Printable Project Management Worksheet - DOC

Document Sample
Printable Project Management Worksheet - DOC Powered By Docstoc
					Design and Planning Sample Worksheets for
MIIS 2003
The Design and Planning Sample Worksheets for Microsoft Identity Integration Server (MIIS) 2003 will
assist you in your MIIS 2003 deployment. Each Design and Planning worksheet corresponds to a different
document within the MIIS 2003 Technical Library Design and Planning collection. Because the worksheets
require you to input data specific to your environment, read the Design and Planning collection to discover
what environment-specific information you need to include. See Design and Planning Worksheets for
MIIS 2003 for blank worksheets that are ready to use.

Table of Contents
  Initiating Your Project ....................................................................................................................2
     Worksheet 1 Vision Statement and Solution Objectives ..........................................................2
  Designing a System Dataflow Model for MIIS 2003 .....................................................................3
     Worksheet 2 Real-World Identity Objects ................................................................................3
     Worksheet 3 Connected Data Sources ......................................................................................4
     Worksheet 4 Object-Level Policies ..........................................................................................5
     Worksheet 5 Included Attributes ..............................................................................................7
     Worksheet 6 Outbound Attribute Flow ....................................................................................9
     Worksheet 7 Metaverse Object Design ..................................................................................10
  Planning the Metaverse for MIIS 2003 .........................................................................................11
     Worksheet 8 Metadirectory Object Policies ...........................................................................11
     Worksheet 9 Inbound Attribute Flow .....................................................................................13
     Worksheet 10 Metaverse Attribute Design .............................................................................14
  Planning Synchronization Rules for MIIS 2003 ...........................................................................15
     Worksheet 11 Connector Filter Rules .....................................................................................15
     Worksheet 12 Join Rules ........................................................................................................16
     Worksheet 13 Projection Rules...............................................................................................17
     Worksheet 14 Import Attribute Flow Rules ...........................................................................18
     Worksheet 15 Object Deletion Rules......................................................................................19
     Worksheet 16 Provisioning Rules...........................................................................................20
     Worksheet 17 Deprovisioning Rules ......................................................................................21
     Worksheet 18 Export Attribute Flow Rules ...........................................................................22
  Planning Your System Configuration for MIIS 2003 ...................................................................23
     Worksheet 19 Management Agent Configurations.................................................................23
     Worksheet 20 Metaverse Rules Configuration .......................................................................25
     Worksheet 21 Roles and Responsibilities Rights Assignments ..............................................26
     Worksheet 22 Security Configuration ....................................................................................27
     Worksheet 23 Server Configuration .......................................................................................28
     Worksheet 24 Data Handling ..................................................................................................29
     Worksheet 25 Synchronization Scheduling ............................................................................30
     Worksheet 26 Error Handling .................................................................................................31
     Worksheet 27 Retrieving Information with WMI ..................................................................32
     Worksheet 28 System Backup ................................................................................................33
Initiating Your Project

Worksheet 1 Vision Statement and Solution Objectives
     Read the Initiating Your Project document before completing this worksheet.
     Fill out one Vision Statement and Solution Objectives worksheet for your MIIS 2003 deployment.
                                                           Vision Statement and Solution Objectives
    Prepared By            Mike Danseglio                                     Date       March 19
    INSTRUCTIONS: Create a statement that includes your goals for this project, including your specific objectives for the solution. Include all possible objectives and do not
    try to prioritize them. Analyze each goal and objective for feasibility, product support, effect on connected data sources, and effect on network resources.
    Vision Statement
      By using Microsoft Identity Integration Server 2003, Fabrikam will achieve the following high-level solution:
          Combine all relevant staff member details from multiple sources.
          Remove the data conflicts by synchronizing key data across connected data sources.
          Formalize a workflow/dataflow model that minimizes administrative effort while enhancing security.
            Solution Objective                 Business Reason                                                Participating Data Sources
    The first goal of Fabrikam is to create     Streamline the
    an aggregated view of Fabrikam              dataflow model to
                                                                         Fabrikam uses the employee object from the HR system and related data from the other four
    employees from which all of the data        reduce
                                                                         connected directories to create a person object in the metaverse.
    sources in Fabrikam can be                  administration
    managed.                                    costs.
    When merging the common                     Synchronize
    employee data into the single, logical      employee contact
    view of the Microsoft Identity              information.
    Integration Server 2003 metaverse,
    Fabrikam maintains authority for
    object and attributes for business
    rules.
    In addition to maintaining attribute        Synchronize
    precedence, Fabrikam uses Microsoft         employee contact
    Identity Integration Server 2003 to         information.
    populate distribution lists (DLs) in the
    Active Directory data source from the
    group membership data in the
    Fabrikam.com domain namespace.
Designing a System Dataflow Model for MIIS 2003

