mapping of objectGUID

Per default there is a mapping from ActiveDirectory and from Domino to the same parameter objectGUID.Can anybody explain me the concept of objectGUID?

[164 byte] By [rawagona] at [2007-11-26 10:21:22]

«« Are SUN StorEdge c2 and Sun Storagetek C2 the same ?
»» Tree component action discardSubmittedValues problem

# 1

GUID is Globally Unique Identifier. In Active Directory, every object that is created is assigned a GUID which is never changed.

In a Directory, the distinguished name is the primary key for object identification. Distinguished Name is comprised of the identifier of the object (e.g. CN=foobar) followed by the containers the object resides inside in a bottom-up order (CN=Users,DC=acme,DC=com). The GUID in AD acts as more permanent identifier because objects can be relocated to other areas of the tree, which changes the DN of the object.

In practical terms, Active Directory will prevent IDM from creating objects with the same identifer in the same container OR the same GUID. Some ADSI functionality uses the GUID, which may be why IDM includes it in the ResourceInfo.

jsallee at 2007-7-7 2:20:48 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 2

the object guid is used by AD for so a user can be moved across domains. When a user changed domains their "SID" number is actually modified and their previous SID goes into the SID history attribute. The object guid remains the same.

In other words, the objectguid is immutable and will not change. ever.

In idm terms, the object guid allows IDM to find an account even if it is moved all around the AD.

Dana Reed

AegisUSA

Denver, CO

dana.reed@aegisusa.net

danareed at 2007-7-7 2:20:48 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

mapping of objectGUID

Web & Directory Servers New Topic

Web & Directory Servers Hot Topic

Web & Directory Servers

All Classified