Hi Dominik, thanks for the reply.
Well the plan so far in the more complex scenario is to:
Import users from SQL, stick them in the portal, provision to AD with a calculated home directory (based on department and initials), users with AD accounts provisioned may then have their home directories created and permissions applied. It is possible
user departments will change. Users will enter an expired state after their expiry date passes and enter a 'deleted' state some time after that, this'll be done with temporal sets.
Things which are concerning me:
- What happens if the directory changes. Is moving folders a possibility? It'd be nice to allow the directory to be moved from one server to another if the user's department changes but what if, for example, the folder
is in use?
- Users will be put in an 'expired' state after their expiry date then, after so many months of being expired they'll be deleted. The folder can be renamed to "expired_<accountName>" and then be deleted,
but again, what if directory is in use?
Really I'm just after and tips or advice that those with more experience in this area may have for me. Does the above scenario solution seem reasonable to you? Would you suggest a different approach?
Following today's research I think am more likely to use Soren's PSMA owing to more suitable example scripts being available, I'm going to give that a gov in my test environment.
Thanks
-
Edited by
FIM-EN
Tuesday, June 10, 2014 12:03 PM