Directory Sync Pro for Active Directory looks for selected object attributes that you have chosen to match objects between the source and target. This screen allows you to control several Directory Sync Pro for Active Directory parameters for this process.
Choose the scope in which Directory Sync Pro for Active Directory should search for matching objects. If you choose Forest, Directory Sync Pro for Active Directory will examine the entire AD forest to match objects. If you choose domain, Directory Sync Pro for Active Directory will only check for matching objects at the domain level for those domains within the scope of this profile.
This is perhaps the most important parameter on this page. What do you want Directory Sync Pro for Active Directory to do if it finds a match based on your chosen mapping parameters? The default is Create or Update. This means that if Directory Sync Pro for Active Directory does not find a match, it will create a new object in the target. If a match is found, Directory Sync Pro for Active Directory will update the attribute values on the target object using the values from the attributes of the source object.
If you choose Create Only, then Directory Sync Pro for Active Directory will create a new object in the target for any unmatched objects. It will not update any attributes for those objects that have been matched.
Choose Update Only to update the attributes from source objects to matched target objects. No new objects will be created if a match is not found. A scenario in which you might choose this would be when the users have been pre-created in the target manually, and you just want to keep changes synchronized.
And finally, Match Only, No update (option not available for Exchange Intra-Forest Profiles) will make no changes to any objects. This is only chosen when you are using another product other than Migrator Pro for Active Directory for AD synchronization. It will import the values that are needed when Migrator Pro for Active Directory performs the ReACL and Cutover actions.
There may be the rare occasion where an object of one type in the source has a matching value for an object of another type in the target. Since these are not the same type, you may want Directory Sync Pro for Active Directory to be more precise in deciding if an object is a match. Check this box to require the type of object to be a final matching criterion.
For example, suppose CN or Common name is one of your matching criterion. And in the source we have a user with a Common Name of Cheryl in the source. In the target, we have a contact with the Common name of Cheryl. Directory Sync Pro for Active Directory would normally match these objects because they have the same Common name. If you check this box, it will consider that the object class is not the same, and therefore these objects do not match after all.
The relink option only comes in to play in the rare occasion that you have reset a profile thereby removing the objects created by this profile from the SQL database. But you did not delete the actual target objects created by Directory Sync Pro for Active Directory. Without the relink option, when this profile is synced again, Directory Sync Pro for Active Directory would not recognize the objects that it may have already migrated to the target as created by itself. This could cause unwanted behavior, depending on your Matching Action choices. This may also cause problems if you had chosen the rename option for collisions, as the rename could be appended or prepended twice due to an already existing renamed target object. We suggest that you leave this box checked. This will allow Directory Sync Pro for Active Directory to look for a special attribute that is populated by Directory Sync Pro for Active Directory in the target so that it knows that this object was created by Directory Sync Pro for Active Directory.
This option works in conjunction with the relink option. If Directory Sync Pro for Active Directory finds an target object that it had previously created based on the special relink attribute, it will mark the matching source object as Ready to Sync. This means the object will be included and updated during the next sync cycle, as long as Update is part of one of your Matching Action choices. We suggest that you leave this box checked.
The mappings page controls where and how the values of a source attribute should be placed in the target attribute. By default this is a one-to-one mapping, but you can change it. For example, whatever the value is for company name for all objects in the source that have that value will be used to the fill the company name value for all objects that have that attribute in the target. However, you can edit and customize the mappings to fit any special needs.
As an example, suppose that you are doing an inter-forest migration where the target company has acquired the source company. The source company uses the Employee Number field as a unique identifier. However, the target company uses the Employee ID for this same purpose. We can modify the mappings to make this adjustment. First, we will make sure that the Employee ID field in the source does NOT get mapped to the EmployeeID field in the target as we plan to have a different source field mapping to that. we can just empty it out, or we could remove the entire mapping.
Now we will map the Employee Number source field to the employee ID target field. If you need to get more granular, you can specify the source and target object types that this should only occur with. Such as just user target objects. In my example, there is no need because this attribute is only found on user objects anyway.
You can control the number of items included in the window here. You can search for a particular mapping with the search box. You can filter the attributes by object type to narrow your listing.
Click on the advanced button for more options, including the ability to reset everything.
Choose default mappings to return all mappings to the default. All standard AD attributes will be mapped, any manually added mappings or attributes discovered as part of the AutoMap process will be deleted.
Choose Discover Custom Attributes if you are using software that has extended the schema. Directory Sync Pro for Active Directory will populate the source and target field column with any newly-discovered attributes. You can then manually choose the ones that you want to map.
Or, choose Auto Map, and Directory Sync Pro for Active Directory will map these extended attributes wherever it find a match between the source and target fields.
As a final option, you can import a CSV file that contains only the mappings that you would like to use. If you import mappings, be sure that the file contain all of the mappings that you intend to use, as importing this file will completely overwrite all existing mappings.
Synchronization is the process of making changes to the SQL database. You can run synchronization on a regular schedule as part of your profile settings, or you can manually run a synchronization here at any time.
Before we examine these choices, let's look at the terminology used for synchronization. Extracting information from the source and putting it into the SQL database is called a PUSH. Extracting information from SQL to create objects in the TARGET is call a PULL.
The most common action is a Push Pull. This will update or PUSH, the SQL database with any changes to the source, and then the target will pull those changes from SQL into itself. This will cause any new objects to be created in the target, and updates to existing source objects to be updated in the matching target object, depending on your matching action choices. If you are using our Migrator Pro for Active Directory product, a Push Pull sync is what happens when you press the Sync button in that console.
Another common action is to run a simulation. This will do a PUSH into the SQL database, but no changes will be made in the target. This will result in a sync report appearing in the logs and reports page. It's a good idea to run a simulation before you actually do a real Push/Pull. This will allow you to look for any errors or issues and fix them before the real thing.
Rarely, you may choose to perform only a PUSH or only a Pull action if need to made some corrections to help SQL match the actual environment without a complete sync ,or as instructed by Support.
A profile must be in the Active state before you can perform any type of synchronization.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center
