Re: Virtual List View functionality in ADAM and Outlook
From: Al Mulnick (amulnick_No_SPAM_at_ncDOTrr.com)
Date: 11/11/04
- Next message: Al Mulnick: "Re: Class not registered" Error When Accessing Active Directory"
- Previous message: Johnny Chow: "Branch Office Setup"
- In reply to: Matt Totty (LMCO/USAF): "Re: Virtual List View functionality in ADAM and Outlook"
- Next in thread: Matt Totty (LMCO/USAF): "Re: Virtual List View functionality in ADAM and Outlook"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 10 Nov 2004 21:10:04 -0500
Matt, I'm guessing that it's Microsoft you want to talk with on the phone
not that it wouldn't be fun to go down there though ;)
Just to clear it up a little let me play this back to see if I have it
correctly.
Major Issue:
The major issue to get around is the amount of objects in the GAL.
Sub-issues/information:
You have nine forests that are synch'd via MIIS and that's likely the
beginning of the amount of objects.
Patching is not an issue for clients if required to make it work.
OAB is handled via some other third party app.
Using something other than the default GAL for the Outlook clients doesn't
provide a support headache for you.
Question: is that 1million user objects spread out among 9 forests and then
sync'd back in (total number of user objects would be 1/9th of a million per
forest)?
Proposed solution:
Use ADAM and VLV's to provide more customized AB's to units and to off-load
the 8/9'ths of extra objects replicated around but instead put them in a
separate directory store-space.
Blockers to deployment:
complexity
support
effort
But none of the blockers seem to apply based on your post. Sounds like you
want to off-load whether it's done in ADAM or OpenLDAP, or whatever store
works and costs the least to own (guess on my part for that last one), but
ADAM offers some nice benefits that make it attractive if you can make it
work.
Did I get that right?
Are those numbers about right? 150K user objects per forest give or take?
Al
"Matt Totty (LMCO/USAF)" <MattTottyLMCOUSAF@discussions.microsoft.com> wrote
in message news:2470030B-FF98-418D-B4EC-0FE0C7F4D924@microsoft.com...
> Al,
>
> Why am I going to have to patch any clients- you lost me on that. If I can
> point to ADAM from outlook using generic LDAP then I at least have a
> solution
> for small organizations and tactical Air Force units sitting out there in
> the
> sand. A few added features would enable us to move this forward as a total
> GAL solution for the entire AF. If a patch was required, then I don't
> understand why it would be prohibitive. The Air Force loads patches
> everyday.
>
> As for VLV- ADAM does support it. Following Dmitri's advice I have
> installed
> some hotfixes that will enable this functionality.
>
> I can already get a pretty VLV to work gracefully using MasterKey Plus
> from
> Bolden James which DoD has an enterprise license for.
>
> I should be able to point to ADAM from the Outlook LDAP client and get a
> Virtual List View if nothing else!
>
> The OAB issue is completely different from the Virtual List View.
> Downloading portions of the directory is possible for addressing purposes
> using third party products.
>
> In previous posts I explained repeatedly why we would want to offload Air
> Force GAL directory. I cannot stress enough that we have approximately 1
> million objects- and the AF is going to want other services added. Do I
> continue to write all of these entries into the MAJCOM AD Forests? Do I
> continue to try to manage this volume of information with MIIS? (NO!)
> What
> about small orgs that want a connection using MIIS (there goes another
> million objects conenctor space!)From a texbook view- it doesn't sound
> that
> bad. But it has been a nightmare so far- MIIS is a great product- I am not
> slamming it- but it is defintiely a first generation product with bugs and
> performance issues. Let's don't sugar coat it. Synchronizing the AF GAL
> across 9 massive AD forests and several other entities is becoming
> untenable.
> I can show you if you want to come down. ;)
>
> If lighting struck and we all decided to go down this path- yes we would
> be
> reinventing some components and processes. I don't see anything wrong with
> that due to the size of the AF and other services. However, you just saved
> tremendous overhead for MAJCOM AD's and the multiple MIIS implementation.