Worksheet 2 Real-World Identity Objects
    Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
    Fill out one Real-World Identity Objects worksheet for each of your deployment scenarios.
                                                                    Real-World Identity Objects
    Prepared By                        Mike Danseglio                                             Date                 March 20
    Real-world identity type           Staff Member
    INSTRUCTIONS: Complete one data sheet for each real-world identity type in the solution. Include a row for each connected data source object. Do not include objects
    that are not part of your solution.
                                                      Provisioned       Join       Project
    Management Agent            Object Type              Y/N            Y/N         Y/N           Discovery Notes                           Other Notes
                                                                                                 During discovery we
    Fabrikam Active                                                                              join existing
                                User                Yes                 No         No
    Directory MA                                                                                 Employee objects
                                                                                                 from HR
    Fabrikam HR SQL MA          Employee            No                  Yes        Yes
                                                                                                 During discovery we
                                                                                                 join existing
    Telephone MA                PhonePerson         Yes                 No         No
                                                                                                 Employee objects
                                                                                                 from HR
    Lotus Notes MA              Person              Yes                 No         No
Designing a System Dataflow Model for MIIS 2003

Worksheet 3 Connected Data Sources
    Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
    Fill out one Connected Data Sources worksheet for each of your deployment scenarios.
                                                                       Connected Data Sources
    Prepared By                                              Mike Danseglio                                               Date       March 20
    Management Agent                                         Fabrikam HR SQL MA                 Type            Microsoft SQL 2000
    Connected Data Source                                    Fabrikam HR System
    Owner                                                    Mike Danseglio
    Contact (who can change)                                 Jamie Reding
    Backup and restore policy                                Backed up at midnight on MTWRF.
    Security Issues                                          None
    All connection and container details appropriate for
    this MA type
    INSTRUCTIONS: Complete one data sheet for each connected data source in the solution. Include a row for each object. Do not include objects that are not part of your
    solution. List all objects in the specified connected data source that represent any real-world objects.
     Name                   Unique ID                                                                     Notes and other policies
    Employee          EmployeeID                      A read-only view will be provided for this object
Designing a System Dataflow Model for MIIS 2003

Worksheet 4 Object-Level Policies
     Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
     Fill out one Object-Level Policies worksheet for each object type for each of your deployment scenarios.
                                                                            Object-Level Policies
    Prepared By                            Mike Danseglio                               Date         March 21
    Management Agent                       Fabrikam HR SQL MA
    Object                                 Employee
    INSTRUCTIONS: Complete one data sheet for each connected data source object in the solution. Include a row for each policy, and group each into New object policies
    and Delete objects policies. Do not include objects that are not part of your solution.
     Action                              Object-Level Policy                                                             Reason/Notes
    New            Filter out all objects where the LeftDate is earlier than 1 Jan
                                                                                        Don‟t need employees who left before Syban systems was implemented
    object         1980
                   Attempt to join new object with an existing Active Directory user
                   object by using the following rules:
                   Match the employeeID                                                 Occasionally, a staff member account is created in Active Directory before the HR
                   Match the FirstName, LastName and DepartmentName against             system or they might have been deleted from HR by accident
                   givenName,sn and department
                   If no match is resolved, continue with the next step
                   If the join failed:
                   For an object with EmployeeStatus = “active”, and
                   EmployeeType = “employee” provision into Active Directory,
                   Notes and Telephone MA.
                   For an “active” object of type “contractor”, provision into Active
                   Directory and Notes MA.
                   For an “active” object of type “admin-temp”, provision into Active
                   Directory and the telephone systems MA
                   For a “pending” object of type “summer-student”, provision
                                                                                        Fabrikam takes on a large number of students for summer work, these accounts
                   Active Directory with a disabled account and create a delayed
                                                                                        need to be created ahead of time so that the manual work of assigning them
                   action event to enable the Active Directory account on the
                                                                                        resources can be completed before they start
                   DueToStart date.
                   For objects with EmployeeStatus = “terminated” do not provision
                   any MAs
                                                                 Object-Level Policies
         If EmployeeStatus was “terminated”, delete the linked objects
Delete
         from all MAs - including any delayed action events that might
object
         have been queued
         If EmployeeStatus was “active”, disable Active Directory and          Occasionally an employee can be deleted by accident, we don‟t want to lose the
         Notes accounts and set the Telephone comment to “left”. Create        employee‟s Active Directory SID and Notes ID information immediately in case the
         a delayed action for a delete of all associated objects in 30 days.   employee record is re-instated.
Designing a System Dataflow Model for MIIS 2003

