Eric Fleischman's WebLog

I'll think of a clever title one day. Today's not that day. Tomorrow's not looking good either.

Eric Fleischman's WebLog

  • Large AD database? Probably not this large...

    Over the last few months there have been a series of threads in regard to max <fill in the item here...there have been many> in a database. These items have ranged from database size to # of objects and other such things. I figured, after the latest...
  • ADAMSync can also transform users in to proxy users

    Now that we have ADAMSync synchronizing our data over, we should probably investigate the most commonly asked for transformation: proxy user transformation. When we introduced proxy bind in ADAM RTM, customers seemed to really connect with the semantic...
  • Finding the lost&found container in S.DS.P...or anything that isn't ADSI really

    I found myself writing a piece of C# which would go hunt for objects in lost&found today. This is a pretty straight forward task….find that container, pop in to it and search away. I usually do this by looking at the lost&found well known GUID...
  • Configuring and running ADAMSync for the first time

    So now that our ADAM schema is ready, we can go ahead and start configuring ADAMSync. We need to do three things to get ADAMSync running at this point: 1) Modify the XML file. The XML file is used as the configuration point for ADAMSync, so we’ll tweak...
  • Syncing to our OU=SyncTargetOU NC instead

    Earlier in this series of posts I changed our sync target from form “OU=” to “DC=”. This was done to carefully skirt around a small issue. Now with our new found knowledge of logging in ADAMSync, let’s give it another try. So let’s go ahead in to our...
  • Another access based enumeration mention.....

    WS2003 Service Pack 1 brings with it all sorts of goodies. I’ll try and mention many of the AD ones over the next few weeks, but one I can’t help but mention sooner rather than later is access based enumeration. Rather than digging in to the feature,...
  • Constructed attributes are your friend

    The schema itself has a whole lot of interesting nuances. Within the schema we define multiple different types of attributes. One of the most useful attribute types we have might just be the constructed attribute. Constructed attributes are interesting...
  • Synchronizing only the attributes you really want

    In our previous ADAMSync runs we synchronized all attributes except those in the <exclude> tags. This is probably ok for our tinkering, but in a real scenario, you might want to consider picking those you want instead of getting everything but those...
  • Change visibility in the directory...or lack there of (aka "what's the point of aging?")

    I’m often asked about aging in adamsync so I thought I’d present the more general problem here for people to ponder. Hopefully this gives some context around the problem which aging in adamsync is supposed to address. Imagine you are writing a tool...
  • Gotta get the schema right first

    Before trying to synchronize much of anything, we need to make sure the required schema elements are in place. NOTE: I would estimate that around a third of all questions I've received on ADAMSync came back to schema problems. It is critically important...
  • Getting a log from ADAMSync

    Over the course of the next few posts we’re going to start modifying all sorts of things in the configuration. Depending upon the particulars of your environment this might or might not pan out. :) As such, we should probably take a quick look at the...
  • On ADAM user authentication….

    I just noticed that Doug Lawty has a blog, and that he recently posted on ADAM as well. I think Doug is spot on with some of his conclusions, I also feel the need to clarify the statements made along the way a bit. :) > Kerberos (Remember, ldap binds...
  • AWE in WOW64 on x64

    Here in the EEC, was asked a good question the other day, thought I’d pass it along. So the scenario is that the engagement in question was to run SQL 2000 SP4 on a box running Win2k3 x64 Enterprise Edition. The server had a good chunk of RAM (I think...
  • ADAMSync in R2 - a new sync option

    Welcome R2 RC0 ! As you might have heard, it’s hit the streets. With R2 comes the latest version of ADAM . ADAM has been a download from Microsoft.com since 2003. Since that time, based in part on customer feedback, the decision was made to bundle ADAM...
  • Garbage collection & TSL warnings...why now?

    I was recently pinged by a friend who is rolling out LH in their production environment. They were having an interesting issue where the LH DC showed these two events, in this order: (event log entries snipped some for brevity) Log Name: Directory...
  • Thank you server may I have another thousand

    Today I spent several hours working on an issue with ranged retrieval when I realized, many people probably don’t know what it is! Let me explain. In Active Directory (AD) and Active Directory Application Mode (ADAM) some people have attributes that have...
  • A variety of things.....

    So much going on..... Had a week and a half of vacation which was nice. It was nice to get back to see the family, go to a friend's wedding, and just generally relax. I'm very much on board with this change to the CLR (I guess it's touching a lot of VS...
  • ArrayList and Synchronized()...the misleading method

    I recently found myself wondering about synchronization when using an ArrayList in managed code. I was building up an ArrayList and iterating through it. Both insertion into and iteration over the list are being done by many threads simultaneously. Naturally...
  • Highly available ADAM

    I thought I'd post on ADAM once more before moving on to something new. Once you get me started on something, it's tough for me to switch gears! One of the most common questions I’m asked about ADAM is “how do we deploy highly-available LDAP/LDAPS?” In...
  • Horse, go get in front of that cart would ya?

    After my post the other day I couldn’t help but think that perhaps I had an ordering problem. I was really outlining the solution to a problem which had not yet been scoped. Let’s take a step back. We so often throw the term “ACL” around, like it’s some...
  • "Brett" Unplugged - Still no posts

    I thought I’d follow up our last post with a quick update as to Brett’s foray in to the blogging world. Over the last couple of months, we’ve seen a few areas of motion: - We’ve had some further category refinement. This should come as no surprise, categories...
  • I had no idea Jim was blogging

    I just learned that Jim Johnson is blogging. Very cool indeed. I'm a fan of that team's work. I had the pleasure of meeting Jim not too long ago, and was really impressed with what that team is up to. Jim recently blogged about some of their Longhorn...
  • The story of squeaky lobster

    I am rarely as excited about a blog post as I am about this one. Brett has finally told the story of squeaky lobster. Thankfully, it is documented for all of time! I was at the fateful dinner where it was revealed that a crush was involved. I remember...
  • Superbowl commercials

    I'm not one for the game really, but the commercials are usually a lot of fun to watch. This year was particularly entertaining as a friend took the time to put together a spreadsheet and track what we thought. You know you're in a good crowd when someone...
  • Nope, sorry, not today.....

    Today Dell commented on the rumors around shipping with an AMD chip. In a word, no . Not shocking, but good to hear the yea/nea from the horses mouth rather than the rumor mill. Me? I still don’t mind either way. I like Intel and AMD chips, or anyone...