>
> So if you think I am not going down the right path- do you have
> suggestions
> for the correct way to do this? I would appreciate any hints you guys
> might
> have! We probably need to talk over the phone to clear up any confusion.
> Would you be amenable to this?
>
> Thanks.
>
>
>
>
>
>
> "Al Mulnick" wrote:
>
>> Matt, I see what you're talking about but I'm concerned that you're going
>> in
>> a direction that will be much more difficult to manage than you want it
>> to
>> be. You obviously know best what you can and can't sell to them, but
>> IMHO
>> any solution that requires you to patch all those clients is going to
>> take
>> longer to deploy then you really may want to take.
>>
>> Using a VLV ( I had to refresh my memory on this
>> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/searching_with_the_ldap_vlv_control.asp)
>> sounds nice enough, but my understanding of VLV's is that the client has
>> to
>> implement it and the directory has to support it. You ahve half of that
>> already :)
>>
>> I think that's what Dmitri is talking about with the Outlook hotfixes,
>> but I
>> could be wrong about that and don't want to put words in this mouth.
>> That's
>> just how I read it.
>>
>> Address Lists seem to be the way to go for this feature (vs. ABV's) in
>> terms
>> of finished product, how it fits in to the overall solution, and
>> efficiency.
>> However, AL's require the RUS to process and it might be best for you to
>> off-load the RUS process similar to how a hosting organization might want
>> to
>> do that. The advantage of using the built in functions is the ability to
>> OAB's. You can't do that with the LDAP directory based solution as
>> easily.
>> I don't know your security policies around laptops and mobile users
>> having
>> off-line access to email clients and directories, but that would be a big
>> issue you'd have to overcome if you off-load the GAL in many
>> implementations.
>>
>> I'm not seeing this as doing what you want in the long term, at least not
>> as
>> well as the features in the product. I see this as something you'd have
>> to
>> start doing and then have to re-make pieces of the product solution
>> components over time just to reach what's there now.
>>
>> I'm not sure I understand all of the issues that drove you there but
>> duplicating a directory for presentation purposes when it might mean
>> updating every client you own and then having to reinvent many of the
>> product components (OAB for example) seems prohibitive. Without knowing
>> the
>> rest of the details that took you to this path, I can do no more than
>> guess.
>>
>> Hopefully the conversation is at least helpful.
>>
>> Al
>>
>> "Matt Totty (LMCO/USAF)" <MattTottyLMCOUSAF@discussions.microsoft.com>
>> wrote
>> in message news:E9741A3D-ABBB-424E-8987-E13D80C1CCC6@microsoft.com...
>> > Ok guys.
>> >
>> > Lee- I have been a member of the MIIS users group for a long time. As a
>> > matter of fact- we were running MIIS when it had no documentation lol.
>> > But
>> > the simple fact is this. When you make changes to MIIS - many times you
>> > have
>> > to perform full synchronizations. With us- it takes days- and if we
>> > decide
>> > to
>> > add other services to the directory- it will only make matters worse. I
>> > don't
>> > even want to talk about the thousands of errors we have to resolve
>> > during
>> > some sync cycles. Future plans for provisioning scenarios are
>> > complicated
>> > by
>> > the fact that we have to worry about crunching all of these objects. On
>> > paper
>> > MIIS will scale to the sky - in reality- performance becomes a huge
>> > bottleneck.
>> >
>> > One of the scenarios we experienced a couple of times is that the MIIS
>> > server DB becomes corrupted- and we have had to rebuild the box from
>> > scratch.
>> > Do I ask the AD admin to delete a million objects so I can repush them?
>> > No-
>> > they won't have that. So we have to spend three days doing bulk email
>> > joins
>> > and manual container joins. Which becomes messy at best.
>> >
>> > Al- the address book view is just something that the end user is used
>> > to.
>> > I
>> > have argued that there is really no overwhelming need for it. What is
>> > simpler
>> > than typing in a last name first initial in the VLV? I agree that these
>> > views
>> > by base don't really buy them a lot. But I am not going to be able to
>> > change
>> > the mindset in the AF overnight. However- it would be a knarly feature
>> > to
>> > integrate with ADAM. The Major Commands within the Air Force want to be
>> > able
>> > to control how the GAL is presented to their users.