Worksheet 5 Included Attributes
    Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
    Fill out one Included Attributes worksheet for each of your deployment scenarios.
                                                                          Included Attributes
    Prepared By                           Mike Danseglio                                                                        Date         March 21
    Management Agent                      Telephone MA
    Connected Data Source Object          PhonePerson
    INSTRUCTIONS: Complete one data sheet for each object in the connected data source directory. List all appropriate attributes. Include a row for each attribute, and leave
    out those attributes that are not appropriate. For those attributes that are required to follow from the metadirectory to the connected data source, complete the Outbound
    Attribute section of the table.
                                 Inbound Attribute                                                                     Outbound Attribute
                                                                                       Requires           May be                              Quality and
                  Data     Multi-Values          Content             Outbound          Validation      Overwritten          Business          Precedence
    Name          Type         Y/N               Structure             Y/N                Y/N          with Null Y/N       Justification         Notes             Notes

                                             HR system unique
StaffID        String                                              Yes               No                No                                                      Is unique
                                             employee ID


FirstName      String                                              Yes               No                No                                    Often incorrect



LastName       String                                              Yes               No                No                                    Often incorrect

                                             <LastName>
FullName       String                        <comma>               Yes               No                No                                    Often incorrect
                                             <FirstName>
                                                                                                                                                               Blank or
                                                                                                                                                               contains “Has
StaffStatus    String                                              Yes               No                Yes                                                     left - please
                                                                                                                                                               transfer to
                                                                                                                                                               inactive”
                                                                                                                                                               Contains the
                                                                                                                                                               StaffID of this
Manager        String                                              Yes               No                Yes                                                     person‟s
                                                                                                                                                               manager, might
                                                                                                                                                               be empty
                   7 character
WorkTel   String                      No   Often Incorrect
                   telephone number

                                           High quality,
                   7 character
HomeTel   String                           should be the
                   telephone number
                                           primary source
Designing a System Dataflow Model for MIIS 2003

Worksheet 6 Outbound Attribute Flow
     Read the Designing a System Dataflow Model for MIIS 2003 document before completing this worksheet.
     Fill out one Outbound Attribute Flow worksheet for each of your deployment scenarios.

                                                                        Outbound Attribute Flow
    Prepared By                           Arlene Huff                    Date                                              March 22
    Management Agent                      Telephone MA
    Object                                PhonePerson                    Metaverse Object                                  Person
    INSTRUCTIONS: Complete one worksheet for each object in the solution. List all outbound attributes (use another sheet if necessary) and include a row for each attribute.
    Do not include attributes that are not part of your solution. Fill out one worksheet for each connected data source. Map each metaverse attribute to a data source attribute
    in the outbound attribute flow.

                                                 Connected Data Source Attribute                                                                 Metaverse Attribute

                                                                                                                   May be                                    Considerations or
                                                        Validation Failure
              Name                  Validation                                       Transformation             Overwritten              Name(s)
                                                             Action                                                                                          Policies Needed
                                                                                                                With Null Y/N
    StaffID                                                                                                    No                   employeeID
    LastName                                                                                                   No                   Sn
    FirstName                                                                                                  No                   givenName
                                                                                                                                    givenName
    FullName                                                                    givenName <space> sn           No
                                                                                                                                    sn
    StaffStatus                                                                                                No
Designing a System Dataflow Model for MIIS 2003

