Dear all, thanks for the post replies on this one. am still a little nervous about this !!!
on a different (but still related to ADC) tack, is anyone able to confirm whether the ADC modifies the schema a second time if the schema has already been modified using with the setup /forestprep i suspect that it does not but then why does the process of ADC installation require such a highly privileged account as one belonging to enterprise ?? GT ----- Original Message ----- From: "joe" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, August 01, 2004 6:01 PM Subject: RE: [ActiveDir] AD replication from 5.5 using ADC > A small correction... That KB article is actually 269843. Not sure why I > remembered that one off hand except that I was deathly afraid when we kicked > in the ADC that this would happen and our DNs would change for all of our > exchange enabled users which would have been a HUGE disaster for us. While > it isn't the best practice, you can't stop it in a large company, many > people working on LDAP apps would hard code specific DNs or do searches on > the cn or name and this would have wiped out every one of those apps. > > The actual link to the KB is > > http://support.microsoft.com/default.aspx?scid=kb;en-us;269843 > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Friday, July 30, 2004 1:55 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] AD replication from 5.5 using ADC > > The process for modifying the CAs is the same for E2k3. In our 5.5 to 2K3 > migration we had a bunch of undesirable special characters and group > identifiers in the 5.5 display that the ADC would replicate to the AD cn and > name fields. Following MSKB 269834 stopped the 5.5 display name from > overwriting cn and name, and replicated the 5.5 displayname only to the AD > displayname. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Graham Turner > Sent: Friday, July 30, 2004 11:41 AM > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] AD replication from 5.5 using ADC > > Al, the document i reference is titled "Understanding an Deploying Exchange > 2000 Active Directory Connector" - sourced from the given URL > > I am aware that this is for Ex2k ADC - but can find no similar document for > Ex2k3 ! so i have taken assumption this is not to far off !?? > > your are perhaps right on "my expectation" - my initial view has been to > replicate data only from the 5.5 where it is required - by implication the > AD is the authoritative data source > > this is the rationale behind my endeavour to understand how to manage, prior > to what will likely be a big hit, the data that is brought into the > directory from 5.5 > > GT > > > > ----- Original Message ----- > From: "Mulnick, Al" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, July 30, 2004 4:09 PM > Subject: RE: [ActiveDir] AD replication from 5.5 using ADC > > > > Graham, it sounds like you have different expectations of what the ADC > does > > for you. In the scenario you speak of, ADC is considering 5.5 to be > > authoritative for several fields. If you have multiple sites (5.5 or > Active > > Directory) I suggest you get this worked out in some way to maintain > > consistency both before as well as after you join the directories. > > > > On that note, since this is a directory join question, I think it's on > topic > > for this forum. > > > > If this is not something you want to have happen, you can modify the > > behavior for several of the attributes but I was under the impression > > that modifying the flags you mention is not the way it's done in 2003. > > Just can't remember where I saw that at the moment. :) I'll look if > > it's applicable to your situation, but it's likely one of the docs on > > http://www.microsoft.com/exchange/library > > > > > > Finally, what document are you referencing so we can all see the same > > information. If it needs to be fixed, then we should submit that for > > fixing. > > > > Al > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Graham Turner > > Sent: Friday, July 30, 2004 10:04 AM > > To: [EMAIL PROTECTED] > > Subject: [ActiveDir] AD replication from 5.5 using ADC > > > > hopefully once again i am not charged with going too O/T with this > > one, > but > > was looking to get a bit of further information on the potential > > impact of > a > > replication from an exchange 5.5 server to a win2k AD > > > > it seems there is potential for the change of attributes already in > > the AD if there is different data in the 5.5 directory. > > > > the most obvious of these seems to be the "display name" given its > > prevalence in most directories, and likelihood (this is true in this > specfic > > case) of different convention being used between the directories; > > > > in 5.5 we have surname ^ firstname , whilst on AD we have the other > > way round ! > > > > i have reviewed the ADC documentation > > > > seems there are two ways we can acheive some sort of control - > > > > i. default adc policy where we can set globally certain attribute data > > not to be replicated > > > > ii. 'connection agreement' policy which is manipulated using ADSI edit > > > > the latter seems preferable given scope for different CA configuration > > > > could anyone possibly explain what this actually does - the ADC doc's > > reference quotes "Do not overwrite RDN with the Exchange 5.5 Alias > > attribute." > > > > don't know if this is a typo but the alias in a 5.5 directory does not > look > > to relate to the display name as the technote seems to suggest > > > > does this ADC configuraton value relate ONLY to the replication of the > > "display name" ?? > > > > am i also right to say that this MSEXCHSERVER1FLAGS value controls the > > behaviour when replicating to Windows (and by implication from > > Exchange > > 5.5 ) ?? and that the msexchserver2flags value controls the behaviour > > the other way round ? > > > > if i am too O/T my apologies - > > > > GT > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
