view the table of contents >> Navigation: Commands >
|
|
When you have made all the necessary changes and want to store them in Active Directory, simply select the desired records and use the Store in Active Directory command.
If you press the Validate button, selected records in the grid and existing data in Active Directory are checked. All check steps and their results are displayed in the Information Panel. If errors are detected, such as duplicate records or inconsistencies with the Active Directory database, you cannot continue and store in AD until the errors are resolved.
If you press the Store button and the validation process is passed, the grid changes are permanently stored in the AD database.
The following storage options are available for User-type projects.
User |
Stores user attributes in AD. |
•Assigns initial password only to new users |
The extra attribute Extra_InitialPassword is stored only for new users, so only for records that are not yet in the Active Directory database. |
•Assigns initial password to all users. |
The extra attribute Extra_InitialPassword is stored for all selected records, so existing user passwords in Active Directory are overwritten with the current grid values. |
•Overwrite existing user when these attributes values match (override list). |
Before storing a new user, then for records with no value in the SID column, a search is performed in the existing Active Directory users with the same values matched to the attributes in the override list. The search criterion is met only if all values in the list match (logical AND operator). If no user is found that matches the search criterion in AD, a new user will be created in Active Directory. If only one existing user is found in AD that matches the search criterion, it is overwritten with the grid values. After overwriting, the information panel reports the user's membership groups and organizational unit before the overwriting operation. If multiple users matching the search criteria are found, an error is generated in the information panel for the current record in grid and no change is made in Active Directory.
NOTE: Using this feature may cause a performance degradation in storage speed, especially when the override list contains many attributes. |
|
|
Home folders and file system data |
Sets folder access permissions in the file system related to attributes attached to a rule of type Data Folder such as the HomeDirectory attribute. |
•Updates access permissions and leave unchanged user data |
Set folder access permissions on the disk, data is not changed, and only security descriptors are updated according to the Data Folder rule settings. |
•Delete user data and rebuild a new empty data folder |
Deletes all data contained in folders on the disk and sets security descriptors according to the data folder rule settings |
|
|
Shortcut to Home folders |
Create a Windows shortcut structure (Shortcuts) to users' personal folders in a network shared folder, for more information see the Shortcuts command |
•Adds or updates shortcuts to an existing parent folder |
Leaves the contents of the target network folder unchanged, updates shortcuts that have the same path and name, and adds any new shortcuts. |
•Deletes the contents of the parent folder and rebuild all the shortcuts |
Clear the contents of the target network folder and create a new shortcut structure |
The following storage options are available for group-type projects.
Groups |
Store group attributes in AD. |
|---|---|
•Overwrite existing group when these attribute values match (Override list) |
Before storing a new group, then for records with no value in the SID column, a search is performed in the existing Active Directory groups with the same values matched to the attributes in the override list. The search criterion is met only if all values in the list match (logical AND operator). If no group is found that matches the search criterion in AD, a new group will be created in Active Directory. If only one existing group is found in AD that matches the search criterion, it is overwritten with the grid values. After overwriting, the information panel reports the group's membership groups and organizational unit before the overwriting operation. If multiple groups matching the search criteria are found, an error is generated in the information panel for the current record in grid and no change is made in Active Directory.
NOTE: Using this feature may cause a performance degradation in storage speed, especially when the override list contains many attributes. |
Data folders in file system |
Sets access permissions of folders in the file system related to attributes linked to a rule of type Data Folder |
•Update only security permissions leaving the data unchanged |
Set folder access permissions on the disk, data is not changed, and only security descriptors are updated according to the Data Folder rule settings. |
•Delete all data and rebuild a new folder |
Deletes all data contained in folders on the disk and sets security descriptors according to the data folder rule settings |
Public folders |
Creates a public folder in the file system for each selected group |
•Update only security permissions leaving the data unchanged |
Sets access permissions of public folders on the disk, data remains unchanged and only security descriptors are updated according to the Public Folders configuration |
•Delete the contents and rebuild a new public folder |
Deletes all data contained in public folders on the disk and sets security descriptors according to the Public Folders configuration |
See also: Delete from Active Directory - Shortcuts - Public Folders - Data Folder Rule - Extra attributes