Worksheet 7 Metaverse Object Design
    Read the Designing a System Dataflow Model for MIIS 2003 documents before completing this worksheet.
    Fill out one Metaverse Object Design worksheet for each of your deployment scenarios.
                                                                       Metaverse Object Design
    Prepared By                        Arlene Huff                                                                                               Date       March 21
    Object                             StaffMember (Note: This example illustrates the creation of a new Metaverse StaffMember object for this scenario)
    INSTRUCTIONS: Complete one data sheet for each object type in the metaverse. Include one row for each attribute to be included in this object.
                            Metaverse Attribute                                                        Connected Data Source for Inbound Values
                                                                                                                                   Precedence
                                                                                                                                                           Considerations
                                                                               Management                                    When Can This Attribute
         Name               Content Structure             Joined Y/N                                        Object                                                or
                                                                                 Agent                                      Not Replace the Metaverse
                                                                                                                                                           Policies Needed
                                                                                                                                     Attribute
    Sn               Employee‟s lastname                 Yes                 Fabrikam AD MA          User                    When last supplied by HR
                                                                             Fabrikam SQL HR
                                                                                                     Employee
                                                                             MA
    givenName        Employee‟s first name               Yes                 Fabrikam AD MA          User                    When last supplied by HR
                                                                             Fabrikam SQL HR
                                                                                                     Employee
                                                                             MA
                     <firstname><dot><lastname>
    Mail                                                 No                  Fabrikam AD MA          User
                     @fabrikam.com
                                                                             Fabrikam SQL HR                                 When last supplied by
                                                                                                     Employee
                                                                             MA                                              Active Directory
                     PhonePerson‟s mobile                                                                                    When last supplied by
    Mobile                                               No                  Telephone MA            TelephonePerson
                     telephone number                                                                                        Active Directory
                                                                                                                             When last supplied by
                                                                             Fabrikam AD MA          User
                                                                                                                             Telephone
                     String
                                                                             Fabrikam SQL HR
    displayName      <firstname> <space>                 No                                          Employee
                                                                             MA
                     <lastname>
                                                                             Fabrikam AD MA          User                    When last supplied by HR
                     String
    EmployeeID       Unique HR employee ID               Yes                 Fabrikam AD MA          User                    When last supplied by HR
                     XX9999999
                     Reference to another person                             Fabrikam SQL HR
    Manager                                                                                          Employee
                     object                                                  MA
Planning the Metaverse for MIIS 2003

Worksheet 8 Metadirectory Object Policies
    Read the Planning the Metaverse for MIIS 2003 document before completing this worksheet.
    Fill out one Metadirectory Object Policies worksheet for each of your deployment scenarios.
                                                                   Metadirectory Object Policies
    Prepared By                    Arlene Huff                                                                   Date                       March 22
    Metaverse Object               Person                                                                        Real-World Name            Staff Member
    MV Deletion Rule               When all connected objects are disconnected
    INSTRUCTIONS: Complete one data sheet for each real-world identity; include a row for each connected data source object rule. List rule type and rule details for
    synchronization.
    Object deletion policy: Objects are deleted from the metaverse when deprovisioned from the HR system.
    Management Agent              Object           Rule Type                                      Rule Details                                         Notes
    Fabrikam HR SQL                                                                                                                     Staff who left before this date should
                              Employee             Filter            LeftDate<‟1990/01/01‟
    MA                                                                                                                                  not be included
                                                   Join              When EmployeeID=EmployeeID
                                                   Project           If the join fails, project
                                                   Deprovision       Make a disconnector
                                                                     When EmployeeStatus= “active” and EmployeeType =
    Telephone MA              PhonePerson          Provision
                                                                     “employee” or “admin-temp”
                                                   Deprovision       Delete from Telephone list
    Lotus Notes MA            Person               Join              Very complex, see the “Joining from Notes” section
                                                                     When EmployeeStatus= “active” employees where
                                                   Project
                                                                     EmployeeType = “employee”, “contractor” or “admin-temp”
                                                                     When EmployeeStatus= “active” and EmployeeType =
                                                   Provision
                                                                     “employee”, “contractor” or “admin-temp”
                                                   Deprovision       See “Deprovisioning Notes” section                                 Custom rule required
    Fabrikam Active                                                                                                                     Admin accounts should not be
                              User                 Filter            samAccountName starts with „admin‟
    Directory MA                                                                                                                        included
                                                   Join              When EmployeeID=EmployeeID
              When EmployeeStatus= “active” and EmployeeType =
              “employee”, “contractor” or “admin-temp”
Project       or
              When EmployeeStatus= “pending” and EmployeeType =
              “summer-student”
              When EmployeeStatus= “active” and EmployeeType =
              “employee”, or “contractor” or “admin-temp”
Provision     or
              When EmployeeStatus= “pending” and EmployeeType =
              “summer-student”
Deprovision   Delete from Active Directory
Planning the Metaverse for MIIS 2003

Worksheet 9 Inbound Attribute Flow
     Read the Planning the Metaverse for MIIS 2003 documents before completing this worksheet.
     Fill out one Inbound Attribute Flow worksheet for each of your deployment scenarios.

                                                                          Inbound Attribute Flow
    Prepared By                Arlene Huff            Date                                           March 22
    Management Agent           Fabrikam HR SQL MA
    Connected Data
                               Employee               Metaverse Object                               Person
    Source Object
    INSTRUCTIONS: Complete one data sheet for each object in the solution. List all inbound attributes (use another sheet if necessary) and include a row for each attribute.
    Do not include attributes that are not part of your solution. Complete one worksheet for each object in each connected data source.

