Active Directory integration

Has anyone installed or is anyone currently using the Active Directory integration within OneWorld Xe or 8.9? I'm interested in the Windows enterprise server SCP object registration with AD. I've fooled around with it a bit but the Solution Explorer client doesn't seem to want to use it.

I have configured the [Active Directory] sections in my client JDE.INI and the server JDE.INI (yes, before registering the service using jdesnet -i). My NT admin tells me it's creating the object and when I reboot, the object changes from a "Running" status to a "Stopped" status. So, I know I've gone beyond the theoretical and in to the typical "it doesn't work the first time I do anything with JDE" scenario.

My goal is to use the UnifiedLogonSCP object as a poor-mans active failover. According to the Server and Workstation Administration guide for 8.9, it supports SecurityServer, UnifiedLogon, etc. Any help or knowledge you may have on the topic is appreciated.

I have not played with the functionality you are referring to. However, you can accomplish the same by adding backup security servers to the INI.

[SECURITY]
NumServers=3
SecurityServer=JDE1
SecurityServer2=JDE2
SecurityServer3=JDE3
DataSource=System - B7334
DefaultEnvironment=PD7334
Row Security = NO_DEFAULT

On the SQL platform, you can really have fun by using OSAuthentication (if you have web) or Unified Logon (if you have ONLY fat and terminal server). The following script will auto populate the JDE profile when a new user is created in the AD (only if less than 1000 user accounts in domain). You can write a similar script to handle the security record.

Declare @Counter as INT

SELECT @Counter=count(samaccountname)
FROM OPENQUERY( ADSI,
'SELECT samaccountname, distinguishedName
FROM ''LDAP://DC=yourdomain,DC=com'' WHERE objectCategory = ''person”')
WHERE (distinguishedName like '%OU=User Accounts%' or distinguishedName like '%CN=Users%') and substring(samaccountname, 1, 10) not in (select ULUSER from jde7334.sys7334.f0092)

IF @Counter>0
INSERT INTO jde7334.sys7334.f0092 (ULUSER, ULOUTQ, ULLlVL, ULlSEV, ULLMSG, ULAN8, ULMTVL, ULCMDE, ULUGRP, ULFSTP)
SELECT distinct substring(samaccountname, 1, 10), 'QPRINT', '4', '00', '*NOLIST', 0.0, 'Y', 'Y', 'DOWNLOAD', 'Y'
FROM OPENQUERY( ADSI,
'SELECT samaccountname, distinguishedName
FROM ''LDAP://DC=yourdomain,DC=com'' WHERE objectCategory = ''person'' and samaccountname <''P''')
WHERE (distinguishedName like '%OU=User Accounts%' or distinguishedName like '%CN=Users%') and substring(samaccountname, 1, 10) not in (select ULUSER from jde7334.sys7334.f0092)

Thanks for the reply.

The problem with the multiple security server option is the way the client handles the jdenet request. I've tested this and was disappointed in the results. It apparently checks to see if the server is on-line and then it will attempt to establish the connection using 6009, 6011 or whatever you have configured. If the server is up but the jdenet listener is down, you sit there waiting for the communication to fail as defined in your jdenet timeout. It won't failover to the next server in this instance. Seems like a bug to me.

Thanks for the script, but we are on Oracle for 98% of our OneWorld database needs. This includes system tables and Central Objects (unfortunately).

I placed a support call with PSFT. We'll see what they say.

Jeremy,

How do you setup the linked server to the AD box to be able to use the query you specified ? : SELECT @Counter=count(samaccountname)
FROM OPENQUERY( ADSI,
'SELECT samaccountname, distinguishedName
FROM ''LDAP://DC=yourdomain,DC=com'' WHERE objectCategory = ''person”')
WHERE (distinguishedName like '%OU=User Accounts%' or distinguishedName like '%CN=Users%') and substring(samaccountname, 1, 10) not in (select ULUSER from jde7334.sys7334.f0092)

Thanks,
Barry Knowles

The command is as follows:

EXEC sp_addlinkedserver 'ADSI', 'Active Directory Services 2.5',
'ADSDSOObject', 'adsdatasource'
GO

You can read more about this at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/distributed_query.asp