Design and Planning Sample Worksheets for MIIS 2003
Applies To: Windows Server 2003 with SP1
The Design and Planning Sample Worksheets for Microsoft Identity Integration Server (MIIS) 2003 will assist you in your MIIS 2003 deployment. Each Design and Planning worksheet corresponds to a different document within the MIIS 2003 Technical Library Design and Planning collection. Because the worksheets require you to input data specific to your environment, read the Design and Planning collection to discover what environment-specific information you need to include. See Design and Planning Worksheets for MIIS 2003 for blank worksheets that are ready to use.
Initiating Your Project
Worksheet 1: Vision Statement and Solution Objectives
Read the Initiating Your Project document before completing this worksheet.
Fill out one Vision Statement and Solution Objectives worksheet for your MIIS 2003 deployment.
INSTRUCTIONS: Create a statement that includes your goals for this project, including your specific objectives for the solution. Include all possible objectives and do not try to prioritize them. Analyze each goal and objective for feasibility, product support, effect on connected data sources, and effect on network resources.
Worksheet 1: Vision Statement and Solution Objectives
| Preparer and date | Vision Statement |
|---|---|
Mike Danseglio, March 19 |
By using Microsoft Identity Integration Server 2003, Fabrikam will achieve the following high-level solution:
|
| Solution objective | Business Reason | Participating Data Sources |
|---|---|---|
The first goal of Fabrikam is to create an aggregated view of Fabrikam employees from which all of the data sources in Fabrikam can be managed. |
Streamline the dataflow model to reduce administration costs. |
Fabrikam uses the employee object from the HR system and related data from the other four connected directories to create a person object in the metaverse. |
Designing a System Dataflow Model for MIIS 2003
Worksheet 2: Real-World Identity Objects
Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
Fill out one Real-World Identity Objects worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each real-world identity type in the solution. Include a row for each connected data source object. Do not include objects that are not part of your solution.
Worksheet 2: Real-World Identity Objects
| Preparer and date | Real-world identity type |
|---|---|
Mike Danseglio, March 19 |
Staff Member |
| Management Agent | Object Type | Provisioned Y/N | Join Y/N | Project Y/N | Discovery Notes | Other Notes |
|---|---|---|---|---|---|---|
Fabrikam Active Directory MA |
User |
Yes |
No |
No |
During discovery we join existing Employee objects from HR |
|
Fabrikam HR SQL MA |
Employee |
No |
Yes |
Yes |
|
|
Telephone MA |
PhonePerson |
Yes |
No |
No |
During discovery we join existing Employee objects from HR |
|
Lotus Notes MA |
Person |
Yes |
No |
No |
|
|
Worksheet 3 Connected Data Sources
Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
Fill out one Connected Data Sources worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each connected data source in the solution. Include a row for each object. Do not include objects that are not part of your solution. List all objects in the specified connected data source that represent any real-world objects.
Worksheet 3: Connected Data Sources
| Preparer and date | Management agent/type | Connected Data Source | Owner | Contact (who can change) | Backup and restore policy | Security Issues |
|---|---|---|---|---|---|---|
Mike Danseglio, March 19 |
Fabrikam HR SQL MA/Microsoft SQL 2 |
Fabrikam HR System |
Mike Danseglio |
Jamie Reding |
Backed up at midnight on MTWRF. |
None |
| Name | Unique ID | Notes and other policies |
|---|---|---|
Employee |
EmployeeID |
A read-only view will be provided for this object |
|
|
|
Worksheet 4: Object-Level Policies
Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
Fill out one Object-Level Policies worksheet for each object type for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each connected data source object in the solution. Include a row for each policy, and group each into New object policies and Delete objects policies. Do not include objects that are not part of your solution.