                                             Connected Data Source Attribute                                                             Metaverse Attribute

                                                             Validation                                Manual
    Names(s)                  Validation                      Failure          Transformation        Precedence               Name                          Notes
                                                              Action                                     Y/N

                   Must not contain any of the
                                                         Do not flow
                   following characters: non-
                                                         the attribute
    FirstName      printable, punctuation                                                                              givenName
                                                         or provision
                   symbols, quotation marks. It is
                                                         a new object
                   limited to twenty bytes.
                   Must not contain any of the
                                                         Do not flow
                   following characters: non-
                                                         the attribute
    LastName       printable, punctuation                                                                              Sn
                                                         or provision
                   symbols, quotation marks. It is
                                                         a new object
                   limited to twenty bytes.
    FirstName                                                              firstName <space>
                                                                                                                       displayName
    LastName                                                               LastName
                                                                                                                                                Total string length must not
                                                                           First letter of
                                                                                                                                                exceed 20 characters, must be
                                                                           FirstName plus                              samAccountName
                                                                                                                                                unique in the Active Directory
                                                                           LastName
                                                                                                                                                MA
                                                                                                                                                If Email=”create”, then create
    Email          No                                    Yes                                                           <various>
                                                                                                                                                an email box for the user
                                                                           If present replace
    HomeTel        No                                    No                international dial code                     homePhone
                                                                           (00, 010) with +
Planning the Metaverse for MIIS 2003

Worksheet 10 Metaverse Attribute Design
    Read the Planning the Metaverse for MIIS 2003 document before completing this worksheet.
    Fill out one Metaverse Attribute Design worksheet for your MIIS 2003 deployment.
                                                                 Metaverse Attribute Design
    Prepared By        Arlene Huff                Date        March 23
    INSTRUCTIONS: Complete one worksheet for the whole metaverse. Include one row for each attribute that you require.
                                                                           Metaverse Attribute
                                            Indexable     Multi-Values
           Name            Data Type                                                                                Indexed
                                               Y/N            Y/N
    Sn                     String           Yes
    givenName              String           Yes
    Mail                   String           Yes
    Mobile                 String           Yes
    displayName            String           Yes
    Manager                Reference        No
    Member                 Reference        No             Yes
Planning Synchronization Rules for MIIS 2003

Worksheet 11 Connector Filter Rules
       Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
       Fill out one Connector Filter Rules worksheet for each of your deployment scenarios.
                                                                          Connector Filter Rules
    Prepared By                   Alan Brewer                                                                                Date                                  March 23
    Management Agent              Fabrikam HR SQL MA
    INSTRUCTIONS: List all conditions of each connector filter rule in their order of precedence. Include specifics for rules extensions if using error handling. Fill out one
    worksheet for each management agent.
    Filter # (Precedence)                       Attribute                                    Operator                                                Value
    1                               employeeStatus                        Equals                                                 “Active”
                                    branchID                              Ends with                                              “SEA”
    2                               hireDate                              Contains                                               2002
Planning Synchronization Rules for MIIS 2003

Worksheet 12 Join Rules
       Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
       Fill out one Join Rules worksheet for each of your deployment scenarios.
                                                                                   Join Rules
    Prepared By                Alan Brewer                                                                     Date                              March 24
    Management Agent           Fabrikam HR SQL MA
    INSTRUCTIONS: List all conditions of each join rule in their order of precedence. Include specifics for rules extensions if using error handling. Fill out one worksheet for
    each management agent.
           Rule #                                                               Metaverse Object               Metaverse                                   Resolution Script
                             Source Attribute           Mapping Type                                                              Resolution Script
        (Precedence)                                                                 Type                       Attribute                                 Description/Location
    1                        employeeID                Direct                   “Active”                  employeeID               Yes
                             givenName                 Direct                   Person                    givenName                No
    2                        Sn                        Rules Extension          2002                      Sn                       Yes
    Rules Extension                                                                             Description
    Rules Extension for
                             Concentrate the Sn and givenName if successful resolution found
    #2
Planning Synchronization Rules for MIIS 2003

Worksheet 13 Projection Rules
     Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
     Fill out one Projection Rules worksheet for each of your deployment scenarios.
                                                                            Projection Rules
    Prepared By               Alan Brewer                                                                  Date                                March 24
    Management Agent          Fabrikam HR SQL MA
    INSTRUCTIONS: List all conditions of each projection rule. Include specifics for rules extension if using error handling. Fill out one worksheet for each management
    agent.
                     Source Object Type                         Metaverse Object Type or Rules Extension                         Description of Rules Extension
    Employee                                                  Person
    Employee                                                  Rules Extension                                           If from Forest A, then map to contact object type.
                  Other Rules Extension                         Metaverse Object Type or Rules Extension                          Description of Rules Extension
    Error Handling                                            Rules Extension                                           If projection fails, do…
Planning Synchronization Rules for MIIS 2003

