Поділитися через


Design and Planning Sample Worksheets for MIIS 2003

Applies To: Windows Server 2003 with SP1

The Design and Planning Sample Worksheets for Microsoft Identity Integration Server (MIIS) 2003 will assist you in your MIIS 2003 deployment. Each Design and Planning worksheet corresponds to a different document within the MIIS 2003 Technical Library Design and Planning collection. Because the worksheets require you to input data specific to your environment, read the Design and Planning collection to discover what environment-specific information you need to include. See Design and Planning Worksheets for MIIS 2003 for blank worksheets that are ready to use.

Initiating Your Project

Worksheet 1: Vision Statement and Solution Objectives

  • Read the Initiating Your Project document before completing this worksheet.

  • Fill out one Vision Statement and Solution Objectives worksheet for your MIIS 2003 deployment.

  • INSTRUCTIONS: Create a statement that includes your goals for this project, including your specific objectives for the solution. Include all possible objectives and do not try to prioritize them. Analyze each goal and objective for feasibility, product support, effect on connected data sources, and effect on network resources.

Worksheet 1: Vision Statement and Solution Objectives

Preparer and date Vision Statement

Mike Danseglio, March 19

By using Microsoft Identity Integration Server 2003, Fabrikam will achieve the following high-level solution:

  • Combine all relevant staff member details from multiple sources.

  • Remove the data conflicts by synchronizing key data across connected data sources.

  • Formalize a workflow/dataflow model that minimizes administrative effort while enhancing security.

Solution objective Business Reason Participating Data Sources

 The first goal of Fabrikam is to create an aggregated view of Fabrikam employees from which all of the data sources in Fabrikam can be managed.

 Streamline the dataflow model to reduce administration costs.

 Fabrikam uses the employee object from the HR system and related data from the other four connected directories to create a person object in the metaverse.

Designing a System Dataflow Model for MIIS 2003

Worksheet 2: Real-World Identity Objects

  • Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.

  • Fill out one Real-World Identity Objects worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each real-world identity type in the solution. Include a row for each connected data source object. Do not include objects that are not part of your solution.

Worksheet 2: Real-World Identity Objects

Preparer and date Real-world identity type

Mike Danseglio, March 19

Staff Member

Management Agent Object Type Provisioned Y/N Join Y/N Project Y/N Discovery Notes Other Notes

Fabrikam Active Directory MA

User

Yes

No

No

During discovery we join existing Employee objects from HR

 

Fabrikam HR SQL MA

Employee

No

Yes

Yes

 

 

Telephone MA

PhonePerson

Yes

No

No

During discovery we join existing Employee objects from HR

 

Lotus Notes MA

Person

Yes

No

No

 

 

Worksheet 3   Connected Data Sources

  • Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.

  • Fill out one Connected Data Sources worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each connected data source in the solution. Include a row for each object. Do not include objects that are not part of your solution. List all objects in the specified connected data source that represent any real-world objects.

Worksheet 3: Connected Data Sources

Preparer and date Management agent/type Connected Data Source Owner Contact (who can change) Backup and restore policy Security Issues

Mike Danseglio, March 19

Fabrikam HR SQL MA/Microsoft SQL 2

Fabrikam HR System

Mike Danseglio

Jamie Reding

Backed up at midnight on MTWRF.

None

Name Unique ID Notes and other policies

Employee

EmployeeID

A read-only view will be provided for this object

 

 

 

Worksheet 4: Object-Level Policies

  • Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.

  • Fill out one Object-Level Policies worksheet for each object type for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each connected data source object in the solution. Include a row for each policy, and group each into New object policies and Delete objects policies. Do not include objects that are not part of your solution.

Worksheet 4: Object-Level Policies

Preparer and date Management agent Object

Mike Danseglio, March 20

Fabrikam HR SQL MA

Employee

Action Object-Level Policy Reason/Notes

New object

Filter out all objects where the LeftDate is earlier than 1 Jan 1980

Don’t need employees who left before Syban systems was implemented

 

Attempt to join new object with an existing Active Directory user object by using the following rules:

Match the employeeID

Match the FirstName, LastName and DepartmentName against givenName,sn and department

If no match is resolved, continue with the next step

Occasionally, a staff member account is created in Active Directory before the HR system or they might have been deleted from HR by accident

 

If the join failed:

For an object with EmployeeStatus = “active”, and EmployeeType = “employee” provision into Active Directory, Notes and Telephone MA.