>> >
>> > My question is this- Could the fucntionality of ADAM be enhanced to
>> > provide
>> > the features necessary to provide a GAL similar to that of Exchange
>> > 2000/2K3?
>> > Is this idea too far out?
>> >
>> >
>> >
>> > "Lee Flight" wrote:
>> >
>> >> Matt,
>> >> if you are seeking feedback/comparison on your MIIS performance
>> >> experiences you might want to try on the MMSUG forum on yahoo
>> >> groups if you have not already done so. All the MIIS experts seem
>> >> to be there.
>> >>
>> >> Lee Flight
>> >>
>> >> "Matt Totty (LMCO/USAF)" <MattTottyLMCOUSAF@discussions.microsoft.com>
>> >> wrote
>> >> in message news:C9C60B82-A063-49C9-AB93-EFB9CAEB576A@microsoft.com...
>> >> > Thank you gentlemen.
>> >> >
>> >> > Dmitri- we do currently use MIIS to bring all of our entries into
>> >> > ADAM
>> >> > from
>> >> > multiple AD's. I am trying to OFFLOAD the GAL to ADAM so that each
>> >> > instance
>> >> > of MIIS (15 severs curently) does not have to worry about crunching
>> >> > through 1
>> >> > million entries. We currently do a push and pull- and I want to do
>> >> > pulls
>> >> > only- to ADAM and have the end user hit ADAM for GAL purposes. In
>> >> > our
>> >> > case
>> >> > it
>> >> > greatly reduces a lot of overhead. Overhead from an MIIS point of
>> >> > view
>> >> > and
>> >> > also from an AD point of view. Today a million objects- tomorrow
>> >> > millions
>> >> > more as the Air Force will have a need to integrate other services-
>> >> > NAVY,
>> >> > Army, into their Global. I see this coming and am trying to come up
>> >> > with a
>> >> > solution that is going to keep us from failing. Have you ever
>> >> > synchronized
>> >> > a
>> >> > million entries in MIIS? ;)
>> >> >
>> >> > Lee- we only pull contact information- we exclude distribution
>> >> > lists.
>> >> >
>> >> > So something to consider from a technical standpoint- I do not want
>> >> > to
>> >> > even
>> >> > go off on a cost and development tanget- is to somehow integrate
>> >> > features
>> >> > into Outlook/ADAM that will enable Address Book View functionality.
>> >> > Is
>> >> > this
>> >> > something that is just too wild to consider? It seems on a high
>> >> > level
>> >> > that
>> >> > since ADAM and AD are closely married this would be something that
>> >> > is
>> >> > at
>> >> > least achievable from a technical standpoint. I am not of the school
>> >> > that
>> >> > you
>> >> > would even want to have a view by base since I can type in a last
>> >> > name
>> >> > and
>> >> > have the entries appear. But this is the military and they demand
>> >> > it.
>> >> >
>> >> > As far as LDAP instances go- We have close to 108 bases- so that is
>> >> > not
>> >> > going to be a solution.
>> >> >
>> >> > For the tactical untis ( people fighting the wars) in the middle
>> >> > east
>> >> > and
>> >> > elsewhere- they are going to love the fact that they can access the
>> >> > GAL
>> >> > via
>> >> > ADAM.
