How to Configure the ADMA to Set a Customized Full Name Attribute in the ADMA (311027)


The information in this article applies to:

  • Microsoft Metadirectory Services 2.2 SP1
This article was previously published under Q311027

SUMMARY

This article describes how to configure the Active Directory Management Agent (ADMA) to populate User and/or Contact objects in Active Directory with a customized FullName attribute.

MORE INFORMATION

The FullName attribute must be set during the provisioning phase of creating accounts in Active Directory. This means that the code to change the construction of the FullName attribute is in the New Connectors template. It is not set in the CD Account from Connectors template. This behavior is different than that for the Display Name, the User Logon Name, or the SamAccountName attributes.

An attempt to set the FullName attribute in the CD Accounts from Connectors template results in a failure to customize the FullName attribute in Active Directory. In this case, the default construction methods will be used instead, and the FullName attribute will be constructed from the metaverse Common Name attribute ($mv.cn).

To Customize Full Name Construction

  1. Use Compass to log in to the directory as an administrator.
  2. On the Bookmarks menu, click Management Agents.
  3. In the right-side panel, click the appropriate ADMA.
  4. In the left-side panel, click Configure MA.
  5. Click the Connected Directory Specifics tab.
  6. Click the Active Directory Object Creation Settings tab.
  7. In the Default Creation Setting box, click the Full Name button for either users or contacts.
  8. Click Use Custom Construction.
  9. Click Edit The Full Name Custom Script. A dialog box opens that you can use to edit the fullname creation script.
  10. By default, the following code is used. This code begins with the surname attribute. It then uses the $Trim function to take the first three letters of the first name. It then uses the $Unique_ID function to create a three-character string which is guaranteed to be unique within this connector space. Finally, all the strings are concatenated to create the full name:
    ($sn)($trim("$givenName",1))($unique_ID(3))
  11. Click OK, click OK, and then click OK to apply the changes and return to Compass.

Understanding the Full Name Custom Script

You can use the Full Name Custom Script to customize the fullname attribute to your specification. However, it is important to understand that your custom script is first stored in an attribute. The $EXPORT_TEMPLATE function in the CS/CD construction templates then use this attribute to build the fullname attribute in Connector Space.

Understanding the Fullname Attribute

The fullname attribute value constructs the Relative Distinguished Name (RDN) in Active Directory and in MMS connector space. The Active Directory RDN is equivalent to the MMS Common Name (CN). The RDN is used as a component of the Distinguished Name (DN) in Active Directory.

NOTE: The CN attribute has a 64-byte limit in Active Directory.

Viewing the Code that Makes the Full Name Change

  1. Click the ADMA.
  2. Click Design MA, click the Connected Directory tab, and then click the Output Construction Template tab.
  3. Click the New Connectors tab.
  4. The following code for user objects is used the set the value:
    # Check if this object will be a user in which case we must apply the 
      # The user fullname construction rule should be applied
      if $exist($multi_valued("$MA()", $mv.msMMS-managedByMA)) = TRUE
      then
         if $MA($msMMS-AdMaUserFullNameProjection) = SurnameCommaGivenName
         then
           $v_fullName = ($mv.sn, )($mv.givenName)
         else
            if $MA($msMMS-AdMaUserFullNameProjection) = Custom
            then
               $v_fullName = $export_template("$MA($msMMS-AdMaUserFullNameProjectionTemplate)")
            else
               $v_fullName = $mv.cn
            endif
         endif

      # The object is going to become a contact in AD
      # The contact fullname construction rule should be applied
      else
         if $MA($msMMS-AdMaContactFullNameProjection) = SurnameCommaGivenName
         then
           $v_fullName = ($mv.sn, )($mv.givenName)
         else
            if $MA($msMMS-AdMaContactFullNameProjection) = Custom
            then
               $v_fullName = $export_template("$MA($msMMS-AdMaContactFullNameProjectionTemplate)")
            else
               $v_fullName = $mv.cn
            endif
         endif
      endif
    The following code is code for contact objects: 
    # The object is going to become a contact in AD
# The contact fullname construction rule should be applied
if $MA($msMMS-AdMaContactFullNameProjection) = SurnameCommaGivenName
then
  $v_fullName = ($mv.sn, )($mv.givenName)
else
  if $MA($msMMS-AdMaContactFullNameProjection) = Custom
  then
    $v_fullName = $export_template("$MA($msMMS-AdMaContactFullNameProjectionTemplate)")
  else
    $v_fullName = $mv.cn
  endif
endif

How Together Administration Management Agent (TAMA) Is Involved in this Process

TAMA is the specialized MA that is used to provision selected metaverse objects into an MA's connector space (CS). In turn, the MA can create corresponding new objects in its connected directory. The New Connectors template is applied when TAMA is run, and this governs the construction of the new CS objects. After TAMA runs, you should see the object that was created in connector space. The new object should follow the configuration that was specified in the new custom construction. If this does not happen, you should review the ADMA log files to ensure that the script is working. There is a known issue when metaverse objects are built with a multi-component RDN.

For additional information about this problem, click the article number below to view the article in the Microsoft Knowledge Base:

312388 Custom Full Name Attribute Setting is Ignored by the ADMA

Why the Fullname Attribute Is Configured in the New Connectors Template

A peculiarity of the ADMA requires that when new objects are pushed out to Active Directory, the MMS common name must match the AD fullname. This requirement exists only for the period of time between the successful creation of the object in AD by MMS and the first successful discovery of the object by MMS in AD and occurs because the AD GUID is not yet known to the MMS object. Until the GUID has been recorded in the MMS hologram for the object, the only mechanism that MMS can use to match MMS objects to their corresponding AD object is though the MMS common name value. Once the GUID has been recorded in the MMS hologram, the restriction is lifted because all future identification is based on the object's GUID.
Modification Type:MajorLast Reviewed:10/2/2003
Keywords:kbenv kbhowto KB311027
©2003 Microsoft Corporation. All rights reserved.