Directory Wizards Inc.

Solutions For Your Directory Needs

• Products
• Support
• Knowledgebase
• Blog
• DirWiz Gear
• About
• Home

RSS feed

Categories

• Active Directory
• ADAM
• Address Manipulation
• BPOS
• Exchange 200x
• Exchange 5.5
• Exclusions
• General
• Group as Group Sync
• Groupwise
• LDAP SSL
• LDIF
• Licensing & Keys
• Lotus Notes / Domino
• Map Files
• Master/Spoke
• Netscape
• ODBC
• Oracle
• Outlook
• Profiler
• SharePoint
• Troubleshooting
• UnitySync
• USync
• Windows 2000

Knowledgebase

Advanced Create/Join

Category:Active Directory

Last Updated:2011-08-03

Download PDF version

Join and Create/Join Rules:

• Join with existing objects - If you already have Contacts in your destination directory, you can configure a connection to search for and link to these existing objects. A Source index and Dest index attribute are required to identify matches between source and destination. You may allow update of all (default) mapped attributes, or you may define specific attributes to be updated (Modify Attribs). In a Join Only connection, new objects are not created, instead, specific attributes of existing destination objects are maintained. In a Join Only connection, existing objects are updated. New objects are not created and objects are never deleted.
   
• Create and Join combined - In this configuration, the Create and Join functions are combined. When th connection runs, it will search for an existing destination object. If an existing object is found, it will be updated. If no existing object is found, a new object will be added. In a combined Create/Join connection, destination objects (created or joined) are maintained as the source object changes. If a source object is deleted (or goes outside the scope of the sync) the corresponding destination object may be deleted.
  
  Reject On Match: When using a Create/Join, you  may limit which objects may be Joined to using the Reject On Match option.   When enabled, only objects in the destination Sync Container will be Joined. In other words: If a Join match is found in the Sync container, the Join will be made. If a match is found elsewhere, outside the Sync container, no action is taken, a Join Match error is logged.  (Assuming Create is enabled, if no matching is object is found, then an ADD is performed.)
   

There are two methods available for implementing a Join with Existing Objects.

Only one of these options may be used in a connection.
 

1. Joins based on single Source Index and Dest Index attribute
   
   OR
    
2. Joins based on an Advanced Join Query. This option allows ldap query logic to be specified in order to compare multiple values to identify objects to match.

Source Index and Destination Index: To utilize the Source/Dest Index Join functionality, you must identify an index attribute on both the source and destination directories. These attributes must contain unique values which UnitySync will use to identify matching objects between the source and destination directories. Most commonly used Index attributes are mail/mail. See 'Important Notes' below for Index attribute requirements.

Advanced Join: To utilize the Source/Dest Advanced Join functionality, you must enter a valid LDAP query. This query may compare one or more source attribute values to one or more destination attribute values. Query on proxyaddresses.

Advanced Join Example: A common use of this feature is to compare the source object's primary email address to the destination object's primary email address AND its ProxyAddresses, allowing a Join to match on existing objects if the email address is found in either attribute.

Ex200x to Ex200x examples:
OneSource-to-ManyDest join query syntax:
(|(mail=^mail^)(proxyaddresses=smtp:^mail^))
Translation: (Dest mail = Source mail) OR (Dest Mail = source Proxyaddresses)

Many to many Join query syntax:
(proxyaddresses=[proxyaddresses])
Translation: (Dest proxyaddresses = source Proxyaddresses)
 

ManySource to OneDest Join Query syntax:
(mail=[allmail])
Translation: (Dest Mail = source Proxyaddresses)

Query on displayname AND primary mail address

(multiple one to one query):
E2k-to-E2k sync example: (&(mail=^mail^)(displayname=^displayname^))
Translation: (Dest Mail = source mail AND dest displayname = source displaname)

Important Notes about Joining With Existing Objects

• See Join and Create/Join rules at the beginning of this section.
• When Joining with objects on an AD/Ex200x domain, UnitySync will query the Global Catalog to find the match. Therefore, the connection's Destination IP must be that of a Domain Controller that contains the Global Catalog. Always specify the standard ldap port (389) when writing to AD. However, since the Join will query the Global Catalog, the UnitySync server must have access to read from the Global Catalog's ldap port, 3268.
• The attribute specified as the Dest Index must be in the Global Catalog, must be indexed.
• Join mode will find and link to any type of Person object (i.e. User or Contact). As long as the index matches, a link is established. If the matching index is a User object, that User object will be linked to. If the matching index is a Contact, that Contact will be linked to.
• If Create function is being used in conjunction with Join, all Joined objects become 'owned' by UnitySync. If Delete Processing is set to 'Process Deletes' these objects may be deleted by UnitySync. If you want straight Join functionality (that will never delete your existing objects) you should not specify any Create parameters. Alternatively, you can set Process Deletes to 'Ignore Deletes'.

For more info, refer to the  Join With Existing Destination Objects  topic of the UnitySync Help File.

© 2011 Directory Wizards Inc.