>> >> >
>> >> >
>> >> > "Lee Flight" wrote:
>> >> >
>> >> >> Following from Dmitri, you can change the name of the service that
>> >> >> appears in the drop-down. I currently have Outlook 2003 running on
>> >> >> WinXP with three LDAP address books LDAP1,LDAP2 and LDAP3
>> >> >> in the drop-down, respectively pointing to:
>> >> >>
>> >> >> an ou in an application partition in an ADAM instance
>> >> >>
>> >> >> a container in a different application partition in the same ADAM
>> >> >> instance
>> >> >>
>> >> >> an ou in an application partition in a different ADAM instance,
>> >> >> this
>> >> >> one
>> >> >> is ADAMsync'ed from AD
>> >> >>
>> >> >> all instances are on the same WinXP box
>> >> >>
>> >> >> A couple of other things to think about are:
>> >> >>
>> >> >> what objects you will have in the address list, contacts will be
>> >> >> fine
>> >> >> but you will have problems, I think, if you need to handle
>> >> >> Distribution
>> >> >> Lists that might exist in your Exchange GAL
>> >> >>
>> >> >> what credentials that you will be using to bind to the ADAM
>> >> >> instance,
>> >> >> I'm presuming that the outloook clients are domain based. I just
>> >> >> wondering
>> >> >> if there is a way of using permissions for the binding user to
>> >> >> return
>> >> >> the
>> >> >> appropriate "view" (if you are using restricted views in that way).
>> >> >>
>> >> >>
>> >> >> Lee Flight
>> >> >>
>> >> >>
>> >> >> "Dmitri Gavrilov [MSFT]" <dmitrig@online.microsoft.com> wrote in
>> >> >> message
>> >> >> news:e2vZQjfwEHA.3936@TK2MSFTNGP10.phx.gbl...
>> >> >> > Ah, you are using Outlook. Then your choices are somewhat
>> >> >> > limited.
>> >> >> >
>> >> >> > First of all, you can only have a single "address book" entry per
>> >> >> > LDAP
>> >> >> > service in the dropdown. You can certainly point it at ADAM, and
>> >> >> > it
>> >> >> > will
>> >> >> > work just fine (after you apply the QFE and create a subtree-ized
>> >> >> > index
>> >> >> > for
>> >> >> > CN).
>> >> >> >
>> >> >> > I guess you can configure multiple LDAP services, pointing to the
>> >> >> > same
>> >> >> > ADAM
>> >> >> > instance, each with a different search base -- this will give you
>> >> >> > an
>> >> >> > illusion of multiple address books. I am not sure if you can
>> >> >> > control
>> >> >> > the
>> >> >> > name of the service that appears in the drop-down. The other
>> >> >> > limitation
>> >> >> > is
>> >> >> > that you can not have one user belong to multiple "address
>> >> >> > books",
>> >> >> > because
>> >> >> > you can not have it in two different containers at the same time.
>> >> >> >
>> >> >> > However, if you just need to support a single GAL, then you can
>> >> >> > certainly
>> >> >> > push it into ADAM. Take a look at adamsync (currently in beta),
>> >> >> > that
>> >> >> > will
>> >> >> > help you to bring data from AD into ADAM and keep it in sync.
>> >> >> > Alternatively,
>> >> >> > you can use MIIS to do the syncing. IIFP (MIIS-lite) is free --
>> >> >> > it
>> >> >> > will
>> >> >> > work
>> >> >> > for AD-ADAM synchronization.
>> >> >> >
>> >> >> > --
>> >> >> > Dmitri Gavrilov
>> >> >> > SDE, Active Directory Core
>> >> >> >
>> >> >> > This posting is provided "AS IS" with no warranties, and confers
>> >> >> > no
>> >> >> > rights.
>> >> >> > Use of included script samples are subject to the terms specified
>> >> >> > at
>> >> >> > http://www.microsoft.com/info/cpyright.htm
>> >> >> >
>> >> >> > "Matt Totty (LMCO/USAF)"
>> >> >> > <MattTottyLMCOUSAF@discussions.microsoft.com>
>> >> >> > wrote
>> >> >> > in message
>> >> >> > news:761F533D-F25D-4077-BE60-82AAEC4DFBF1@microsoft.com...
>> >> >> >> We need to be able to present the end user with a drop down view
>> >> >> >> of
>> >> >> >> Air
>> >> >> > Force
>> >> >> >> bases using outlook/ADAM. Currently- the user achieves this via
>> >> >> >> an
>> >> >> > Exchange
>> >> >> >> address book view based on SMTP address in their respective
>> >> >> >> Active
>> >> >> >> Directories. If I can somehow do the same thing using
>> >> >> >> Outlook/ADAM,
>> >> >> >> then
>> >> >> > the
>> >> >> >> Air Force can effectivly offload thier Global Address List to
>> >> >> >> ADAM.