 

 

For an “active” object of type “contractor”, provision into Active Directory and Notes MA.

 

 

For an “active” object of type “admin-temp”, provision into Active Directory and the telephone systems MA

 

 

For a “pending” object of type “summer-student”, provision Active Directory with a disabled account and create a delayed action event to enable the Active Directory account on the DueToStart date.

Fabrikam takes on a large number of students for summer work, these accounts need to be created ahead of time so that the manual work of assigning them resources can be completed before they start

 

For objects with EmployeeStatus = “terminated” do not provision any MAs

 

Delete object

If EmployeeStatus was “terminated”, delete the linked objects from all MAs - including any delayed action events that might have been queued

 

 

If EmployeeStatus was “active”, disable Active Directory and Notes accounts and set the Telephone comment to “left”. Create a delayed action for a delete of all associated objects in 30 days.

Occasionally an employee can be deleted by accident, we don’t want to lose the employee’s Active Directory SID and Notes ID information immediately in case the employee record is re-instated.

Worksheet 5: Included Attributes

  • Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.

  • Fill out one Included Attributes worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each object in the connected data source directory. List all appropriate attributes. Include a row for each attribute, and leave out those attributes that are not appropriate. For those attributes that are required to follow from the metadirectory to the connected data source, complete the Outbound Attribute section of the table.

Worksheet 5: Included Attributes

Preparer and date Management agent Connected Data Source Object

Mike Danseglio, March 21

Telephone MA

PhonePerson

Name Data Type Multi-Values Y/N Content Structure Outbound Y/N (Outbound) Requires Validation Y/N (Outbound) May be Overwritten with Null Y/N (Outbound) Business Justification (Outbound) Quality and Precedence Notes (Outbound) Notes

StaffID

String

 

HR system unique employee ID

Yes

No

No

 

 

Is unique

FirstName

String

 

 

Yes

No

No

 

Often incorrect

 

LastName

String

 

 

Yes

No

No

 

Often incorrect

 

FullName

String

 

<LastName> <comma> <FirstName>

Yes

No

No

 

Often incorrect

 

StaffStatus

String

 

 

Yes

No

Yes

 

 

Blank or contains “Has left - please transfer to inactive”

Manager

String

 

 

Yes

No

Yes

 

 

Contains the StaffID of this person’s manager, might be empty

WorkTel

String

 

7 character telephone number

No

 

 

 

Often Incorrect

 

HomeTel

String

 

7 character telephone number

 

 

 

 

High quality, should be the primary source

 

Worksheet 6: Outbound Attribute Flow

  • Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.

  • Fill out one Outbound Attribute Flow worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one worksheet for each object in the solution. List all outbound attributes (use another sheet if necessary) and include a row for each attribute. Do not include attributes that are not part of your solution. Fill out one worksheet for each connected data source. Map each metaverse attribute to a data source attribute in the outbound attribute flow.

Worksheet 6: Outbound Attribute Flow

Preparer and date Management agent Object Metaverse Object

Mike Danseglio, March 22

Telephone MA

PhonePerson

Person

Name Validation Validation Failure Action Transformation May be Overwritten With Null Y/N (Metaverse) Name(s) (Metaverse) Considerations or Policies Needed

StaffID

 

 

 

No

employeeID

 

LastName

 

 

 

No

Sn

 

FirstName

 

 

 

No

givenName

 

FullName

 

 

givenName <space> sn

No

givenName

sn

 

StaffStatus

 

 

 

No

 

 

Worksheet 7: Metaverse Object Design

  • Read the Designing a System Dataflow Model for MIIS 2003 documents before completing this worksheet.

  • Fill out one Metaverse Object Design worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each object type in the metaverse. Include one row for each attribute to be included in this object.