Worksheet 4: Object-Level Policies
| Preparer and date | Management agent | Object |
|---|---|---|
Mike Danseglio, March 20 |
Fabrikam HR SQL MA |
Employee |
| Action | Object-Level Policy | Reason/Notes |
|---|---|---|
New object |
Filter out all objects where the LeftDate is earlier than 1 Jan 1980 |
Don’t need employees who left before Syban systems was implemented |
|
Attempt to join new object with an existing Active Directory user object by using the following rules: Match the employeeID Match the FirstName, LastName and DepartmentName against givenName,sn and department If no match is resolved, continue with the next step |
Occasionally, a staff member account is created in Active Directory before the HR system or they might have been deleted from HR by accident |
|
If the join failed: For an object with EmployeeStatus = “active”, and EmployeeType = “employee” provision into Active Directory, Notes and Telephone MA. |
|
|
For an “active” object of type “contractor”, provision into Active Directory and Notes MA. |
|
|
For an “active” object of type “admin-temp”, provision into Active Directory and the telephone systems MA |
|
|
For a “pending” object of type “summer-student”, provision Active Directory with a disabled account and create a delayed action event to enable the Active Directory account on the DueToStart date. |
Fabrikam takes on a large number of students for summer work, these accounts need to be created ahead of time so that the manual work of assigning them resources can be completed before they start |
|
For objects with EmployeeStatus = “terminated” do not provision any MAs |
|
Delete object |
If EmployeeStatus was “terminated”, delete the linked objects from all MAs - including any delayed action events that might have been queued |
|
|
If EmployeeStatus was “active”, disable Active Directory and Notes accounts and set the Telephone comment to “left”. Create a delayed action for a delete of all associated objects in 30 days. |
Occasionally an employee can be deleted by accident, we don’t want to lose the employee’s Active Directory SID and Notes ID information immediately in case the employee record is re-instated. |
Worksheet 5: Included Attributes
Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
Fill out one Included Attributes worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each object in the connected data source directory. List all appropriate attributes. Include a row for each attribute, and leave out those attributes that are not appropriate. For those attributes that are required to follow from the metadirectory to the connected data source, complete the Outbound Attribute section of the table.
Worksheet 5: Included Attributes
| Preparer and date | Management agent | Connected Data Source Object |
|---|---|---|
Mike Danseglio, March 21 |
Telephone MA |
PhonePerson |
| Name | Data Type | Multi-Values Y/N | Content Structure | Outbound Y/N | (Outbound) Requires Validation Y/N | (Outbound) May be Overwritten with Null Y/N | (Outbound) Business Justification | (Outbound) Quality and Precedence Notes | (Outbound) Notes |
|---|---|---|---|---|---|---|---|---|---|
StaffID |
String |
|
HR system unique employee ID |
Yes |
No |
No |
|
|
Is unique |
FirstName |
String |
|
|
Yes |
No |
No |
|
Often incorrect |
|
LastName |
String |
|
|
Yes |
No |
No |
|
Often incorrect |
|
FullName |
String |
|
<LastName> <comma> <FirstName> |
Yes |
No |
No |
|
Often incorrect |
|
StaffStatus |
String |
|
|
Yes |
No |
Yes |
|
|
Blank or contains “Has left - please transfer to inactive” |
Manager |
String |
|
|
Yes |
No |
Yes |
|
|
Contains the StaffID of this person’s manager, might be empty |
WorkTel |
String |
|
7 character telephone number |
No |
|
|
|
Often Incorrect |
|
HomeTel |
String |
|
7 character telephone number |
|
|
|
|
High quality, should be the primary source |
|
Worksheet 6: Outbound Attribute Flow
Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
Fill out one Outbound Attribute Flow worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one worksheet for each object in the solution. List all outbound attributes (use another sheet if necessary) and include a row for each attribute. Do not include attributes that are not part of your solution. Fill out one worksheet for each connected data source. Map each metaverse attribute to a data source attribute in the outbound attribute flow.
Worksheet 6: Outbound Attribute Flow
| Preparer and date | Management agent | Object | Metaverse Object |
|---|---|---|---|
Mike Danseglio, March 22 |
Telephone MA |
PhonePerson |
Person |
| Name | Validation | Validation Failure Action | Transformation | May be Overwritten With Null Y/N | (Metaverse) Name(s) | (Metaverse) Considerations or Policies Needed |
|---|---|---|---|---|---|---|
StaffID |
|
|
|
No |
employeeID |
|
LastName |
|
|
|
No |
Sn |
|
FirstName |
|
|
|
No |
givenName |
|
FullName |
|
|
givenName <space> sn |
No |
givenName sn |
|
StaffStatus |
|
|
|
No |
|
|
Worksheet 7: Metaverse Object Design
Read the Designing a System Dataflow Model for MIIS 2003 documents before completing this worksheet.
