UMRA – Power School Active Directory Sync at 7:42 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Power School Active Directory Sync

Just recently I was tasked with taking colleges current Student Information System (SIS) and have that data replicated and synced up with their current Active Directory Structure. Most of you know this is no easy task, making sure names, locations; home folders, exchange emails, and other downstream systems were all in sync. However, with UMRA – Automation module this task is possible, however without UMRA this task could take days, if not multiple months to finish. Now this sync, included more then just firstname and lastname checks, I had to do the complete check on the actual user account, and other objects in AD. Other objects you ask? Yes, I also had to create groups, and OU’s on the fly. Since each student was added to a group based on their current enrolled curriculum. So in this blog post I will go over how to get your information lined up, and what hurdles I had to cross before I was able to get this project finished up.

UMRA – Power School SIS Pre Work

So before we even get started on the UMRA – Automation sync to Power School, we need to find out how we are going to obtain our data. In some cases, we are not allowed to connect directly to a Database, and run our quires on it. In my case I was only giving a view of data, that I had to work with. Below is a quick diagram and some tip’s of how you can use your view to create a virtual SQL Database of the Power School Student Information System (SIS).Get Database view from Power School> Use UMRA to pull SQL View From Power School, and loop through that table to insert records into your virtual SQL Database.Now that we have the Power School Student Information System data in a database, you can now have a UMRA project grab that data, and loop through it. What the benefit doing that compared to just grabbing the data right from the SQL view? The benefit of putting it into another database is, now you can add you own columns and other requirements that you may need with running your UMRA – Automation project, that are not originally in your SQL View from Power School.So the next step would be to diagram out what you’re going to do when certain scenarios arise. See below for a few examples.

Work Flows and Custom Processes Examples
Student is Active in Power School But not in active directory – You can do multiple things here, create the account, maybe put the data into a “staging database” and have some type of customer webpage to show you who needs to be created.
Student is Active in Power School But Account in Active Directory is Disabled – Here you can do multiple things again, maybe read group memberships based on some data in the SQL database, move the account etc.

Those were just a few of the scenarios that you can run into when doing this type of UMRA – Automation with Power School. So now that you have all your diagram laid out, create your scripts, and put your script(s) on a custom schedule, and your ready to go.

UMRA – Microsoft Exchange 2000/2003 at 10:09 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Microsoft Exchange 2000/2003

Most Active Directory environments will use Microsoft Exchange 2000/2003/2007 for email services for their users. Creating, Managing and Editing these accounts is a daunting task, and sometimes requires an in-depth knowledge of these systems to create a simple email for a user. However, with UMRA this tasks becomes very easy to do, and creates email accounts with complete uniformity. For this blog we will focus on UMRA’s ability to do tasks on 2000/2003 Exchange, we will get into 2007 in another post. Below is a screen shot of some of the built in actions that UMRA has for managing Exchange Mailbox’s.

UMRA – Microsoft Exchange 2000/2003 Actions

> Create Exchange mailbox
> Edit Exchange mailbox
> Modify Exchange mailbox
> Move Exchange mailbox
> Delete Exchange mailbox
> Manage Exchange recipient mail addresses

UMRA – Microsoft Exchange 2000/2003 Tips

Most of our clients we build UMRA – Automation Scripts for have multiple Exchange Mail stores, either for different types of users, or different locations. So how can UMRA know where create these Exchange Mailbox’s at? Simple, UMRA has the ability to Create “Mapping Tables” to compare data that you send your UMRA script. So for example, if you have CSV or Database data that you’re working with, you can use a column of data determine the mail store location. So as you can see UMRA’s ability to manage Exchange accounts is very versatile, and flexible, allowing you do most scripts you have now in VBScript, or Peal, to be converted quickly and easily. No more having hundreds of lines of code to create an Exchange Mailbox, now it’s done in 1 simple UMRA script action.



Keep an eye on my blog, we will next talk about how UMRA handles Exchange 2007 with windows Powershell!