>> >> >> >> There
>> >> >> > are
>> >> >> >> multiple reasons why we would like to do this which I can
>> >> >> >> describe
>> >> >> >> in
>> >> >> >> more
>> >> >> >> detail if you wish. But the main point I am trying to make is
>> >> >> >> that
>> >> >> >> we
>> >> >> >> need
>> >> >> > to
>> >> >> >> achieve a similar end user experience with the end user using
>> >> >> >> ADAM
>> >> >> >> as
>> >> >> >> he
>> >> >> >> would by using the AD/Exchange ABV. If we can even come close
>> >> >> >> that
>> >> >> >> would
>> >> >> > be
>> >> >> >> outstanding.
>> >> >> >>
>> >> >> >> "Dmitri Gavrilov [MSFT]" wrote:
>> >> >> >>
>> >> >> >> > Hmm. ADAM base schema does not include showInAddressBook
>> >> >> >> > attribute,
>> >> >> > which
>> >> >> >> > means all special logic that exists in AD for this attribute
>> >> >> >> > will
>> >> >> >> > not
>> >> >> > work
>> >> >> >> > (even if you import it). So, you will have to implement your
>> >> >> >> > own
>> >> >> > solution
>> >> >> >> > based on regular LDAP queries (including VLV, if you need it).
>> >> >> >> >
>> >> >> >> > If you define your scenario in more detail, we might be able
>> >> >> >> > to
>> >> >> >> > generate
>> >> >> >> > some ideas.
>> >> >> >> >
>> >> >> >> > --
>> >> >> >> > Dmitri Gavrilov
>> >> >> >> > SDE, Active Directory Core
>> >> >> >> >
>> >> >> >> > This posting is provided "AS IS" with no warranties, and
>> >> >> >> > confers
>> >> >> >> > no
>> >> >> > rights.
>> >> >> >> > Use of included script samples are subject to the terms
>> >> >> >> > specified
>> >> >> >> > at
>> >> >> >> > http://www.microsoft.com/info/cpyright.htm
>> >> >> >> >
>> >> >> >> > "Matt Totty (LMCO/USAF)"
>> >> >> >> > <MattTottyLMCOUSAF@discussions.microsoft.com>
>> >> >> > wrote
>> >> >> >> > in message
>> >> >> >> > news:A2ACA407-6E20-4FE1-BF1D-DE99D61A873A@microsoft.com...
>> >> >> >> > > Thank you - this is outstanding information.
>> >> >> >> > >
>> >> >> >> > > The last question I have now before I get the patch and
>> >> >> >> > > begin
>> >> >> >> > > testing
>> >> >> > is
>> >> >> >> > this.
>> >> >> >> > >
>> >> >> >> > > Is there a way to create ABV type views within ADAM? It may
>> >> >> >> > > be
>> >> >> >> > > a
>> >> >> > stretch,
>> >> >> >> > > but this is the final piece of the puzzle before I lay out
>> >> >> >> > > my
>> >> >> > proposal.
>> >> >> >> > The
>> >> >> >> > > end user would like to be able to drill down by AF base
>> >> >> >> > > level.Thanks
>> >> >> > guys.
>> >> >> >> > >
>> >> >> >> > > "Dmitri Gavrilov [MSFT]" wrote:
>> >> >> >> > >
>> >> >> >> > > > The second bit (contanerized index) is useful for
>> >> >> >> > > > one-level
>> >> >> >> > > > VLV
>> >> >> >> > searches.
>> >> >> >> > > > Basically, it is the index on (parentID + attributeValue).
>> >> >> >> > > > This
>> >> >> > index is
>> >> >> >> > > > useless for subtree searches, the ones that Outlook does
>> >> >> >> > > > for
>> >> >> >> > > > generic
>> >> >> >> > LDAP
>> >> >> >> > > > sources.
