This section contains a discussion of driver features you should become familiar with before deploying the Active Directory driver.
The way the Active Directory driver handles multi-valued attributes has changed from version 2.
Version 2 treated multi-valued attributes as single-valued on the Subscriber channel by ignoring all but the first change value in an Add or Modify operation. Version 3 of the Active Directory Driver fully supports multi-valued attributes.
The Active Directory attribute userAccountControl is an Integer whose bits control logon account properties, such as whether logon is allowed, passwords are required, or the account is locked. Synchronizing the Boolean properties individually is problematic because each property is embedded in the Integer value.
In version 2, of the Active Directory driver took a shortcut that let you map userAccountControl the eDirectory Login Disabled attribute, but didn't let you map the other property bits within the attribute.
In version 3, each bit within the userAccountControl attribute can be referenced individually as a Boolean value or userAccountControl can be managed in-total as an Integer. The driver recognizes a Boolean alias to each bit within userAccountControl, as detailed in •\ 1, Bitfield Aliases to userAccountControl. These alias values are included in the schema for any class that includes userAccountControl. The alias values are accepted on the Subscriber channel and are presented on the Publisher channel.
The advantage to this feature is that since each bit can be used as a boolean, they can be enabled individually in the Publisher Filter and accessed easily. You can also put userAccountControl into the Publisher Filter to receive change notification and it will be published as an Integer.
The Integer and alias versions of userAccountControl should not be mixed in a single configuration.
The following table contains an alphabetical list of all available aliases:
•\ 1. Bitfield Aliases to userAccountControl
Your options for provisioning Exchange 2000 and Exchange 2003 mailboxes has changed from version 2.
In Version 2, Exchange provisioning was accomplished by setting attributes on user objects. A Microsoft program called the Recipient Update Service used this information to provision the Exchange database.
This method still works in version 3 of the Active Directory Driver, but a new method called CDOEXM has been added. With CDOEXM enabled, an Exchange mailbox is provisioned by setting the homeMDB attribute. When the homeMDB attribute is set, all required attributes are set automatically by the driver.
The homeMDB attribute is set during initial configuration, or later by modifying the driver properties. For a discussion of this parameter, see Configuration Parameters.