Fill out one Metaverse Object Design worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each object type in the metaverse. Include one row for each attribute to be included in this object.
Worksheet 7: Metaverse Object Design
| Preparer and date | Object |
|---|---|
Arlene Huff, March 22 |
StaffMember (Note: This example illustrates the creation of a new Metaverse StaffMember object for this scenario) |
| (MV Attribute) Name | (MV Attribute) Content Structure | (MV Attribute) Joined Y/N | (CD Source) Management Agent | (CD Source) Object | (CD Source) Precedence When Can This Attribute Not Replace the Metaverse Attribute | (CD Source) Considerations or Policies Needed |
|---|---|---|---|---|---|---|
Sn |
Employee’s lastname |
Yes |
Fabrikam AD MA |
User |
When last supplied by HR |
|
|
|
|
Fabrikam SQL HR MA |
Employee |
|
|
givenName |
Employee’s first name |
Yes |
Fabrikam AD MA |
User |
When last supplied by HR |
|
|
|
|
Fabrikam SQL HR MA |
Employee |
|
|
<firstname><dot><lastname>@fabrikam.com |
No |
Fabrikam AD MA |
User |
|
|
|
|
|
|
Fabrikam SQL HR MA |
Employee |
When last supplied by Active Directory |
|
Mobile |
PhonePerson’s mobile telephone number |
No |
Telephone MA |
TelephonePerson |
When last supplied by Active Directory |
|
|
|
|
Fabrikam AD MA |
User |
When last supplied by Telephone |
|
displayName |
String <firstname> <space> <lastname> |
No |
Fabrikam SQL HR MA |
Employee |
|
|
|
|
|
Fabrikam AD MA |
User |
When last supplied by HR |
|
EmployeeID |
String Unique HR employee ID XX9999999 |
Yes |
Fabrikam AD MA |
User |
When last supplied by HR |
|
Manager |
Reference to another person object |
|
Fabrikam SQL HR MA |
Employee |
|
|
Planning the Metaverse for MIIS 2003
Worksheet 8: Metadirectory Object Policies
Read the Planning the Metaverse for MIIS 2003 document before completing this worksheet.
Fill out one Metadirectory Object Policies worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each real-world identity; include a row for each connected data source object rule. List rule type and rule details for synchronization.
Worksheet 8: Metadirectory Object Policies
| Preparer and date | Metaverse object | Real-world name | MV Deletion Rule | Object Deletion Policy |
|---|---|---|---|---|
Arlene Huff, March 22 |
Person |
Staff Member |
When all connected objects are disconnected |
Objects are deleted from the metaverse when deprovisioned from the HR system. |
| Management Agent | Object | Rule Type | Rule Details | Notes |
|---|---|---|---|---|
Fabrikam HR SQL MA |
Employee |
Filter |
LeftDate<’1990/01/01’ |
Staff who left before this date should not be included |
|
|
Join |
When EmployeeID=EmployeeID |
|
|
|
Project |
If the join fails, project |
|
|
|
Deprovision |
Make a disconnector |
|
Telephone MA |
PhonePerson |
Provision |
When EmployeeStatus= “active” and EmployeeType = “employee” or “admin-temp” |
|
|
|
Deprovision |
Delete from Telephone list |
|
Lotus Notes MA |
Person |
Join |
Very complex, see the “Joining from Notes” section |
|
|
|
Project |
When EmployeeStatus= “active” employees where EmployeeType = “employee”, “contractor” or “admin-temp” |
|
|
|
Provision |
When EmployeeStatus= “active” and EmployeeType = “employee”, “contractor” or “admin-temp” |
|
|
|
Deprovision |
See “Deprovisioning Notes” section |
Custom rule required |
Fabrikam Active Directory MA |
User |
Filter |
samAccountName starts with ‘admin’ |
Admin accounts should not be included |
|
|
Join |
When EmployeeID=EmployeeID |
|
|
|
Project |
When EmployeeStatus= “active” and EmployeeType = “employee”, “contractor” or “admin-temp” or When EmployeeStatus= “pending” and EmployeeType = “summer-student” |
|
|
|
Provision |
When EmployeeStatus= “active” and EmployeeType = “employee”, or “contractor” or “admin-temp” or When EmployeeStatus= “pending” and EmployeeType = “summer-student” |
|
|
|
Deprovision |
Delete from Active Directory |
|
Worksheet 9: Inbound Attribute Flow
Read the Planning the Metaverse for MIIS 2003 documents before completing this worksheet.