Worksheet 7: Metaverse Object Design

Preparer and date Object

Arlene Huff, March 22

StaffMember (Note: This example illustrates the creation of a new Metaverse StaffMember object for this scenario)

(MV Attribute) Name (MV Attribute) Content Structure (MV Attribute) Joined Y/N (CD Source) Management Agent (CD Source) Object (CD Source) Precedence When Can This Attribute Not Replace the Metaverse Attribute (CD Source) Considerations or Policies Needed

Sn

Employee’s lastname

Yes

Fabrikam AD MA

User

When last supplied by HR

 

 

 

 

Fabrikam SQL HR MA

Employee

 

 

givenName

Employee’s first name

Yes

Fabrikam AD MA

User

When last supplied by HR

 

 

 

 

Fabrikam SQL HR MA

Employee

 

 

Mail

<firstname><dot><lastname>@fabrikam.com

No

Fabrikam AD MA

User

 

 

 

 

 

Fabrikam SQL HR MA

Employee

When last supplied by Active Directory

 

Mobile

PhonePerson’s mobile telephone number

No

Telephone MA

TelephonePerson

When last supplied by Active Directory

 

 

 

 

Fabrikam AD MA

User

When last supplied by Telephone

 

displayName

String

<firstname> <space> <lastname>

No

Fabrikam SQL HR MA

Employee

 

 

 

 

 

Fabrikam AD MA

User

When last supplied by HR

 

EmployeeID

String

Unique HR employee ID XX9999999

Yes

Fabrikam AD MA

User

When last supplied by HR

 

Manager

Reference to another person object

 

Fabrikam SQL HR MA

Employee

 

 

Planning the Metaverse for MIIS 2003

Worksheet 8: Metadirectory Object Policies

  • Read the Planning the Metaverse for MIIS 2003 document before completing this worksheet.

  • Fill out one Metadirectory Object Policies worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each real-world identity; include a row for each connected data source object rule. List rule type and rule details for synchronization.

Worksheet 8: Metadirectory Object Policies

Preparer and date Metaverse object Real-world name MV Deletion Rule Object Deletion Policy

Arlene Huff, March 22

Person

Staff Member

When all connected objects are disconnected

Objects are deleted from the metaverse when deprovisioned from the HR system.

Management Agent Object Rule Type Rule Details Notes

Fabrikam HR SQL MA

Employee

Filter

LeftDate<’1990/01/01’

Staff who left before this date should not be included

 

 

Join

When EmployeeID=EmployeeID

 

 

 

Project

If the join fails, project

 

 

 

Deprovision

Make a disconnector

 

Telephone MA

PhonePerson

Provision

When EmployeeStatus= “active” and EmployeeType = “employee” or “admin-temp”

 

 

 

Deprovision

Delete from Telephone list

 

Lotus Notes MA

Person

Join

Very complex, see the “Joining from Notes” section

 

 

 

Project

When EmployeeStatus= “active” employees where EmployeeType = “employee”, “contractor” or “admin-temp”

 

 

 

Provision

When EmployeeStatus= “active” and EmployeeType = “employee”, “contractor” or “admin-temp”

 

 

 

Deprovision

See “Deprovisioning Notes” section

Custom rule required

Fabrikam Active Directory MA

User

Filter

samAccountName starts with ‘admin’

Admin accounts should not be included

 

 

Join

When EmployeeID=EmployeeID

 

 

 

Project

When EmployeeStatus= “active” and EmployeeType = “employee”, “contractor” or “admin-temp”

or

When EmployeeStatus= “pending” and EmployeeType = “summer-student”

 

 

 

Provision

When EmployeeStatus= “active” and EmployeeType = “employee”, or “contractor” or “admin-temp”

or

When EmployeeStatus= “pending” and EmployeeType = “summer-student”

 

 

 

Deprovision

Delete from Active Directory

 

Worksheet 9: Inbound Attribute Flow

  • Read the Planning the Metaverse for MIIS 2003 documents before completing this worksheet.

  • Fill out one Inbound Attribute Flow worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each object in the solution. List all inbound attributes (use another sheet if necessary) and include a row for each attribute. Do not include attributes that are not part of your solution. Complete one worksheet for each object in each connected data source.

Worksheet 9: Inbound Attribute Flow

Preparer and date Management agent Connected Data Source object Metaverse object

Arlene Huff, March 22

Fabrikam HR SQL MA

Employee

Person

Names(s) Validation Validation Failure Action Transformation Manual Precedence Y/N Name Notes

FirstName

Must not contain any of the following characters: non-printable, punctuation symbols, quotation marks. It is limited to twenty bytes.

Do not flow the attribute or provision a new object

 

 

givenName

 

LastName

Must not contain any of the following characters: non-printable, punctuation symbols, quotation marks. It is limited to twenty bytes.