>> >> >> >> > > >
>> >> >> >> > > > The new index (subtree-ized index) is on (ancestorID +
>> >> >> > attributeValue).
>> >> >> >> > Note
>> >> >> >> > > > that ancestorID has multiple values, one for each ancestor
>> >> >> >> > > > of
>> >> >> >> > > > the
>> >> >> > given
>> >> >> >> > > > node. This index allows to run subtree searches by fixing
>> >> >> >> > > > the
>> >> >> > ancestorID
>> >> >> >> > to
>> >> >> >> > > > the ID of the search base, and then using the
>> >> >> >> > > > corresponding
>> >> >> >> > > > index
>> >> >> > range
>> >> >> >> > for
>> >> >> >> > > > VLV window positioning.
>> >> >> >> > > >
>> >> >> >> > > > If there's no index that can be used for VLV, then we
>> >> >> >> > > > perform
>> >> >> >> > > > the
>> >> >> >> > complete
>> >> >> >> > > > search and dump the results into a temp table, then use it
>> >> >> >> > > > for
>> >> >> > window
>> >> >> >> > > > positioning. However, if the search is too large (more
>> >> >> >> > > > than
>> >> >> >> > > > 10000
>> >> >> >> > entries by
>> >> >> >> > > > default -- defined by an ldap policy), then we fail with
>> >> >> >> > > > unavailable
>> >> >> >> > > > extension error.
>> >> >> >> > > >
>> >> >> >> > > > --
>> >> >> >> > > > Dmitri Gavrilov
>> >> >> >> > > > SDE, Active Directory Core
>> >> >> >> > > >
>> >> >> >> > > > This posting is provided "AS IS" with no warranties, and
>> >> >> >> > > > confers
>> >> >> >> > > > no
>> >> >> >> > rights.
>> >> >> >> > > > Use of included script samples are subject to the terms
>> >> >> >> > > > specified
>> >> >> >> > > > at
>> >> >> >> > > > http://www.microsoft.com/info/cpyright.htm
>> >> >> >> > > >
>> >> >> >> > > > "Lee Flight" <lef@le.ac.uk-nospam> wrote in message
>> >> >> >> > > > news:#vv5CTMwEHA.3808@TK2MSFTNGP15.phx.gbl...
>> >> >> >> > > > > What does this kind of index do? I had thought that the
>> >> >> >> > > > > 2nd
>> >> >> >> > > > > bit
>> >> >> >> > > > > was for VLV functionality...
>> >> >> >> > > > >
>> >> >> >> > > > > Thanks
>> >> >> >> > > > > Lee Flight
>> >> >> >> > > > >
>> >> >> >> > > > > "Dmitri Gavrilov [MSFT]" <dmitrig@online.microsoft.com>
>> >> >> >> > > > > wrote
>> >> >> >> > > > > in
>> >> >> >> > message
>> >> >> >> > > > > news:OF6YQOKwEHA.3624@TK2MSFTNGP09.phx.gbl...
>> >> >> >> > > > > > The indexing is done in the background. When the index
>> >> >> >> > > > > > is
>> >> >> >> > > > > > built,
>> >> >> > an
>> >> >> >> > > > event
>> >> >> >> > > > > > is
>> >> >> >> > > > > > logged.
>> >> >> >> > > > > >
>> >> >> >> > > > > > To create the index, you need to set the 6th bit (64)
>> >> >> >> > > > > > of
>> >> >> >> > searchFlags.
>> >> >> >> > > > > > SchemaMgmt snapin does not know about this bit, so
>> >> >> >> > > > > > you'll
>> >> >> >> > > > > > have
>> >> >> > to
>> >> >> >> > use
>> >> >> >> > > > LDP
>> >> >> >> > > > > > or
>> >> >> >> > > > > > ADSIEdit or script it.