Fill out one Inbound Attribute Flow worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each object in the solution. List all inbound attributes (use another sheet if necessary) and include a row for each attribute. Do not include attributes that are not part of your solution. Complete one worksheet for each object in each connected data source.
Worksheet 9: Inbound Attribute Flow
| Preparer and date | Management agent | Connected Data Source object | Metaverse object |
|---|---|---|---|
Arlene Huff, March 22 |
Fabrikam HR SQL MA |
Employee |
Person |
| Names(s) | Validation | Validation Failure Action | Transformation | Manual Precedence Y/N | Name | Notes |
|---|---|---|---|---|---|---|
FirstName |
Must not contain any of the following characters: non-printable, punctuation symbols, quotation marks. It is limited to twenty bytes. |
Do not flow the attribute or provision a new object |
|
|
givenName |
|
LastName |
Must not contain any of the following characters: non-printable, punctuation symbols, quotation marks. It is limited to twenty bytes. |
Do not flow the attribute or provision a new object |
|
|
Sn |
|
FirstName LastName |
|
|
firstName <space> LastName |
|
displayName |
|
|
|
|
First letter of FirstName plus LastName |
|
samAccountName |
Total string length must not exceed 20 characters, must be unique in the Active Directory MA |
No |
Yes |
|
|
<various> |
If Email=”create”, then create an e-mail box for the user |
|
HomeTel |
No |
No |
If present replace international dial code (00, 010) with + |
|
homePhone |
|
Worksheet 10: Metaverse Attribute Design
Read the Planning the Metaverse for MIIS 2003 document before completing this worksheet.
Fill out one Metaverse Attribute Design worksheet for your MIIS 2003 deployment.
INSTRUCTIONS: Complete one worksheet for the whole metaverse. Include one row for each attribute that you require.
Worksheet 10: Metaverse Attribute Design
| Preparer and date |
|---|
Arlene Huff, March 22 |
| Name | Data Type | Indexable Y/N | Multi-Values Y/N | Indexed |
|---|---|---|---|---|
Sn |
String |
Yes |
|
|
givenName |
String |
Yes |
|
|
String |
Yes |
|
|
|
Mobile |
String |
Yes |
|
|
displayName |
String |
Yes |
|
|
Manager |
Reference |
No |
|
|
Member |
Reference |
No |
Yes |
|
Planning Synchronization Rules for MIIS 2003
Worksheet 11: Connector Filter Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Connector Filter Rules worksheet for each of your deployment scenarios.
INSTRUCTIONS: List all conditions of each connector filter rule in their order of precedence. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.
Worksheet 11: Connector Filter Rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 23 |
Fabrikam HR SQL MA |
| Filter # (Precedence) | Attribute | Operator | Value |
|---|---|---|---|
1 |
employeeStatus |
Equals |
“Active” |
|
branchID |
Ends with |
“SEA” |
2 |
hireDate |
Contains |
2002 |
Worksheet 12: Join Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Join Rules worksheet for each of your deployment scenarios.
INSTRUCTIONS: List all conditions of each join rule in their order of precedence. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.
Worksheet 12: Join Rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 24 |
Fabrikam HR SQL MA |
| Rule # (Precedence) | Source Attribute | Mapping Type | Metaverse Object Type | Metaverse Attribute | Resolution Script | Resolution Script Description/Location |
|---|---|---|---|---|---|---|
1 |
employeeID |
Direct |
“Active” |
employeeID |
Yes |
|
|
givenName |
Direct |
Person |
givenName |
No |
|
2 |
Sn |
Rules Extension |
2002 |
Sn |
Yes |
|
| Rules Extension | Description |
|---|---|
Rules Extension for #2 |
Concentrate the Sn and givenName if successful resolution found |
Worksheet 13: Projection Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Projection Rules worksheet for each of your deployment scenarios.