UMRA - Lotus Notes Migration at 9:45 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Lotus Notes Migration

Converting from one security model to another is no easy task, epically if you have thousands of Users accounts to provision, and objects to move. However, with UMRA this task becomes quite simple. Some of the different migration scenarios that we’ve heard our clients want to do are Lotus Notes > Active Directory, E Directory > Active Directory and so forth. This Blog will focus on the power of UMRA – Lotus Notes Migration. UMRA has over 30 Lotus Notes actions ready for you to use, no VBScripts, no Pearl scripts etc. Just easy to use drag and drop actions that will let make your Migration go a lot smoother, and make sure your User Accounts and different Objects are created correctly.

UMRA – Lotus Notes Migration Tips

We will talk about this at a high level, and really focus on the “how” most Migrations are handled, and give you a good idea of how flexible UMRA really is. With UMRA we can create a table of Lotus Notes Users, or create a table of Lotus Notes Users from a CSV… We can now loop through that table, and have accounts created, and added to specific OU’s depending on data pulled from the Users account in Lotus Notes. Once, the account is created, in another script, or same script, we can now apply group memberships, create home folders, and create exchange mailbox’s if needed. As you can see, UMRA can handle the whole user creation process, as well as the Lotus Notes Migration quickly and effectively. Again, this was more a higher level look, and shows how easy a migration can be.

UMRA – Lotus Notes Actions

UMRA – Command Line Utility at 9:40 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Command Line Utility

User Management Resource Administrator is a very resourceful tool when managing Active Directory Objects. Some of you may be use to doing everyday Active Directory Tasks with old VBScripts or Pearl Scripts. You don’t need to throw out these old scripts that you have, you can now execute them with UMRA – Command Line Utility Action. Yes…you heard me right, you can now pass data from a UMRA script to the Command Line, and have it do its work…what does this mean and how will it benefit you? There are some applications that offer a API, or command line remote call to execute specific methods for their programs or ways to communicate back and forth. We’ve had a lot of different clients have us provision downstream User Accounts in other systems with UMRA that only had an API to talk to.

UMRA – Command Line Utility Tips

Most VBScripts or Peal script that you run now to manage your Active Directory can actually be converted into UMRA projects. UMRA has the ability to Create / Edit / Modify Active Directory Objects, Create Exchange Accounts 2003 2007, LDAP Controls and so much more, so most likely, your older scripts can be converted easily. Plus, you will now be able to update and change your scripts easily instead of having to deal with hundreds of lines of code for your older projects.

UMRA – Command Line Utility Example

Create A New UMRA Project, and drag / drop a “Execute command line” action to your script. This action can be found under Other Actions > Execute command line. Copy and Paste this below script to a blank .vbs file

VBScript
Wscript.Echo "Hello"
Wscript.Quit 0
VBScript

Now in your UMRA “Execute command line” action add this C:\> cscipt hello.vbs
Run your UMRA project, and bingo you have now run your first Command Line from UMRA.

UMRA – Student Information Sync at 6:01 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Student Information Sync

What is a Student Information System (SIS) Sync you may ask? A SIS sync is linking up your Student Information System’s Database to a UMRA Automation project and having the UMRA run a set of projects on a hourly, daily, or a chosen interval to make sure your Active Directory is in sync with your Student Information System. How is this possible you ask? UMRA has the ability to connect to any ODBC valid database, if UMRA does not have direct access, you can also get a SQL View or CSV of data, and have that replicated and put into a Database on a daily basis. Many of our clients are looking for this exact procedure; they need the student’s accounts, email, and home folders created quickly, and keep Active Directories data integrity unpolluted. So below I will go over a quick way to get such a sync setup. Below will be a more a high lever overview, since each environment is always going to be different, you should be able to take these same steps with UMRA and get your Student Information in Sync with Active Directory.

