I am new to Active Directory and was wondering if anybody knows a way to modify AD key fields (i.e./ DN) programmatically via ADSI or VB Script? Here is the exact scenario:
I am attempting to synchronize the population in a new Active Directory deployment to the active individuals identified within our various database systems of record. To accomplish that, I generate the following ldap string describing the DN for every individual daily:
TOM SMITH,ou=ACCOUNTING,ou=people,dc=biz,dc=url,dc=com
along with values for numerous attributes. As noted above, the DN is comprised of the concatenate of FIRST NAME, MIDDLE NAME, and LAST NAME as well as that individual's PRIMARY DEPARTMENT (in this case ACCOUNTING).
All of these are implemented into AD via a LDIF generated by a third party synchronization product (Simplesync).
If any of these four elements (FIRST NAME, MIDDLE NAME, LAST NAME, DEPARTMENT) change (as they will from time to time), the result in AD is to add a "new" individual and "delete" to old. This is undesirable.
Is there a way to programmatically detect that any of the above data elements are changing prior to executing the bulk synchronization and MODIFY the DN in AD in place or any other solution that will move this person to a different DN without losing the rest of their existing AD information.
Thanks a million for any help - MPS
I am attempting to synchronize the population in a new Active Directory deployment to the active individuals identified within our various database systems of record. To accomplish that, I generate the following ldap string describing the DN for every individual daily:
TOM SMITH,ou=ACCOUNTING,ou=people,dc=biz,dc=url,dc=com
along with values for numerous attributes. As noted above, the DN is comprised of the concatenate of FIRST NAME, MIDDLE NAME, and LAST NAME as well as that individual's PRIMARY DEPARTMENT (in this case ACCOUNTING).
All of these are implemented into AD via a LDIF generated by a third party synchronization product (Simplesync).
If any of these four elements (FIRST NAME, MIDDLE NAME, LAST NAME, DEPARTMENT) change (as they will from time to time), the result in AD is to add a "new" individual and "delete" to old. This is undesirable.
Is there a way to programmatically detect that any of the above data elements are changing prior to executing the bulk synchronization and MODIFY the DN in AD in place or any other solution that will move this person to a different DN without losing the rest of their existing AD information.
Thanks a million for any help - MPS