>> >> >> >> > > > > >
>> >> >> >> > > > > > --
>> >> >> >> > > > > > Dmitri Gavrilov
>> >> >> >> > > > > > SDE, Active Directory Core
>> >> >> >> > > > > >
>> >> >> >> > > > > > This posting is provided "AS IS" with no warranties,
>> >> >> >> > > > > > and
>> >> >> >> > > > > > confers
>> >> >> > no
>> >> >> >> > > > > > rights.
>> >> >> >> > > > > > Use of included script samples are subject to the
>> >> >> >> > > > > > terms
>> >> >> > specified at
>> >> >> >> > > > > > http://www.microsoft.com/info/cpyright.htm
>> >> >> >> > > > > >
>> >> >> >> > > > > > "Matt Totty (LMCO/USAF)"
>> >> >> >> > <MattTottyLMCOUSAF@discussions.microsoft.com>
>> >> >> >> > > > > > wrote
>> >> >> >> > > > > > in message
>> >> >> >> > news:B007DE46-306A-49BB-BC9B-BCC177A883B8@microsoft.com...
>> >> >> >> > > > > >> Do you have to stop and restart ADAM for the index to
>> >> >> >> > > > > >> take
>> >> >> > effect?
>> >> >> >> > > > > >> Is there a way to monitor the indexing or does it
>> >> >> >> > > > > >> just
>> >> >> >> > > > > >> crunch
>> >> >> > along
>> >> >> >> > in
>> >> >> >> > > > > >> the
>> >> >> >> > > > > >> background?
>> >> >> >> > > > > >>
>> >> >> >> > > > > >> "Dmitri Gavrilov [MSFT]" wrote:
>> >> >> >> > > > > >>
>> >> >> >> > > > > >> > There's a hotfix that enables VLV functionality in
>> >> >> >> > > > > >> > ADAM.
>> >> >> >> > > > > >> > Get
>> >> >> >> > 838474
>> >> >> >> > > > or
>> >> >> >> > > > > >> > a
>> >> >> >> > > > > >> > later hotfix (e.g. 840901). Note you will need to
>> >> >> >> > > > > >> > create
>> >> >> >> > > > > >> > a
>> >> >> > new
>> >> >> >> > index
>> >> >> >> > > > > >> > (subtree-ized index on cn attribute).
>> >> >> >> > > > > >> >
>> >> >> >> > > > > >> > --
>> >> >> >> > > > > >> > Dmitri Gavrilov
>> >> >> >> > > > > >> > SDE, Active Directory Core
>> >> >> >> > > > > >> >
>> >> >> >> > > > > >> > This posting is provided "AS IS" with no
>> >> >> >> > > > > >> > warranties,
>> >> >> >> > > > > >> > and
>> >> >> > confers
>> >> >> >> > no
>> >> >> >> > > > > > rights.
>> >> >> >> > > > > >> > Use of included script samples are subject to the
>> >> >> >> > > > > >> > terms
>> >> >> > specified
>> >> >> >> > at
>> >> >> >> > > > > >> > http://www.microsoft.com/info/cpyright.htm
>> >> >> >> > > > > >> >
>> >> >> >> > > > > >> > "Matt Totty (LMCO/USAF)" <Matt Totty
>> >> >> >> > > > > > (LMCO/USAF)@discussions.microsoft.com>
>> >> >> >> > > > > >> > wrote in message
>> >> >> >> > > > > > news:B06762D3-1114-46C6-8D84-1F55BDF229AC@microsoft.com...
>> >> >> >> > > > > >> > > I have an ADAM instance with 800-900K objects.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > It serves as the LDAP repository for all of our
>> >> >> >> > > > > >> > > connected
>> >> >> > MIIS
>> >> >> >> > > > > > servers.
>> >> >> >> > > > > >> > > What we have found is that it is very difficult
>> >> >> >> > > > > >> > > at
>> >> >> >> > > > > >> > > best
>> >> >> >> > > > > >> > > to
>> >> >> >> > perform
>> >> >> >> > > > > >> > > any
>> >> >> >> > > > > >> > type
>> >> >> >> > > > > >> > > of bulk operation on an MIIS server with a
>> >> >> >> > > > > >> > > million
>> >> >> >> > > > > >> > > objects.