Do not flow the attribute or provision a new object

 

 

Sn

 

FirstName

LastName

 

 

firstName <space> LastName

 

displayName

 

 

 

 

First letter of FirstName plus LastName

 

samAccountName

Total string length must not exceed 20 characters, must be unique in the Active Directory MA

Email

No

Yes

 

 

<various>

If Email=”create”, then create an e-mail box for the user

HomeTel

No

No

If present replace international dial code (00, 010) with +

 

homePhone

 

Worksheet 10: Metaverse Attribute Design

  • Read the Planning the Metaverse for MIIS 2003 document before completing this worksheet.

  • Fill out one Metaverse Attribute Design worksheet for your MIIS 2003 deployment.

  • INSTRUCTIONS: Complete one worksheet for the whole metaverse. Include one row for each attribute that you require.

Worksheet 10: Metaverse Attribute Design

Preparer and date

Arlene Huff, March 22

Name Data Type Indexable Y/N Multi-Values Y/N Indexed

Sn

String

Yes

 

 

givenName

String

Yes

 

 

Mail

String

Yes

 

 

Mobile

String

Yes

 

 

displayName

String

Yes

 

 

Manager

Reference

No

 

 

Member

Reference

No

Yes

 

Planning Synchronization Rules for MIIS 2003

Worksheet 11: Connector Filter Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Connector Filter Rules worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List all conditions of each connector filter rule in their order of precedence. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.

Worksheet 11: Connector Filter Rules

Preparer and date Management agent

Alan Brewer, March 23

Fabrikam HR SQL MA

Filter # (Precedence) Attribute Operator Value

1

employeeStatus

Equals

“Active”

 

branchID

Ends with

“SEA”

2

hireDate

Contains

2002

Worksheet 12: Join Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Join Rules worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List all conditions of each join rule in their order of precedence. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.

Worksheet 12: Join Rules

Preparer and date Management agent

Alan Brewer, March 24

Fabrikam HR SQL MA

Rule # (Precedence) Source Attribute Mapping Type Metaverse Object Type Metaverse Attribute Resolution Script Resolution Script Description/Location

1

employeeID

Direct

“Active”

employeeID

Yes

 

 

givenName

Direct

Person

givenName

No

 

2

Sn

Rules Extension

2002

Sn

Yes

 

Rules Extension Description

Rules Extension for #2

Concentrate the Sn and givenName if successful resolution found

Worksheet 13: Projection Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Projection Rules worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List all conditions of each projection rule. Include specifics for rules extension if using error handling. Fill out one worksheet for each management agent.

Worksheet 13: Projection Rules

Preparer and date Management agent

Alan Brewer, March 24

Fabrikam HR SQL MA

Source Object Type Metaverse Object Type or Rules Extension Description of Rules Extension

Employee

Person

  

Employee

Rules Extension

If from Forest A, then map to contact object type.

Other Rules Extension Metaverse Object Type or Rules Extension Description of Rules Extension

Error Handling

Rules Extension

If projection fails, do…

Worksheet 14: Import Attribute Flow Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Import Attribute Rules worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List the important attribute flow rules for each object in each management agent. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.

Worksheet 14: Import attribute flow rules

Preparer and date Management agent

Alan Brewer, March 24

Fabrikam HR SQL MA

CD Attribute Mapping Type Mapping Type Details Destination Object Destination Attribute Precedence

employeeID

Direct

N/A

Employee

UID

2

firstName, lastName

Rules extension

Combine names

Employee

fullName

1

N/A

Constant

ABC Corp

Employee

OU

N/A

DN

Distinguished name

Map only component 1

Employee

username

1

Other Rules Extensions

Error Handling

Worksheet 15: Object Deletion Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Object Deletion Rules worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List the object deletion rule for each object that requires one. Include specifics for rules extension if using error handling. Fill out one worksheet for each management agent.

Worksheet 15: Object Deletion Rules

Preparer and date Management agent

Alan Brewer, March 25

Fabrikam HR SQL MA

Metaverse Object Type Delete Metaverse Object When Last Connector is Disconnected (Default) Delete Metaverse Object When Connector from this MA is Disconnected Delete Metaverse Object with Rules Extension Details/Description

Person

 

 

X

If attribute department = Sales, then delete object

Group

 

Fabrikam AD MA

 

 

Worksheet 16: Provisioning Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Provisioning Rules worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List each scenario that needs to be covered by the provisioning rules extension. Include specifics for error handling scenarios.