Worksheet 14 Import Attribute Flow Rules
     Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
     Fill out one Import Attribute Rules worksheet for each of your deployment scenarios.
                                                                    Import Attribute Flow Rules
    Prepared By                Alan Brewer                                                                  Date                               March 24
    Management Agent           Fabrikam HR SQL MA
    INSTRUCTIONS: List the important attribute flow rules for each object in each management agent. Include specifics for rules extensions if using error handling. Fill out
    one worksheet for each management agent.
          CD Attribute              Mapping Type             Mapping Type Details           Destination Object           Destination Attribute              Precedence
    employeeID                   Direct                       N/A                          Employee                      UID                          2
    firstName, lastName          Rules extension              Combine names                Employee                      fullName                     1
    N/A                          Constant                     ABC Corp                     Employee                      OU                           N/A
    DN                           Distinguished name           Map only component 1         Employee                      username                     1
                                                                             Other Rules Extensions
    Error Handling
Planning Synchronization Rules for MIIS 2003

Worksheet 15 Object Deletion Rules
     Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
     Fill out one Object Deletion Rules worksheet for each of your deployment scenarios.
                                                                         Object Deletion Rules
    Prepared By                Alan Brewer                                                                   Date                                March 25
    Management Agent           Fabrikam HR SQL MA
    INSTRUCTIONS: List the object deletion rule for each object that requires one. Include specifics for rules extension if using error handling. Fill out one worksheet for
    each management agent.
                                                                    When to Delete Metaverse Object

            Metaverse Object Type                 Last Connector is           When Connector                                                  Details/Description
                                                    Disconnected              from this MA is            Rules Extension
                                                      (Default)                Disconnected
                                                                                                                                   If attribute department = Sales, then delete
    Person                                                                                              X
                                                                                                                                   object
    Group                                                                     Fabrikam AD MA
                                                     Other Rules Extensions                                                                     Details/Description
    Error Handling                                                                                                               If object deletion fails, do…
Planning Synchronization Rules for MIIS 2003

Worksheet 16 Provisioning Rules
    Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
    Fill out one Provisioning Rules worksheet for each of your deployment scenarios.
                                                                         Provisioning Rules
    Prepared By               Alan Brewer                                                                Date                               March 25
    Management Agent          Fabrikam HR SQL MA
    INSTRUCTIONS: List each scenario that needs to be covered by the provisioning rules extension. Include specifics for error handling scenarios.
                                      Scenario                                                                                Action
    Create a new connector space object                                                  If status = “active,” then create a new account. Set initial password to username
    Move connector space object                                                          If status = “disabled,” move object to HoldOU
    Delete a connector space object                                                      If status = “terminated,” disconnect from connector space
Planning Synchronization Rules for MIIS 2003

Worksheet 17 Deprovisioning Rules
    Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
    Fill out one Deprovisioning Rules worksheet for each or your deployment scenarios.
                                                                     Deprovisioning Rules
    Prepared By              Alan Brewer                                                              Date                              March 26
    INSTRUCTIONS: For each management agent, list the action to be taken when a connector space object is deleted from the metaverse or is disconnected by the
    provisioning rule. Include specifics for rules extensions if using error handling.
                                                             Make an Explicit          Stage the Object for              Rules                     Enable Attribute
    Management Agent           Make a Disconnector
                                                              Disconnector                  Deletion                Extension/Details                  Recall
    Fabrikam HR SQL MA                                                                 X                          N/A                         Yes
    Fabrikam Active                                                                                               Set status = disabled,
                                                                                                                                              No
    Directory MA                                                                                                  move object to HoldOU
Planning Synchronization Rules for MIIS 2003

Worksheet 18 Export Attribute Flow Rules
     Read Planning Synchronization Rules for MIIS 2003 before completing this worksheet.
     Fill out one Export Attribute Flow Rules worksheet for each of your deployment scenarios.
                                                                     Export Attribute Flow Rules
    Prepared By                Arlene Huff                                                                   Date                                March 27
    Management Agent           Fabrikam HR SQL MA
    INSTRUCTIONS: List the export attribute flow rules for each object in the metaverse that will flow attributes out to a connector space. Include specifics for rules
    extensions if using error handling. Fill out one worksheet for each management agent.
    Metaverse Attribute              Mapping Type             Mapping Type Details            Destination Object                         Destination Attribute
    employeeID                   Direct                        N/A                           Employee                      UID
    firstName, lastName          Rules Extension               Combine names                 Employee                      fullName
    N/A                          Constant                      ABC Corp                      Employee                      company
Planning Your System Configuration for MIIS 2003

