Archives for September 2014

Getting all possible classes / attributes for a AD Object

So in the World of the AD everything is build by classes. Classes are stored in the Schema part of the AD.

So what does this mean?

The fast basics

  • Each AD object has a objectClass which matches to a class in the schema.
  • Each class has a parent (subClassof)
  • One class has itself as its parent (top)
  • Each class has available attributes which might or must be set on an AD object.
  • An AD object can use all attributes of its class and all above it.

There are 4 attributes defined for each class which says which attributes it carries:

  • MayContain
  • MustContain
  • systemMayContain
  • systemMustContain

Lets get all classes that is assigned to a AD Object

[Read more…]

Possible source fields for Azure Active Directory Sync Services transformations

So Microsoft has released the latest version of the directory sync tools between your on-premise directory and the Microsoft Azure AD. So there is a load of information about it written on MSDN, but the information I was looking for I couldn’t find. With the new AAD Sync you can apply transformations, if a field is in the wrong place in your Active Directory you can let the sync tool take the data from another attribute in the AD. This is done by storing the data in the AAD Sync meteverse. The In rules populate the metaverse and the out rules polulate services. Edit Outbould syncronization rule And there is a big list of attributes to select from. Give the illusion that you can select just about any attribute. But no. There are some attributes missing. So I have completed a list of all attributes that are available under the source selection box. Source Attributes Default attributes in the DirSync Metaverse. [Read more…]