INSTRUCTIONS: List all conditions of each projection rule. Include specifics for rules extension if using error handling. Fill out one worksheet for each management agent.
Worksheet 13: Projection Rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 24 |
Fabrikam HR SQL MA |
| Source Object Type | Metaverse Object Type or Rules Extension | Description of Rules Extension |
|---|---|---|
Employee |
Person |
|
Employee |
Rules Extension |
If from Forest A, then map to contact object type. |
| Other Rules Extension | Metaverse Object Type or Rules Extension | Description of Rules Extension |
|---|---|---|
Error Handling |
Rules Extension |
If projection fails, do… |
Worksheet 14: Import Attribute Flow Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Import Attribute Rules worksheet for each of your deployment scenarios.
INSTRUCTIONS: List the important attribute flow rules for each object in each management agent. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.
Worksheet 14: Import attribute flow rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 24 |
Fabrikam HR SQL MA |
| CD Attribute | Mapping Type | Mapping Type Details | Destination Object | Destination Attribute | Precedence |
|---|---|---|---|---|---|
employeeID |
Direct |
N/A |
Employee |
UID |
2 |
firstName, lastName |
Rules extension |
Combine names |
Employee |
fullName |
1 |
N/A |
Constant |
ABC Corp |
Employee |
OU |
N/A |
DN |
Distinguished name |
Map only component 1 |
Employee |
username |
1 |
| Other Rules Extensions |
|---|
Error Handling |
Worksheet 15: Object Deletion Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Object Deletion Rules worksheet for each of your deployment scenarios.
INSTRUCTIONS: List the object deletion rule for each object that requires one. Include specifics for rules extension if using error handling. Fill out one worksheet for each management agent.
Worksheet 15: Object Deletion Rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 25 |
Fabrikam HR SQL MA |
| Metaverse Object Type | Delete Metaverse Object When Last Connector is Disconnected (Default) | Delete Metaverse Object When Connector from this MA is Disconnected | Delete Metaverse Object with Rules Extension | Details/Description |
|---|---|---|---|---|
Person |
|
|
X |
If attribute department = Sales, then delete object |
Group |
|
Fabrikam AD MA |
|
|
Worksheet 16: Provisioning Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Provisioning Rules worksheet for each of your deployment scenarios.
INSTRUCTIONS: List each scenario that needs to be covered by the provisioning rules extension. Include specifics for error handling scenarios.
Worksheet 16: Provisioning Rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 25 |
Fabrikam HR SQL MA |
| Scenario | Action |
|---|---|
Create a new connector space object |
If status = “active,” then create a new account. Set initial password to username |
Move connector space object |
If status = “disabled,” move object to HoldOU |
Delete a connector space object |
If status = “terminated,” disconnect from connector space |
Worksheet 17: Deprovisioning Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one Deprovisioning Rules worksheet for each or your deployment scenarios.
INSTRUCTIONS: For each management agent, list the action to be taken when a connector space object is deleted from the metaverse or is disconnected by the provisioning rule. Include specifics for rules extensions if using error handling.
Worksheet 17: Deprovisioning Rules
| Preparer and date | Management agent |
|---|---|
Alan Brewer, March 25 |
Fabrikam HR SQL MA |
| Management Agent | Make a Disconnector | Make an Explicit Disconnector | Stage the Object for Deletion | Rules Extension/Details | Enable Attribute Recall |
|---|---|---|---|---|---|
Fabrikam HR SQL MA |
|
|
X |
N/A |
Yes |
Fabrikam Active Directory MA |
|
|
|
Set status = disabled, move object to HoldOU |
No |
Worksheet 18: Export Attribute Flow Rules
Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
Fill out one "Export attribute flow rules" worksheet for each of your deployment scenarios.
INSTRUCTIONS: List the export attribute flow rules for each object in the metaverse that will flow attributes out to a connector space. Include specifics for rules extensions if using error handling. Fill out one worksheet for each management agent.