Worksheet 19 Management Agent Configurations
     Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
     Fill out one Management Agent Configurations worksheet for each of your deployment scenarios.
                                                              Management Agent Configuration
    Prepared By               Arlene Huff                   Date                                    March 27
    Management Agent          Fabrikam HR SQL MA
    MA Type                   Attribute Value pair          Connected Data Source                   Fabrikam_Server_1b
    INSTRUCTIONS: Complete one data sheet for each management agent. List all configuration options for each management agent.
                                                                            Configuration Options
                           Name                                                                         Configuration
    Connector filter rules                           None
    Anchor attributes                                EmployeeID
    Object types                                     Employee
                                                     EmployeeID
                                                     Branch
    Attributes to import                             givenName
                                                     employeeStatus
                                                     …
    Partitions                                       Use default for Person object
    Join and projection                              Source:person -> Metaverse:person
                                                     Source:employeeID -> Metaverse:employeeID
    Attribute flow                                   Source:givenName -> metaverse:givenName
                                                     Source:samAccountName -> metaverse:UID
                                                     Make them disconnectors
    Deprovisioning rule
                                                     Recall objects = checked
                                                     Rules extension = FabrikamHR.dll
    Configure Rules extension
                                                     Run in separate process = checked
    Options specific to your management agent.
                                                    Run Profiles
                Name                                               Configuration
                       Step type: Full Import (Stage only)
Full Import
                       Input file name: Input_file.txt
                       Step type: Delta Sync
Apply pending
                       Number of objects: 100
                       Step type: Delta Import (Stage only)
Delta import
                       Input file name: Delta_input.txt
Planning Your System Configuration for MIIS 2003

Worksheet 20 Metaverse Rules Configuration
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one Metaverse Rules Configuration worksheet for each of your deployment scenarios.
                                                                Metaverse Rules Configuration
    Prepared By                        Arlene Huff                                                Date                 March 28
    INSTRUCTIONS: List configuration information for the metaverse that is specific to your provisioning scheme.
      Object                Object Deletion Rule                         Attribute Precedence                                          Provisioning
                                                                employeeStatus = Fabrikam HR SQL
                     Delete metaverse object when last          management agent                                   Rules extension = Fabrikam_provisioning.dll
    Person
                     connector is disconnected                  Manager = Fabrikam HR SQL management               Run rules extension in separate process = checked
                                                                agent
Planning Your System Configuration for MIIS 2003

Worksheet 21 Roles and Responsibilities Rights Assignments
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one Roles and Responsibilities Rights Assignments worksheet for each or your deployment scenarios.
                                               Roles and Responsibilities Rights Assignments
    Prepared By       Arlene Huff            Date         March 28
INSTRUCTIONS: List rights assignments for users and groups.
              Task/Responsibility                             Group                               Additional Rights Assignment
    Create Management Agents                     MIISAdmins                   N/A
    Backup Operator                              MIISOperators                Read/Browse rights to \MAData folder
Planning Your System Configuration for MIIS 2003

Worksheet 22 Security Configuration
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one Security Configuration worksheet for each of your deployment scenarios.
                                                                   Security Configuration
    Prepared By        Arlene Huff              Date         March 28
    INSTRUCTIONS: Determine authentication, data source, and database security for each connected data source.
                   Data Source                            Data source Security                   Authentication Security       Database Security
    HR SQL MA                                       No automated scripts                                                   Locate SQL on different server
                                                    Service account needs permission
    Lotus Notes MA                                  to write to the Lotus Notes client
                                                    installation folder
    Telephone MA                                                                           N/A
    Fabrikam Active Directory MA                                                           Enable SSL
Planning Your System Configuration for MIIS 2003

Worksheet 23 Server Configuration
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one Server Configuration worksheet for each of your deployment scenarios.
                                                                    Server Configuration
    Prepared By        Arlene Huff               Date        March 29
    INSTRUCTIONS: List each server‟s configuration in the MIIS 2003 deployment.
           MIIS 2003 Primary Server                MIIS 2003 Warm Standby Server                      MIIS 2003 Database Server
                                                                                   Server name: Fabrikam_SQL_server
    Server name: Fabriakam_server1a                                                Configuration:
    Service account name: MIIS_service_account       Fabriakam_backup_server1a        Allow access from network
       Account type: domain                                                           Use the default instance
Planning Your System Configuration for MIIS 2003