>> >> >> >> > It's a
>> >> >> >> > > > > >> > management
>> >> >> >> > > > > >> > > nightmare.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > We are primarily using MIIS as a GAL
>> >> >> >> > > > > >> > > synchronization
>> >> >> > mechanism
>> >> >> >> > and
>> >> >> >> > > > > > plan to
>> >> >> >> > > > > >> > > use it for workflow provisioning type scenarios
>> >> >> >> > > > > >> > > in
>> >> >> >> > > > > >> > > the
>> >> >> > future.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > To alleviate the GAL issue and a host of others,
>> >> >> >> > > > > >> > > I
>> >> >> >> > > > > >> > > thought
>> >> >> > it
>> >> >> >> > would
>> >> >> >> > > > > >> > > be
>> >> >> >> > > > > >> > > interesting to experiment connecting directly
>> >> >> >> > > > > >> > > from a
>> >> >> >> > > > > >> > > client
>> >> >> > to
>> >> >> >> > an
>> >> >> >> > > > > >> > > ADAM
>> >> >> >> > > > > >> > > instance with all of the objects.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > To make this solution work, I need a smiliar look
>> >> >> >> > > > > >> > > and
>> >> >> >> > > > > >> > > feel
>> >> >> > as
>> >> >> >> > users
>> >> >> >> > > > > >> > > currently get with their AD/Exchange GAL
>> >> >> >> > > > > >> > > implementations.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > I have noticed that the virtual list view
>> >> >> >> > > > > >> > > fucntionality
>> >> >> > doesn
>> >> >> >> > not
>> >> >> >> > > > > >> > > work
>> >> >> >> > > > > >> > > properly when connecting to ADAM. Every time I
>> >> >> >> > > > > >> > > connect
>> >> >> >> > > > > >> > > I
>> >> >> > get an
>> >> >> >> > > > > >> > unavailable
>> >> >> >> > > > > >> > > critical extension error.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > Are there any plans to integrate the outlook
>> >> >> >> > > > > >> > > client
>> >> >> >> > > > > >> > > closer
>> >> >> > with
>> >> >> >> > > > ADAM
>> >> >> >> > > > > > and
>> >> >> >> > > > > >> > to
>> >> >> >> > > > > >> > > include the VLV fucntionality to support this
>> >> >> >> > > > > >> > > number
>> >> >> >> > > > > >> > > of
>> >> >> > users?
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > There are third party tools and directories that
>> >> >> >> > > > > >> > > we
>> >> >> >> > > > > >> > > can
>> >> >> > also
>> >> >> >> > play
>> >> >> >> > > > > >> > > with
>> >> >> >> > > > > > to
>> >> >> >> > > > > >> > > get this solution to work- and we have proven one
>> >> >> >> > > > > >> > > already.
>> >> >> > But
>> >> >> >> > > > things
>> >> >> >> > > > > >> > would
>> >> >> >> > > > > >> > > be much simpler if they ran "out of the box". Any
>> >> >> >> > > > > >> > > opinions
>> >> >> > or
>> >> >> >> > > > > > direction is
>> >> >> >> > > > > >> > > appreciated.
>> >> >> >> > > > > >> > >
>> >> >> >> > > > > >> > > Thanks
>> >> >> >> > > > > >> >
>> >> >> >> > > > > >> >
>> >> >> >> > > > > >> >
>> >> >> >> > > > > >
>> >> >> >> > > > > >
>> >> >> >> > > > >
>> >> >> >> > > > >
>> >> >> >> > > >
>> >> >> >> > > >
>> >> >> >> > > >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >
>> >> >> >
>> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>> >>
>>
>>
>>
- Next message: Al Mulnick: "Re: Class not registered" Error When Accessing Active Directory"
- Previous message: Johnny Chow: "Branch Office Setup"
- In reply to: Matt Totty (LMCO/USAF): "Re: Virtual List View functionality in ADAM and Outlook"
- Next in thread: Matt Totty (LMCO/USAF): "Re: Virtual List View functionality in ADAM and Outlook"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