Worksheet 18: Export Attribute Flow Rules
| Preparer and date | Management agent |
|---|---|
Arlene Huff, March 25 |
Fabrikam HR SQL MA |
| Management Agent | Make a Disconnector | Make an Explicit Disconnector | Stage the Object for Deletion | Rules Extension/Details |
|---|---|---|---|---|
Fabrikam HR SQL MA |
|
|
X |
N/A |
Fabrikam Active Directory MA |
|
|
|
Set status = disabled, move object to HoldOU |
Management Agent |
Make a Disconnector |
Make an Explicit Disconnector |
Stage the Object for Deletion |
Rules Extension/Details |
Planning Your System Configuration for MIIS 2003
Worksheet 19: Management Agent Configurations
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Management Agent Configurations worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete one data sheet for each management agent. List all configuration options for each management agent.
Worksheet 19: Management Agent Configurations
| Preparer and date | Management agent | MA Type | Connected Data Source |
|---|---|---|---|
Arlene Huff, March 25 |
Fabrikam HR SQL MA |
Attribute-Value pair (AVP) |
Fabrikam_Server_1b |
| Name | Configuration |
|---|---|
Connector filter rules |
None |
Anchor attributes |
EmployeeID |
Object types |
Employee |
Attributes to import |
EmployeeID Branch givenName employeeStatus … |
Partitions |
Use default for Person object |
Join and projection |
Source:person -> Metaverse:person |
Attribute flow |
Source:employeeID -> Metaverse:employeeID Source:givenName -> metaverse:givenName Source:samAccountName -> metaverse:UID |
Deprovisioning rule |
Make them disconnectors Recall objects = checked |
Configure Rules extension |
Rules extension = FabrikamHR.dll Run in separate process = checked |
Options specific to your management agent. |
|
| Run Profile Name | Run Profile Configuration |
|---|---|
Full Import |
Step type: Full Import (Stage only) Input file name: Input_file.txt |
Apply pending |
Step type: Delta Sync Number of objects: 100 |
Delta import |
Step type: Delta Import (Stage only) Input file name: Delta_input.txt |
Worksheet 20: Metaverse Rules Configuration
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Metaverse Rules Configuration worksheet for each of your deployment scenarios.
INSTRUCTIONS: List configuration information for the metaverse that is specific to your provisioning scheme.
Worksheet 20: Metaverse Rules Configuration
| Preparer and date |
|---|
Arlene Huff, March 25 |
| Object | Object Deletion Rule | Attribute Precedence | Provisioning |
|---|---|---|---|
Person |
Delete metaverse object when last connector is disconnected |
employeeStatus = Fabrikam HR SQL management agent Manager = Fabrikam HR SQL management agent |
Rules extension = Fabrikam_provisioning.dll Run rules extension in separate process = checked |
Worksheet 21: Roles and Responsibilities Rights Assignments
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Roles and Responsibilities Rights Assignments worksheet for each or your deployment scenarios.
INSTRUCTIONS: List rights assignments for users and groups.
Worksheet 21: Roles and Responsibilities Rights Assignments
| Preparer and date |
|---|
Arlene Huff, March 25 |
| Task/Responsibility | Group | Additional Rights Assignment |
|---|---|---|
Create Management Agents |
MIISAdmins |
N/A |
Backup Operator |
MIISOperators |
Read/Browse rights to \MAData folder |
Worksheet 22: Security Configuration
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Security Configuration worksheet for each of your deployment scenarios.
INSTRUCTIONS: Determine authentication, data source, and database security for each connected data source.
Worksheet 22: Security Configuration
| Preparer and date |
|---|
Arlene Huff, March 28 |
| Data Source | Data source Security | Authentication Security | Database Security |
|---|---|---|---|
HR SQL MA |
No automated scripts |
|
Locate SQL on different server |
Lotus Notes MA |
Service account needs permission to write to the Lotus Notes client installation folder |
|
|
Telephone MA |
|
N/A |
|
Fabrikam Active Directory MA |
|
Enable SSL |
|
Worksheet 23: Server Configuration
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Server Configuration worksheet for each of your deployment scenarios.
INSTRUCTIONS: List each server’s configuration in the MIIS 2003 deployment.
