Job Management Partner 1/Software Distribution Administrator's Guide Volume 1
This subsection describes how to export from Active Directory the information needed to create a map file and a parameter file and how to extract the required information.
This subsection describes how to extract from Active Directory the information whose specification is mandatory. Because the information to be extracted depends on the desired information, you must evaluate the range of information to be acquired from Active Directory beforehand.
The following table shows the information whose specification is mandatory, whether the information is specified in the map file, and the tag names to be specified in the parameter file.
Table 3-2 Information whose specification is mandatory
Information to be specified | Whether the information is specified in the map file | Tag name to be specified in the parameter file |
---|---|---|
Connection ID | -- | ID |
Domain name | -- | DOMAIN |
Target group's DN#1 | -- | GNAME |
DN for the OU to which the target group belongs#1 | -- | GOU |
DN for the OU to which the target computer belongs#1 | -- | COU |
DN for the OU to which the target user belongs#2 | -- | UOU |
You use the LDIFDE Windows standard command to export Active Directory information. Because execution of the LDIFDE command with no options specified results in output of a large amount of information, you should execute this command separately for each information item that is to be output.
To export Active Directory information by using the LDIFDE command:
ldifde -u -p Subtree -r "objectclass=user" -l dn -f out1.txt
dn: CN=Administrator,CN=Users,DC=Sample,DC=co,DC=jp changetype: add dn: CN=Guest,CN=Users,CN=Users,DC=Sample,DC=co,DC=jp changetype: add dn: CN=User01,OU=Domain Controllers,CN=Users,DC=Sample,DC=co,DC=jp changetype: add : : |
ldifde -u -p Base -l dn -f out2.txt
dn: DC=Sample,DC=co,DC=jp changetype: add |
ldifde -u -p SUBTree -r "(objectclass=group)" -l dn -f out3.txt
dn: CN=Managers,DC=Sample,DC=co,DC=jp changetype: add dn: CN=Group01,DC=Sample,DC=co,DC=jp changetype: add dn: CN=Group02,DC=Sample,DC=co,DC=jp changetype: add : : |
ldifde -u -p SUBTree -r "(objectclass=organizationalUnit)" -l dn -f out4.txt
dn: OU=Groups,DC=Sample,DC=co,DC=jp changetype: add dn: OU=Software_Division,DC=Sample,DC=co,DC=jp changetype: add dn: OU=Headquarters_A,OU=Software_Division,DC=Sample,DC=co,DC=jp changetype: add : : |
This subsection describes how to extract optional information from the Active Directory information. You extract optional information by using the LDIFDE command to export the Active Directory information. The following table lists the optional information, whether the information is specified in the map file, and the tag name to be specified in the parameter file.
Table 3-3 Optional information items
Optional information | Whether the information is specified in the map file | Tag name to be specified in the parameter file |
---|---|---|
Attribute name used by the user for assignment between user and computer | -- | USRKEY |
Attribute name used by the computer for assignment between user and computer | -- | COMKEY |
Attribute name for the item to be acquired from the user | Y | USRATTR |
Attribute name for the item to be acquired from the computer | Y | COMATTR |
Attribute name for the item to be acquired from OU | Y | OUATTR |
Attribute name for the item to be acquired from groups | Y | GRPATTR |
To identify an attribute name (COMKEY) used by the computer for assignment between user and computer:
ldifde -u -p Subtree -r "cn=dmp001" -f out5.txt
Figure 3-58 Example of output result by the LDIFDE command
All Rights Reserved. Copyright (C) 2009, 2013, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated.