ADAM 구성 파일 예제

  • 릴리스 버전: Xanadu
  • 업데이트 날짜 2024년 08월 01일
  • 읽기8분

    • ADAMSync에 대한 모든 구성은 xml 파일에 저장됩니다.

    설명이 있는 기본 구성 파일

    ADAMSync 설치에 포함된 MS-AdamSyncConf.xml라는 기본 구성 파일이 있습니다. 나중에 참조할 기본 예제를 만들 수 있도록 이 파일의 복사본을 만듭니다. 이 예는 주석이 추가된 기본 구성 파일입니다.
    <?xml version="1.0"?>
<doc>	
 <configuration>		
<!-- Sync File Description --> 
<description>MyCompany ADAMSync Configuration</description>		
  <security-mode>object</security-mode>;	        
<!-- source-ad-name = fqdn of the domain controller -->;
  <source-ad-name>;fully.qualified.domain.name.of.domain.controller</source-ad-name>;		
<!-- source-ad-partition = root AD domain partition -->;
  <source-ad-partition>;dc=myCompany,dc=com</source-ad-partition>;
<!-- source-ad-account = use this to specify an account to connect to AD -->;
<!-- if not used, the current user will be used  -->;
  <source-ad-account>;</source-ad-account>;                
  <account-domain>;</account-domain>;
<!-- target-dn = target ADAM OU -->;
  <target-dn>;ou=servicenow users,dc=myCompany,dc=adam</target-dn>;		
  <query>;			
<!-- base-dn = should be the root AD partition if you want all users -->;
   <base-dn>;dc=myCompany,dc=com</base-dn>;
<!-- object-filter = standard ldap query format, this will grab all users -->;
<!-- need to review results to see if you should modify this filter -->;
   <object-filter>;(objectCategory=person)</object-filter>;			
   <attributes>;			
<!-- include=userproxy requires objectSID to link back to the AD account -->;	
    <include>;objectSID</include>;
    <include>;givenName</include>;
    <include>;sn</include>;
    <include>;description</include>;
    <include>;title</include>;
    <include>;company</include>;
    <include>;department</include>;
    <include>;mail</include>;
    <include>;physicalDeliveryOfficeName</include>;
    <include>;telephoneNumber</include>;
    <include>;sAMAccountName</include>;
   </attributes>;		
  </query>;	
<!-- map for user-to-userproxy object types -->;
  <user-proxy>;
    <source-object-class>;user</source-object-class>;
    <target-object-class>;userProxy</target-object-class>;
  </user-proxy>; 
  <schedule>;			
   <aging>;				
    <frequency>;0</frequency>;				
    <num-objects>;0</num-objects>;			
   </aging>;			
   <schtasks-cmd>;</schtasks-cmd>;		
  </schedule>;	
 </configuration>;	
 <synchronizer-state>;		
  <dirsync-cookie>;</dirsync-cookie>;		
  <status>;</status>;		
  <authoritative-adam-instance>;</authoritative-adam-instance>;		
  <configuration-file-guid>;</configuration-file-guid>;		
  <last-sync-attempt-time>;</last-sync-attempt-time>;		
  <last-sync-success-time>;</last-sync-success-time>;		
  <last-sync-error-time>;</last-sync-error-time>;		
  <last-sync-error-string>;</last-sync-error-string>;		
  <consecutive-sync-failures>;</consecutive-sync-failures>;		
  <user-credentials>;</user-credentials>;		
  <runs-since-last-object-update>;</runs-since-last-object-update>;		
  <runs-since-last-full-sync>;</runs-since-last-full-sync>;	
 </synchronizer-state>;
</doc>;

    LDAP 필터 구성 파일

    구성 파일의 object-filter 값에 모든 수준의 필터링을 제공할 수 있습니다. 표준 연산자 대신 다음 xml 이스케이프 문자와 함께 표준 LDAP 쿼리 구문을 사용합니다.
    • AND = "&"를 &로 바꿉니다.
    • OR = "|"(세로줄) 다음으로 바꾸기 |
    • NOT = "!" 다음으로 바꾸십시오 !

    참조 구성 파일

    다음은 샘플로 참조할 수 있는 실제 구성 파일입니다.
    <?xml version="1.0"?>;
<doc>;	
 <configuration>;		
<description>;SNCTest ADAMSync Configuration</description>;		
  <security-mode>;object</security-mode>;	        
  <source-ad-name>;domaincontroller.service-now.com</source-ad-name>;		
  <source-ad-partition>;dc=service-now,dc=com</source-ad-partition>;
  <source-ad-account>;</source-ad-account>;                
  <account-domain>;</account-domain>;
  <target-dn>;ou=servicenow users,dc=service-now,dc=adam</target-dn>;		
  <query>;			
   <base-dn>;dc=service-now,dc=com</base-dn>;
   <object-filter>;(objectCategory=person)</object-filter>;			
   <attributes>;			
    <include>;objectSID</include>;
    <include>;givenName</include>;
    <include>;sn</include>;
    <include>;description</include>;
    <include>;title</include>;
    <include>;company</include>;
    <include>;department</include>;
    <include>;mail</include>;
    <include>;physicalDeliveryOfficeName</include>;
    <include>;telephoneNumber</include>;
    <include>;userAccountControl</include>;
   </attributes>;		
  </query>;	
  <user-proxy>;
    <source-object-class>;user</source-object-class>;
    <target-object-class>;userProxy</target-object-class>;
  </user-proxy>; 
  <schedule>;			
   <aging>;				
    <frequency>;0</frequency>;				
    <num-objects>;0</num-objects>;			
   </aging>;			
   <schtasks-cmd>;</schtasks-cmd>;		
  </schedule>;	
 </configuration>;	
 <synchronizer-state>;		
  <dirsync-cookie>;</dirsync-cookie>;		
  <status>;</status>;		
  <authoritative-adam-instance>;</authoritative-adam-instance>;		
  <configuration-file-guid>;</configuration-file-guid>;		
  <last-sync-attempt-time>;</last-sync-attempt-time>;		
  <last-sync-success-time>;</last-sync-success-time>;		
  <last-sync-error-time>;</last-sync-error-time>;		
  <last-sync-error-string>;</last-sync-error-string>;		
  <consecutive-sync-failures>;</consecutive-sync-failures>;		
  <user-credentials>;</user-credentials>;		
  <runs-since-last-object-update>;</runs-since-last-object-update>;		
  <runs-since-last-full-sync>;</runs-since-last-full-sync>;	
 </synchronizer-state>;
</doc>;