UMRA – Student Information Sync Steps

First you will need to get a “View” created in your current Student Information System, or create your own custom query to get the data needed to run the UMRA Automation project. Once your data is set, now you can setup a UMRA foreach action on your table, if you need help with this, please see my other posts on how to loop through table data. In your UMRA foreach action you will now do a search in Active Directory for the users based of criteria from your “View” of data, or direct database connection. If the users IS in Active Directory, go to your compare project. Your compare project will check information such as, firstname, lastname, description, or any other Active Directory Attribute you need to check. If the users IS NOT in Active Directory, go to a create user project, or insert this data into a database etc. This is the highest level of a Student Information System Sync, keep coming back later to see more in detail some of the tips and tricks of such a UMRA Automation project.

UMRA – Access Management at 5:25 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Access Management

In any company allowing specific users to Access Software applications, programs, etc… is a very difficult task. Most of the time you need to a large set of IT staff to help manage access to these different business applications. This is the classic scenario we run into when developing UMRA – Projects for our clients. UMRA has the ability to manage group objects in Active Directory, so now Access Management with UMRA is a breeze. UMRA, can handle Access Management 3 ways, UMRA - MASS , UMRA - Delegation, and UMRA - Automation. What is best for you? All methods will help you control your Active Directories Access Management, however do them all in a different fashion. I will break the different types of ways you can do this below, for each of the UMRA modules.

How Does UMRA handle Access Management?

UMRA - MASS

With this method we can create a custom UMRA script that will take network data, or CSV data etc. and based off a column of data, we can add or remove a group membership from a specific user. This doesn’t have to be 1 group at a time; you can have as little or as many groups applied, or removed from a user as needed.

UMRA - Delegation

With this method you can create a custom UMRA - Forms, delegate out those forms to a specific group of users, or a single user to manually add/remove users from a group with single button click. How does this method help you though? The subset of users that you allow access to this application, don’t need to have any elevated rights in Active Directory, and only users you Delegate the UMRA - Form out to. Plus, every time the user adds/removes a user from a group, it’s done with your UMRA script action, and this whole process is done with very strict Access Management controls.

UMRA - Automation

This method is very similar to the UMRA - MASS method, however you can now add your script to an automated schedule. How does adding your UMRA script to an automated schedule benefit the company? Simple… you can now have your script run every 10 minutes or hour etc. and depending on if your CSV or database data has changed, it will reflect that in your Active Directory environment.

UMRA – Logging and Auditing at 5:43 PM

If you haven’t already, please read my first post on where and how to download a trial version of User Management Resource Administrator, developed by tools4ever.

Download Trial Version of UMRA > http://www.tools4ever.com/download/

UMRA – Logging and Auditing Overview

More and more clients we build UMRA - Automation / UMRA - Mass / UMRA – Delegation projects for are looking for a way to make sure that every action UMRA is taking on a Active Directory Object is recorded into some type of “record system”. In most cases, we will log this data out to a SQL database for the user to quickly obtain the Logging and Auditing information. Why is this important you may ask, and why would you or clients want this? The answer is simple, Audits and Compliance standards are everywhere theses days, and having all the actions taken on a user in Active Directory, at your finger tips, is a solution to this problem.

Here are a few steps on how get your projects to start Logging and Auditing UMRA scripts actions that affect Active Directory Objects.

UMRA – Logging and Auditing Steps

Step 1: Find out where you will store your log data – SQL / Access / CSV etc.Step 2: Setup your database, and database columns for the data to be inserted into.Step 3: For each script action, that affects an Active Directory Object
A. Affecting an Active Directory Object can be creation / deletion / modification
B. If your logging to a CSV then drag/drop a “Export Variables” action to your script, after your Action has taken place.
C. If your logging to a Database then drag/drop a “Update Database” action to your script, after your Action has taken place.
Step 4: Edit your action, to log your specific variables that you want to record.
A. For most of our clients, username, who did the action, time/date, action type, new value, old value are what they record into the database.
Step5: Repeat steps 1-4 on each action

Once all script actions are in place, you now have a compete logging system in place for your UMRA project.