Worksheet 16: Provisioning Rules

Preparer and date Management agent

Alan Brewer, March 25

Fabrikam HR SQL MA

Scenario Action

Create a new connector space object

If status = “active,” then create a new account. Set initial password to username

Move connector space object

If status = “disabled,” move object to HoldOU

Delete a connector space object

If status = “terminated,” disconnect from connector space

Worksheet 17: Deprovisioning Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one Deprovisioning Rules worksheet for each or your deployment scenarios.

  • INSTRUCTIONS: For each management agent, list the action to be taken when a connector space object is deleted from the metaverse or is disconnected by the provisioning rule. Include specifics for rules extensions if using error handling.

Worksheet 17: Deprovisioning Rules

Preparer and date Management agent

Alan Brewer, March 25

Fabrikam HR SQL MA

Management Agent Make a Disconnector Make an Explicit Disconnector Stage the Object for Deletion Rules Extension/Details Enable Attribute Recall

Fabrikam HR SQL MA

 

 

X

N/A

Yes

Fabrikam Active Directory MA

 

 

 

Set status = disabled, move object to HoldOU

No

Worksheet 18: Export Attribute Flow Rules

  • Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.

  • Fill out one "Export attribute flow rules" worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List the export attribute flow rules for each object in the metaverse that will flow attributes out to a connector space. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.

Worksheet 18: Export Attribute Flow Rules

Preparer and date Management agent

Arlene Huff, March 25

Fabrikam HR SQL MA

Management Agent Make a Disconnector Make an Explicit Disconnector Stage the Object for Deletion Rules Extension/Details

Fabrikam HR SQL MA

  

  

X

N/A

Fabrikam Active Directory MA

  

  

  

Set status = disabled, move object to HoldOU

Management Agent

Make a Disconnector

Make an Explicit Disconnector

Stage the Object for Deletion

Rules Extension/Details

Planning Your System Configuration for MIIS 2003

Worksheet 19: Management Agent Configurations

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Management Agent Configurations worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete one data sheet for each management agent. List all configuration options for each management agent.

Worksheet 19: Management Agent Configurations

Preparer and date Management agent MA Type
Connected Data Source

Arlene Huff, March 25

Fabrikam HR SQL MA

Attribute-Value pair (AVP)

Fabrikam_Server_1b

Name Configuration

Connector filter rules

None

Anchor attributes

EmployeeID

Object types

Employee

Attributes to import

EmployeeID

Branch

givenName

employeeStatus

Partitions

Use default for Person object

Join and projection

Source:person -> Metaverse:person

Attribute flow

Source:employeeID -> Metaverse:employeeID

Source:givenName -> metaverse:givenName

Source:samAccountName -> metaverse:UID

Deprovisioning rule

Make them disconnectors

Recall objects = checked

Configure Rules extension

Rules extension = FabrikamHR.dll

Run in separate process = checked

Options specific to your management agent.

 

Run Profile Name Run Profile Configuration

Full Import

Step type: Full Import (Stage only)

Input file name: Input_file.txt

Apply pending

Step type: Delta Sync

Number of objects: 100

Delta import

Step type: Delta Import (Stage only)

Input file name: Delta_input.txt

Worksheet 20: Metaverse Rules Configuration

Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

Fill out one Metaverse Rules Configuration worksheet for each of your deployment scenarios.

INSTRUCTIONS: List configuration information for the metaverse that is specific to your provisioning scheme.

Worksheet 20: Metaverse Rules Configuration

Preparer and date

Arlene Huff, March 25

Object Object Deletion Rule Attribute Precedence Provisioning

Person

Delete metaverse object when last connector is disconnected

employeeStatus = Fabrikam HR SQL management agent

Manager = Fabrikam HR SQL management agent

Rules extension = Fabrikam_provisioning.dll

Run rules extension in separate process = checked

Worksheet 21: Roles and Responsibilities Rights Assignments

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Roles and Responsibilities Rights Assignments worksheet for each or your deployment scenarios.

  • INSTRUCTIONS: List rights assignments for users and groups.