Worksheet 24 Data Handling
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one Data Handling worksheet for each of your deployment scenarios.
                                                                            Data Handling
    Prepared By        Arlene Huff                Date         March 30
    INSTRUCTIONS: Determine data handling for each connected data source. Include the methods by which you plan to evaluate data for reliability and how you will
    handle invalid data problems.
                                                         Access to Connected Data                                                          Handling Problems with
             Connected Data Source                                                            Evaluating the Data for Reliability
                                                          Sources for Deployment                                                                Invalid Data
                                                                                             Verify these attributes are present:
                                                      Browse rights on folder
    HR SQL MA                                                                                   empoyeeID                                Log failures in HR_Log.xml
                                                      c:\SyncFolder

                                                      Users that either create or run the
    Lotus Notes MA                                    management agent must have             Verify address book entry on export         N/A
                                                      permissions for the Notes.ini file.
                                                      Browse rights on folder
    Telephone MA                                                                             N/A                                         N/A
                                                      c:\SyncFolder
                                                      Need rights to modify objects in the   Verify these attributes are present:
    Fabrikam Active Directory MA                                                                                                         Log failures in HR_Log.xml
                                                      SyncUsers container.                     cn
Planning Your System Configuration for MIIS 2003

Worksheet 25 Synchronization Scheduling
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one Synchronization Scheduling worksheet for each of your deployment scenarios.
                                                                 Synchronization Scheduling
    Prepared By        Alan Brewer               Date         March 31
    INSTRUCTIONS: Consider network bandwidth, system backup, the frequency of data modifications, data clean up, and whether to synchronize your data in stages. List
    synchronization information for each management agent.
                                                     Notes: (Size of Data, Volatility of
               Management Agent                                                                                      Time to Synchronize
                                                                  Data)
                                                     No limit on objects, moderate
    HR SQL MA                                                                                1:00 AM Daily
                                                     modification level
    Lotus Notes MA                                   Delta                                   1:00 AM Daily
    Telephone MA                                     Full                                    12:00 AM Sunday
    Fabrikam Active Directory MA                     Delta                                   2:00 AM
Planning Your System Configuration for MIIS 2003

Worksheet 26 Error Handling
     Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
     Fill out one Error Handling worksheet for your MIIS 2003 deployment.
                                                                           Error Handling
    Prepared By                      Alan Brewer                                                                         Date                           March 31
    INSTRUCTIONS: List the notification methods you will use to handle system and synchronization errors and exceptions that occur during normal MIIS 2003 processing.
                                                                                                                                              Microsoft Operations
           Exceptions                           Log Entries                   Logging.dll                     E-mail Notification
                                                                                                                                                 Manager 2000
                                                                                                                                             Track
                                                                                                                                                Management agent
    If object already exists, join
                                                                                                        Email Admin in case of service       errors
    rules will join the existing       Log only critical errors      N/A
                                                                                                        stop or server crash
    object later'
                                                                                                                                             Authentication/connection
                                                                                                                                             errors
Planning Your System Configuration for MIIS 2003

Worksheet 27 Retrieving Information with WMI
     Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
     Fill out one Retrieving Information with WMI worksheet for your MIIS 2003 deployment.
                                                             Retrieving Information with WMI
    Prepared By                  Alan Brewer                                                                           Date   April 1
    INSTRUCTIONS: Complete for any WMI tasks.
                          Task                                                                                 Notes
    Verify data on all imported connector space objects   Check for valid employeeID and CN attributes.
    Archive management agent run histories                Retrieve all run histories once a day at 10:00 PM.
Planning Your System Configuration for MIIS 2003

Worksheet 28 System Backup
    Read Planning Your System Configuration for MIIS 2003 before completing this worksheet.
    Fill out one System Backup worksheet for your MIIS 2003 deployment.
                                                                          System Backup
    Prepared By                 Alan Brewer                                                                               Date                          April 1
    INSTRUCTIONS: Complete for backup of the MIIS 2003 encryption key, the SQL server database, all log files or file-based management agent import and export files,
    and the Local Security Accounts Manager (SAM) database on any stand-alone servers.
     Items and Folders to         Included in system backup
                                                                                                                  Notes
           Backup                             Y/N
    MIIS 2003 Encryption
                                  No                                 Backup weekly, and whenever keys change
    Keys
    MIIS 2003 SQL Database        Yes                                Nightly incremental, weekly full backup

				
DOCUMENT INFO
Description: Printable Project Management Worksheet document sample