Tuesday, November 18, 2008


Quickly!!!! you must create 400 contacts in active directory and you must do it now otherwise users won't be able to mail these users in that other domain!!!!!!

So off I go to build a script that will load from a .csv file and create contact entries with an smtp email address and an x500 address.

All goes well. my script loads the user list. checks to make sure the user doesn't already have an AD account, or a contact entry. In fact it even removes duplicates if it finds a contact and a user object both exist. (I needed that after the first time I ran the script and I realized it wasn't checking the user objects correctly. I had a bunch of duplicates I created to remove)

So now I'm at the meat of my script. create contact. check. Make first name this. Check. Make Last name that. Check. Make the email address. Check. Add Proxy address. WRONG!!

You see, proxy Address in Active Directory is an Array not a single valued attribute. So when I set the addresses I need,

SMTP: jsmith@company.com


X500: /o=company/ou=container/cn=Worldwide Address List/cn=smtp-john-smith-company-com

only one address ends up in the user record. This, of course is because my script is trying to add a proxy address like this

objUser.Put "proxyAddresses", "X500:" & proxyAddressvariable
objUser.Put "proxyAddresses", "SMTP:" & proxyAddressvariable

So I did a search on the net for the best way to do this and what do I find?


Manipulating the e-mail addresses list of an Exchange recipient requires some array manipulation functions.

The UBound function retrieves the number of objects stored in an array. In order to add an e-mail address to athe proxyAddresses array of a recipient you would need to expand the number of objects stored in the array.

The Redim Preserve function allows you to expand an array while preserving its contents.

Set oUser = GetObject ("LDAP://CN=Buffy Summers,OU=Scoobies,DC=sunnydale,DC=muni")
Set objRecip = oUser
sAddress = "smtp:slayer@sunnydale.muni"
bIsFound = False
vProxyAddresses = objRecip.ProxyAddresses
nProxyAddresses = UBound(vProxyAddresses)
i = 0
Do While i <= nProxyAddresses
If vProxyAddresses(i) = sAddress Then
bIsFound = True
Exit Do
End If
i = i + 1
If Not bIsFound Then
ReDim Preserve vProxyAddresses(nProxyAddresses + 1)
vProxyAddresses(nProxyAddresses + 1) = sAddress
objRecip.ProxyAddresses = vProxyAddresses
End If


Now I like at all this. create an array and go through each contact and get the array of proxy addresses then redim the array variable to keep the data in the array but add a place for more data then add the new piece of data and save the whole thing back. It's kind of interesting, but waaay more complex than needed. This piece of script assumes you don't know what proxy addresses your users use. Now, it won't be true for everyone, but in the case of the work I'm doing I just want to add the appropriate proxy addresses. So after spending a chunk of time trying to adapt the piece of script above to my needs and realizing that I can't use it at all as the contacts I'm manipulating don't have ANYTHING in their proxy address as I'm still creating them I resumed my search of the net until I found this.

objUser.PutEx ADS_PROPERTY_APPEND, "proxyAddresses", Array (proxyAddress1,proxyAddress2)

To be fair this one line has several varialbes that had to be defined.

ADS_PROPERTY_APPEND = 2 (this is so the PutEX method knows to append rather than overwrite)
proxyaddress1 = "SMTP:" & proxyAddressvariable
proxyaddress2 = "X500:" & proxyAddressvariable

I just can't help but notice how many times I search the web for code and find vastly interesting and complex scripts and scriptlets for things that can be done in 2 or 3 lines. Now I'm not claiming to be better than anyone else when it comes to coding. I'm not. I'm very new and this rant alone seems long drawn out and overly complex. But it does all lead to the point I laid out in the title of this rant. Something I constantly need to remind myself both in my work and in my life.

Keep It Simple Stupid

Thursday, November 6, 2008

On your own

Yes!!! No!!! Yes!!! No!!! Yes!!! No!!! Yes!!! No!!! Yes!!! No!!!


This is how it's been for about 3 months now, but I think we finally have our firm no.

On the plus side this means I'm going to build an identity management solution from the ground up however we want. (we being the core tech team who are involved) We do not have to build on someone else schedule. We can build the pieces we benefit from most first and build the pieces that everyone else will benefit from last. This is going to be GREAT.

Of course, we have to build it all ourselves and we have NEVER done this before. And if we fail, it's going to be bad. But thankfully no one will notice for a while. :)

The glamor is gone. it's time for hard work. And lots of Service Requests to Oracle. LOTS OF THEM.

Tuesday, October 28, 2008

My first blog

Hello all. This is my first blog...ever. Today's topic is ORACLE IDENTITY MANAGER. This topic will come up a lot.

I would blog about how ridiculous it is to recover objects from the OIM database after they are deleted but you will find that on my masters site at


So instead, I'll blog about Oracle support. What can I say. today i have spent the ENTIRE day working with Oracle support on 4 separate Service requests regarding OIM. I've had 2 bugs filed on my behalf. (though I am told that unless we are going live soon, they won't escalate the bugs to have them fixed soon) I have been told to upload screen shots/logs and asked where THEIR OWN documentation is on THEIR SITE.

On the plus side when we asked how to recover a deleted object we got an answer. rename it and then create a new one. And when i asked, but can we recover? I was told it's a complicated process, just use this for now. And that is a very short version, of my day with oracle support.