Worksheet 21: Roles and Responsibilities Rights Assignments

Preparer and date

Arlene Huff, March 25

Task/Responsibility Group Additional Rights Assignment

Create Management Agents

MIISAdmins

N/A

Backup Operator

MIISOperators

Read/Browse rights to \MAData folder

Worksheet 22: Security Configuration

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Security Configuration worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Determine authentication, data source, and database security for each connected data source.

Worksheet 22: Security Configuration

Preparer and date

Arlene Huff, March 28

Data Source Data source Security Authentication Security Database Security

HR SQL MA

No automated scripts

 

Locate SQL on different server

Lotus Notes MA

Service account needs permission to write to the Lotus Notes client installation folder

 

 

Telephone MA

 

N/A

 

Fabrikam Active Directory MA

 

Enable SSL

 

Worksheet 23: Server Configuration

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Server Configuration worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List each server’s configuration in the MIIS 2003 deployment.

Worksheet 23: Server Configuration

Preparer and date

Arlene Huff, March 28

MIIS 2003 Primary Server MIIS 2003 Warm Standby Server MIIS 2003 Database Server

Server name: Fabriakam_server1a

Service account name: MIIS_service_account

Account type: domain

Fabriakam_backup_server1a

Server name: Fabrikam_SQL_server

Configuration:

Allow access from network

Use the default instance

Worksheet 24: Data Handling

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Data Handling worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List each server’s configuration in the MIIS 2003 deployment.

Worksheet 24: Data Handling

Preparer and date

Arlene Huff, March 30

Connected Data Source Access to Connected Data Sources for Deployment Evaluating the Data for Reliability Handling Problems with Invalid Data

HR SQL MA

Browse rights on folder c:\SyncFolder

Verify these attributes are present:

empoyeeID

Log failures in HR_Log.xml

Lotus Notes MA

Users that either create or run the management agent must have permissions for the Notes.ini file.

Verify address book entry on export

N/A

Telephone MA

Browse rights on folder c:\SyncFolder

N/A

N/A

Fabrikam Active Directory MA

Need rights to modify objects in the SyncUsers container.

Verify these attributes are present:

cn

Log failures in HR_Log.xml

Worksheet 25: Synchronization Scheduling

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Data Handling worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Consider network bandwidth, system backup, the frequency of data modifications, data clean up, and whether to synchronize your data in stages. List synchronization information for each management agent.

Worksheet 25: Synchronization Scheduling

Preparer and date

Alan Brewer, March 31

Management Agent Notes: (Size of Data, Volatility of Data) Time to Synchronize

HR SQL MA

No limit on objects, moderate modification level

1:00 AM Daily

Lotus Notes MA

Delta

1:00 AM Daily

Telephone MA

Full

12:00 AM Sunday

Fabrikam Active Directory MA

Delta

2:00 AM

Worksheet 26: Error Handling

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Error Handling worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: List the notification methods you will use to handle system and synchronization errors and exceptions that occur during normal MIIS 2003 processing.

Worksheet 26: Error Handling

Preparer and date

Alan Brewer, March 31

Exceptions Log Entries Logging.dll E-mail Notification Microsoft Operations Manager 2000

If object already exists, join rules will join the existing object later'

Log only critical errors

N/A

Send e-mail to Admin in case of service stop or server crash

Track

Management agent errors

Authentication/connection errors

Worksheet 27: Retrieving Information with WMI

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one Retrieving Information with WMI worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete for any WMI tasks.

Worksheet 27: Retrieving Information with WMI

Preparer and date

Alan Brewer, March 31

Task Notes

Verify data on all imported connector space objects

Check for valid employeeID and CN attributes.

Archive management agent run histories

Retrieve all run histories once a day at 10:00 PM.

Worksheet 28: System Backup

  • Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.

  • Fill out one System Backup with WMI worksheet for each of your deployment scenarios.

  • INSTRUCTIONS: Complete for backup of the MIIS 2003 encryption key, the SQL server database, all log files or file-based management agent import and export files, and the Local Security Accounts Manager (SAM) database on any stand-alone servers.

Worksheet 28: System Backup

Preparer and date

Alan Brewer, April 1

Items and Folders to Backup Included in system backup Y/N Notes

MIIS 2003 Encryption Keys

No

Backup weekly, and whenever keys change

MIIS 2003 SQL Database

Yes

Nightly incremental, weekly full backup

See Also

Other Resources

Download a worksheet from the MIIS 2003 Designing and Planning Collection