The following procedure details how to create a metaverse rules extension project. To create a project, you must be a member of the MIISAdmins security group.
To create a metaverse rules extension project
1. On the Tools menu of the UI, click Options.
2. Select the Enable Metaverse Rules Extension check box, and provide a name for the file to contain the extension code.
3. Select the Run this extension in a separate process check box if the extension module is to run in a separate process from MIIS 2003.
4. Select the Enable Provisioning Rules Extension check box if you want to enable provisioning.
5. In the GlobalRules Extension Settings portion of the display, specify if you want to unload the rules extension when the duration of a single operation exceeds a certain value. The default value is 60 seconds. This also applies to management agent rules extensions.
6. Click Create Rules Extension Project. The rules extension project defaults to Visual Basic .NET 2003 as a programming language. If desired, select Visual C# .NET 2003, if desired.
MIIS 2003 supplies a default project name of MVExtension. You might change this if you wish. By default, Visual Studio .NET 2003 builds a .dll with the same name as your project and stores it in the MIIS 2003 Extensions directory. Therefore, it is essential to ensure that your project has a different name from all other rules extension projects within the solution. A valid rules extension name can contain uppercase and lowercase letters A through Z, dashes (-), underscores (_), and spaces. Other characters are not permitted and it cannot be a reserved system file name.
If you want to change the default folder in which the project is created, click Browse….
Select the Launch in VS .Net IDE box to launch a Visual Studio .NET 2003 project in the IDE.
If necessary, create an initialization file to hold configuration information; save this file in the Extensions folder for MIIS 2003.
Using the Metaverse Rules Extension Initialize and Terminate Methods
Your rules extension .dll contains an Initialize method, which you can use to include code for any preprocessing work that the rules extensions in the .dll might require. For example, you might place code here to read an XML file that contains constants for the rule extensions or make a connection to a database. MIIS 2003 only loads the .dll when it determines that a call will be made to a rules extension in the .dll. After loading the .dll, MIIS 2003 calls Initialize prior to making the first call to the rules extension.
The rules extension .dll also contains a Terminate method, in which you can include code for cleanly releasing resources before the .dll is unloaded. For example, if you connected to a database in the Initialize method, yourTerminate code would close this connection. As with management agent rules extensions, although the current version of MIIS 2003 calls Terminate when no rules extension is called within a 5-minute interval, you should not build your rules assuming that this will be the case in the future.
Using the Metaverse Object Deletion Function
In MIIS 2003, a metaverse object is deleted when its last connector disconnects, without any further processing. Through the UI you can also choose to have a metaverse object deleted when a connector associated with a particular management agent disconnects, or you can choose to use a rules extension. If the metaverse object deletion rule has been defined as extension implemented, then the ShouldDeleteFromMV function is called.
ShouldDeleteFromMV
ShouldDeleteFromMV returns True if the Metaverse object should be deleted.
ShouldDeleteFromMV Parameters
csentry
This parameter is the connector space object that is being disconnected from the metaverse.
mventry
This parameter is the Metaverse object that was linked to the connector space object and is the candidate for deletion.
Example:
The following example shows an implementation of the metaverse object deletion function; the intention is that this function deletes the mventry if the csentry that projected it disconnects. In fact, the logic relies on a particular attribute (uid in this case) being provided only by the csentry that projected it, and you can usually find such an attribute by analyzing the rules used to populate the metaverse.
Public Function ShouldDeleteFromMV(ByVal csentry As CSEntry, ByVal mventry As MVEntry) As Boolean Implements IMVSynchronization.ShouldDeleteFromMV
ShouldDeleteFromMV = False
If csentry.MA.Name = mventry.("uid").LastContributingMA.Name then
ShouldDeleteFromMV = True
End If
End Function
Using the Provisioning Method
The objective of the inbound synchronization phase is to update the metaverse with authoritative identity data. A connector space object can only be linked to one metaverse object and can therefore only update one metaverse object.
A metaverse object can be linked to several connector space objects. As soon as the metaverse has been updated, the synchronization service determines whether there is a need to distribute the new data to the connected connector space objects, which is the objective of the outbound synchronization phase.
A provisioning rule is used after inbound management agent synchronization rules are applied and before any management agent outbound synchronization rules are applied. The provisioning rule:
1. Creates a new connector space object
2. Renames an existing connector space object
3. Removes a link to an existing connector space object to trigger the deprovisioning rule and
4. Completes any other processing that might be useful.
The only way to define this rule is through a rules extension that implements the Provision method – there is no declarative route within the UI.
Provision Parameters
mventry
This parameter is the metaverse object involved. Attributes are read-only.
Example:
The following example shows an implementation of the Provisioning method. The code provisions a new person object in the Telephone management agent if one does not already exist. It only provisions if the metaverse objects have an attribute called EmpType to the value “employee.”
Public Sub Provision(ByVal mventry As Microsoft.MetadirectoryServices.MVEntry) Implements IMVSynchronization.Provision
' First, the telephone system only takes person objects
If mventry.ObjectType.Equals("person") Then
' Also, telephone MA should only receive employee objects
If mventry("EmpType").Value.ToLower = "employee" Then
Dim csentry As CSEntry
Dim PhoneMA As ConnectedMA = mventry.ConnectedMAs("Phone MA")
' If there is no connector present, add a new telephone connector
If TelephoneMA.Connectors.Count = 0 Then
csentry = TelephoneMA.Connectors.StartNewConnector("person")
csentry("EMPID").Values.Add(mventry("employeeID").Value)
csentry.CommitNewConnector()
ElseIf PhoneMA.Connectors.Count = 1 Then
' Nothing to do, connector already exists for this MV object
Else
Throw New UnexpectedDataException("Multiple connectors:" + PhoneMA.Connectors.Count.ToString)
End If
End If 'employees only
End If 'person objects only
End Sub
No comments:
Post a Comment