RE: [ActiveDir] LDAP and related Exchange question

[Mulnick, Al]

Title: LDAP and related Exchange question

Right, and although it's possible that cdoexm has some of this built in, it's not likely (and not something I've seen in there before, although I could have missed it).    As for uniqueness, the only value that's guaranteed to be unique in a forest is the GUID.  If you're stepping outside of the forest boundaries, there is nothing that is "guaranteed" to be unique unless you made it that way via process and code.   SMTP address should be unique, but it's not guaranteed that it will be when you try to sync, just that you'll know because you'll have a non-functioning SMTP recipient if it is non-unique.  If you need to find something to use to sync with, you'll have to analyze all of the directory data in your scope and either pick something or modify some of the directories and processes to uniquely identify the wetware.   Joe's up on all of this Exchange directory stuff, he should be weighing in shortly I would imagine ;) From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, March 03, 2005 9:34 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] LDAP and related Exchange question I haven’t read the blog yet – I will – but uniqueness is enforced by ADUC (or any other provisioning mechanism that has the intelligence built into it). You can certainly shove colliding values into this attribute by other means.   Deji   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, March 03, 2005 5:58 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] LDAP and related Exchange question   I was going through the You Had Me At Ehlo blog and ran across the most recent post which describes in some detail about how uniqueness is maintained in the proxyAddresses attribute.  I’m curious though… does this only apply for changes made through ADUC or does it apply to changes made through any mechanism (e.g. scripts, ldp, etc)? Here’s the link: http://blogs.msdn.com/exchange/archive/2005/01/10/350132.aspx. Some background… in all this madness to bring single-sign-on to fruition, we’re running into problems finding a unique value that can be used to tie AD to other directories when extracting information from a forest.  We were keying off samAccountName but found too many identical names from domain to domain. marcus c. oh \\.\core technologies\cox communications, inc. \\.\mvp\windows server systems\management [v] 404.847.6117     [c] 404.391.7097