CyberNerd...how many users have you got with Google and Postini?
Are you using GAD Sync and Postini Sync?
In GADS, we have sAMAccountName for the email, and ticked the box that says "Replace domain names in LDAP email attributes with this domain name"....so it has jbloggs and adds @COMpany.com.
But Postini Sync does not have this option, and just tries to push the sAMAccountName without the domain to Postini, and fails.
Know any other way?
How is yours set up?
Yes we use Google Active Directory Sync.
We use the AD mail attribute for email, as we already populated this attribute with email addresses (we the attribute for other things such as moodle)
this is the script we use to populate the email attribute
Set objParent = GetObject("LDAP://ou=year xx,DC=college,DC=internal")
objparent.Filter = Array("user")
for each objUser in objParent
'Wscript.Echo "Modifying " & objUser.Get("sAMAccountName")
objUser.put "mail", objUser.Get("sAMAccountName") & "@mydomain.com"
Wscript.Echo "Done ;)"
Thanks CyberNerd. I might need to modify that to just update students accounts.
Also come across Introduction to ADModify.net
So who's excited about windows 8 allowing you to login with your live ID?
I'm still trying to get my head around the implications of this.
Could I have all students bypass active directory?
Signing in to Windows 8 with a Windows Live ID - Building Windows 8 - Site Home - MSDN Blogs
Only a very few settings roam with LiveID sign-in. It's not a replacement for AD unless you have no roaming profiles, no redirection, and are happy with per-machine GPOs only and your Internet connection being destroyed by everyone's files being cloud-stored.
and also the liveID is the entire email address..
so having to type firstname.lastname@example.org every time you want to log into a machine will be a PITA
If Microsoft have a bit of sense with this they'll make a GPO that allows you to add a list of commonly used domains to the end of the logon box.
Originally Posted by RabbieBurns
Thay way you'd only have to type the username and select @school.ac.uk from a dropdown (or as a default option if you don't need @hotmail.co.uk or @live.co.uk in there as well)
With our change to live@edu we shortened our domain to email@example.com which was a huge improvement over the old long address.
They already have to type it in for email so im guessing doing it once on login will actually be easier.
I can see a situation where students just login with their liveID and access outlook.com(for email), skydrive(for documents) without the need for our servers at all :)
I think it would be better to somehow integrate the liveID into AD or something, so that when they login with their normal domain credentials to AD, it then automatically logs them in to Live. So when they go to skydrive, outlook.com etc, they are already automatically signed in.
I think this is actually coming with the new office365 to be honest, something to do with ADFS etc and becoming federated between the 2.
This is seperate from the idea of the concept of shared settings across multiple PCs, which I think is a great idea for home use, but cant see it being useful in a domain environment.
This is how the google authentication works. SSO to active directory (without FQDN) then OpenID allows users to sign-in to 3rd party websites using their school account, without giving away their credentials.
Originally Posted by RabbieBurns
I looked quite thoroughly into Google Vs Live before we implemented google apps - google won in terms of functionality by a clear mile. I'm quite amazed at how many people are blindly following MS though.
Yes we assumed they would get single sign on working easily :)
Originally Posted by CyberNerd
Hopefully windows 8 will have that but lets see.
That just cover documents and local applications though, not the myriad of server-based applications we all have.
Originally Posted by zag
The vast majority of ours are web based now. Sharepoint is the obvious local one at the moment, Sims is another(more for teachers). Our library system which is web based as are all our ICT support and room booking systems are web based and have been for a while. I'm trying to think of anything I have missed.
Originally Posted by enjay
Basically I'm loving the cloud future but its a total step change for us network admins!! :)
Live@EDU is very highly configurable with powershell and as mentioned it is possible to do email tracking etc and even found it possible to get a snapshot of a users email account at a certan date/time.
I've not had any experience of google mail and how to configure it suitable for use in a school environment, control, restrictions etc.
Configuration of users is fairly straightforward, and from what I've seen of PowerShell, a lot easier. The biggest downside I've found in Google Mail is that I have no view into people's mailboxes (other than a slight cludge which involves changing their password, logging in and then waiting for the AD Synchronisation to reset their password again).