Worksheet 23: Server Configuration
| Preparer and date |
|---|
Arlene Huff, March 28 |
| MIIS 2003 Primary Server | MIIS 2003 Warm Standby Server | MIIS 2003 Database Server |
|---|---|---|
Server name: Fabriakam_server1a Service account name: MIIS_service_account Account type: domain |
Fabriakam_backup_server1a |
Server name: Fabrikam_SQL_server Configuration: Allow access from network Use the default instance |
Worksheet 24: Data Handling
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Data Handling worksheet for each of your deployment scenarios.
INSTRUCTIONS: List each server’s configuration in the MIIS 2003 deployment.
Worksheet 24: Data Handling
| Preparer and date |
|---|
Arlene Huff, March 30 |
| Connected Data Source | Access to Connected Data Sources for Deployment | Evaluating the Data for Reliability | Handling Problems with Invalid Data |
|---|---|---|---|
HR SQL MA |
Browse rights on folder c:\SyncFolder |
Verify these attributes are present: empoyeeID |
Log failures in HR_Log.xml |
Lotus Notes MA |
Users that either create or run the management agent must have permissions for the Notes.ini file. |
Verify address book entry on export |
N/A |
Telephone MA |
Browse rights on folder c:\SyncFolder |
N/A |
N/A |
Fabrikam Active Directory MA |
Need rights to modify objects in the SyncUsers container. |
Verify these attributes are present: cn |
Log failures in HR_Log.xml |
Worksheet 25: Synchronization Scheduling
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Data Handling worksheet for each of your deployment scenarios.
INSTRUCTIONS: Consider network bandwidth, system backup, the frequency of data modifications, data clean up, and whether to synchronize your data in stages. List synchronization information for each management agent.
Worksheet 25: Synchronization Scheduling
| Preparer and date |
|---|
Alan Brewer, March 31 |
| Management Agent | Notes: (Size of Data, Volatility of Data) | Time to Synchronize |
|---|---|---|
HR SQL MA |
No limit on objects, moderate modification level |
1:00 AM Daily |
Lotus Notes MA |
Delta |
1:00 AM Daily |
Telephone MA |
Full |
12:00 AM Sunday |
Fabrikam Active Directory MA |
Delta |
2:00 AM |
Worksheet 26: Error Handling
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Error Handling worksheet for each of your deployment scenarios.
INSTRUCTIONS: List the notification methods you will use to handle system and synchronization errors and exceptions that occur during normal MIIS 2003 processing.
Worksheet 26: Error Handling
| Preparer and date |
|---|
Alan Brewer, March 31 |
| Exceptions | Log Entries | Logging.dll | E-mail Notification | Microsoft Operations Manager 2000 |
|---|---|---|---|---|
If object already exists, join rules will join the existing object later' |
Log only critical errors |
N/A |
Send e-mail to Admin in case of service stop or server crash |
Track Management agent errors Authentication/connection errors |
Worksheet 27: Retrieving Information with WMI
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one Retrieving Information with WMI worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete for any WMI tasks.
Worksheet 27: Retrieving Information with WMI
| Preparer and date |
|---|
Alan Brewer, March 31 |
| Task | Notes |
|---|---|
Verify data on all imported connector space objects |
Check for valid employeeID and CN attributes. |
Archive management agent run histories |
Retrieve all run histories once a day at 10:00 PM. |
Worksheet 28: System Backup
Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
Fill out one System Backup with WMI worksheet for each of your deployment scenarios.
INSTRUCTIONS: Complete for backup of the MIIS 2003 encryption key, the SQL server database, all log files or file-based management agent import and export files, and the Local Security Accounts Manager (SAM) database on any stand-alone servers.
Worksheet 28: System Backup
| Preparer and date |
|---|
Alan Brewer, April 1 |
| Items and Folders to Backup | Included in system backup Y/N | Notes |
|---|---|---|
MIIS 2003 Encryption Keys |
No |
Backup weekly, and whenever keys change |
MIIS 2003 SQL Database |
Yes |
Nightly incremental, weekly full backup |
See Also
Other Resources
Download a worksheet from the MIIS 2003 Designing and Planning Collection