Prepare Active Directory for Groove Server Manager
Applies to: Groove Server 2010
Topic Last Modified: 2011-08-05
This article describes how to prepare an existing Active Directory forest for integration with Groove Server Manager. The process involves adding a schema extension to Active Directory. The extension applies a Groove Server Manager attribute to SharePoint Workspace users in a designated Active Directory forest. Groove Server Manager is optimized for integration with Active Directory. Although not required, integrating existing Active Directory infrastructure with Groove Server Manager results in a more efficient and scalable client management system. If you do not have access to an in-house Active Directory server or you choose not to integrate as recommended, you can set up a Groove Server Manager directory manually after you configure the system, as described in Install and configure SQL Server for Groove Server Manager and Install and configure IIS for Groove Server Manager.
In this article:
Before you begin
Add an Active Directory schema extension for SharePoint Workspace
Before you begin
Before performing the integration procedure, make sure of the following:
You have the Schema Administrator role with permissions to extend the Active Directory schema. For information about how to use Active Directory schemas, see the TechNet document, Guide to Active Directory Schema and display specifiers (http://go.microsoft.com/fwlink/p/?LinkId=164998).
You have Domain Administrator access and the schema master role for the Active Directory domain controller that will be integrated with Groove Server Manager. For information about how to transfer a schema master role, see the TechNet document, Transfer the Schema Master (http://go.microsoft.com/fwlink/p/?LinkId=164999).
.NET 3.5 is installed (included with Windows 2008) on any servers that will be used to run ADSync service or ADUCExtension.
Add an Groove Server Manager Active Directory schema extension with Active Directory
The following procedure creates a Groove Server Manager attribute for members of a designated Active Directory forest.
To add the Groove Server Manager schema extension to Active Directory
Identify the Active Directory forest that will be used for the SharePoint Workspace deployment.
Copy the ems\tools folder (and contents) from the Groove Server Manager installation media to the Active Directory Domain Controller (for example, to the \Tools\ADSchemaExtension folder).
On the Domain Controller, open a Windows command line with elevated permissions (right-click Command Prompt from the Start menu, select Run as administrator, navigate to the \Tools\ADSchemaExtension folder, and then enter ConfigureGrooveADShemaExtension.vbs. This script will generate the LDAP Data Interchange Format (LDIF) template file, GrooveADSchemaExtension.ldif. The ldif file contains the Groove Server Manager attribute to be applied to your Active Directory domain schema.
When a prompt appears that asks for a domain distinguished name (DN), use LDAP DN canonical syntax to enter the Active Directory forest root domain of your target SharePoint Workspace users. For example, to create a Groove Server Manager Active Directory schema extension .ldif file for the Contoso forest root domain, you would enter dc=contoso,dc=com. Specifying the forest root domain as an integration point is required because this applies the schema extension to the whole Active Directory forest.
Verify that the \Tools\ADSchemaExtension directory contains the file, GrooveADSchemaExtension.ldif, which contains the Groove Server Manager attribute for SharePoint Workspace users.
Do not modify this .ldif file. However, you may want to review the file for accuracy and save a backup copy of it before you run the subsequent batch file.
InstallGrooveADSchemaExtension.cmd. This batch file applies the Groove Server Manager attribute, MS-GRV-ManagerURI, to user objects in the Active Directory forest. A message appears indicating that user objects were successfully updated with the new attribute.
The attribute is added without a value. The value, which will be used to identify specified users to a specific Manager, will be added later. To view the new attribute for each member, use the Active Directory Service Interfaces (ADSI) Edit program, installed by default on Windows 2008 Domain Controllers.
When you are ready to trigger Active Directory integration with an installed Groove Server Manager, you can use the Active Directory Users and Computers (ADUC) tool to assign a value to the attribute applied by the recent schema extension. The value directs designated Active Directory domain members to a specific Groove Server Manager. You can add the ADUC extension now or later in the setup process. For information about the Groove Server Manager ADUC extension and comparable options for triggering integration, see Create a SharePoint Workspace user directory for Groove Server Manager.
The following table provides a summary of the files referenced in this procedure:
Groove Server Manager Active Directory schema extension files
|Schema Extension file||Description|
Generates the Groove Server Manager Active Directory schema extension LDIF file for a specified forest root.
LDAP Interchange Format (LDIF) template file for the Groove Server Manager Active Directory schema extension. This file is generated by the ConfigureGrooveADSchemaExtension.vbs script and contains the Groove Server Manager attribute MS-GRV-ManagerURI.
Installs the Groove Manager Active Directory schema extension LDIF file that is created by ConfigureGrooveADSchemaExtension.vbs. This batch file is executed by the Domain Controller schema administrator.