|Support provided by||Evolveum|
|Target systems||Microsoft Windows Server 2012R2|
|Notes||Only scripting operations are supported|
Specialized connector that provides PowerShell scripting capabilities.
Capabilities and Features
|Native attribute names||NO|
|Scripting||YES||Command execution and Powershell by using WinRM (WS-MAN)|
This connector was "separated" from Active Directory Connector (LDAP) version 2.4.
|Bundled with midPoint|
|1.0||Evolveum||3 Apr 2020||22.214.171.124||None|
|1.1||Evolveum||21 July 2020||126.96.36.199||None|
Option to disable certificate checks.
|1.1.1||Evolveum||6 August 2020||188.8.131.52||None|
Fixing disableCertificateChecks: allowing FQDN and CN mismatch.
Following versions of Windows servers are supported:
- Microsoft Windows Server 20012R2
Connector is supported only in Java 11 environment.
MS Exchange Interoperability
Technically, this connector can be used to provision Microsoft Exchange servers in a indirect way by using PowerShell scripts.
Firstly, the Exchange attributes are accessible in Active Directory when the Exchange software is installed. The Active Directory Connector (LDAP) is needed to manage those attributes.
Secondly, this connector can be used to execute powershell scripts remotely using the WinRM interface. This feature can be used to manage Exchange mailboxes and additional settings. Please see Powershell Support in AD/LDAP Connector page for more details.
However, support for MS Exchange is not included in standard support for this connector (see below).
This connector is fully supported (but it is not bundled with midPoint support, it has to be purchased separately). However, there are limitations:
- Only some Windows server versions are supported (see above)
- PowerShell scripting implemented in this connector is supposed to be used to supplement creation of Active Directory (windows) accounts by using simple scripts. It is not supposed to be used to manage Microsoft Exchange accounts. Management of Exchange accounts can be quite a complex matter, requiring complicated PowerShell scripts. You can use this connector to manage Exchange accounts if you want to. However, when it comes to the content of the scripts you are on your own. You are responsible for the content of the scripts that the connector executes. Therefore if the script does not do what you think it should be doing then you have to fix it. This is not covered by support contract. If the script is not executed at all because of a bug in the connector then it is part of the support contract. But we are not responsible for the content of the scripts, we do not provide any official guidance on how those scripts should look like and what they should do. There may be some examples or hints in the documentation. But those should be considered to be examples only. We do not guarantee that they work.
The connector itself is available under the terms of Apache License 2.0. We are not using any Microsoft library or any other component that might be subject to Microsoft licensing. To our best knowledge no extra license is needed to use the connector with Windows servers. However the Microsoft license texts are not entirely clear and we are not lawyers. Therefore it is recommended for each user to make his own analysis of the licensing issues. Please use your Microsoft support program and contact Microsoft with the licensing question when in doubt.