Skip to content

Setting up the lab environment

Jump to bottom
Ryan Newington edited this page Sep 4, 2025 · 8 revisions

Setting up the Lab Environment

This guide provides step-by-step instructions for creating and configuring the ACMA demonstration environment. Follow these steps to establish a fully functional lab with sample data.

Step 1: Database Creation and Schema Configuration

Execute the following PowerShell script to create the database and configure the complete schema. Adjust the ServerName parameter to match your SQL Server instance.

# Load ACMA PowerShell module
Import-Module AcmaPS

# Create database and establish connection
New-AcmaDatabase -ServerName localhost -DatabaseName AcmaDemo
Connect-AcmaEngine -ServerName localhost -DatabaseName AcmaDemo

try {
    # ============================================
    # SCHEMA ATTRIBUTES CONFIGURATION
    # ============================================
    
    # Person identity attributes
    Add-AcmaSchemaAttribute -Name firstName -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name middleName -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name sn -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name employeeNumber -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name displayName -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    
    # Contact attributes
    Add-AcmaSchemaAttribute -Name mail -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name accountName -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name homeFolderPath -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    
    # System attributes
    Add-AcmaSchemaAttribute -Name unixUid -Type Integer -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name hasAdminAccount -Type Boolean -IsMultivalued $false -Operation ImportExport
    
    # Reference attributes
    Add-AcmaSchemaAttribute -Name orgUnit -Type Reference -IsIndexed $true -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name adminAccount -Type Reference -IsMultivalued $false -Operation ImportOnly
    Add-AcmaSchemaAttribute -Name manager -Type Reference -IsMultivalued $false -Operation ImportExport
    Add-AcmaSchemaAttribute -Name directReports -Type Reference -IsMultivalued $true -Operation ImportExport
    
    # Derived attributes
    Add-AcmaSchemaAttribute -Name orgUnitName -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    
    # Organizational unit attributes
    Add-AcmaSchemaAttribute -Name ouNumber -Type String -IsIndexed $false -IsMultivalued $false -Operation ImportExport
    
    # ============================================
    # OBJECT CLASSES CONFIGURATION
    # ============================================
    
    Add-AcmaSchemaObjectClass -Name orgUnit -IsUndeletable $false
    Add-AcmaSchemaObjectClass -Name person -IsUndeletable $true
    Add-AcmaSchemaObjectClass -Name shadowAdminAccount -IsUndeletable $false -ShadowFrom person
    
    # ============================================
    # ATTRIBUTE BINDINGS - ORGANIZATIONAL UNITS
    # ============================================
    
    Add-AcmaSchemaBinding -Attribute ouNumber -ObjectClass orgUnit
    Add-AcmaSchemaBinding -Attribute displayName -ObjectClass orgUnit
    
    # ============================================
    # ATTRIBUTE BINDINGS - PERSON OBJECTS
    # ============================================
    
    # Identity bindings
    Add-AcmaSchemaBinding -Attribute firstName -ObjectClass person
    Add-AcmaSchemaBinding -Attribute sn -ObjectClass person
    Add-AcmaSchemaBinding -Attribute middleName -ObjectClass person
    Add-AcmaSchemaBinding -Attribute employeeNumber -ObjectClass person
    Add-AcmaSchemaBinding -Attribute displayName -ObjectClass person
    
    # Contact bindings
    Add-AcmaSchemaBinding -Attribute mail -ObjectClass person
    Add-AcmaSchemaBinding -Attribute accountName -ObjectClass person
    Add-AcmaSchemaBinding -Attribute homeFolderPath -ObjectClass person
    
    # System bindings
    Add-AcmaSchemaBinding -Attribute unixUid -ObjectClass person
    Add-AcmaSchemaBinding -Attribute hasAdminAccount -ObjectClass person
    Add-AcmaSchemaBinding -Attribute adminAccount -ObjectClass person
    
    # Reference bindings
    Add-AcmaSchemaBinding -Attribute orgUnit -ObjectClass person
    Add-AcmaSchemaBinding -Attribute manager -ObjectClass person
    Add-AcmaSchemaBinding -Attribute directReports -ObjectClass person
    
    # Inheritance binding (orgUnitName inherits from referenced orgUnit's displayName)
    Add-AcmaSchemaBinding -Attribute orgUnitName -ObjectClass person -InheritanceSourceAttribute displayName -InheritanceSourceClass orgUnit -InheritanceSourceReference orgUnit
    
    # ============================================
    # REFERENCE BACK-LINKS
    # ============================================
    
    # Automatically populate directReports when manager references are created
    Add-AcmaSchemaReferenceBackLink -SourceObjectClass person -SourceAttribute manager -TargetObjectClass person -TargetAttribute directReports
    
    # ============================================
    # ATTRIBUTE BINDINGS - SHADOW ADMIN ACCOUNTS
    # ============================================
    
    # Direct bindings
    Add-AcmaSchemaBinding -Attribute accountName -ObjectClass shadowAdminAccount
    Add-AcmaSchemaBinding -Attribute mail -ObjectClass shadowAdminAccount
    Add-AcmaSchemaBinding -Attribute displayName -ObjectClass shadowAdminAccount
    
    # Inherited bindings from parent person object
    Add-AcmaSchemaBinding -Attribute firstName -ObjectClass shadowAdminAccount -InheritanceSourceAttribute firstName -InheritanceSourceClass person -InheritanceSourceReference shadowParent
    Add-AcmaSchemaBinding -Attribute middleName -ObjectClass shadowAdminAccount -InheritanceSourceAttribute middleName -InheritanceSourceClass person -InheritanceSourceReference shadowParent
    Add-AcmaSchemaBinding -Attribute sn -ObjectClass shadowAdminAccount -InheritanceSourceAttribute sn -InheritanceSourceClass person -InheritanceSourceReference shadowParent
    Add-AcmaSchemaBinding -Attribute employeeNumber -ObjectClass shadowAdminAccount -InheritanceSourceAttribute employeeNumber -InheritanceSourceClass person -InheritanceSourceReference shadowParent
    
    # ============================================
    # CONSTANTS CONFIGURATION
    # ============================================
    
    Add-AcmaConstant -Name homeFolderPathRoot -Value '%temp%\acmausers'
    Add-AcmaConstant -Name mailSuffix -Value 'acma-demo.com'
    
    # ============================================
    # SEQUENCES CONFIGURATION
    # ============================================
    
    Add-AcmaSequence -Name unixUid -StartValue 20000 -IncrementBy 1
    
    # ============================================
    # SHADOW OBJECT LINKS
    # ============================================
    
    Add-AcmaShadowObjectLink -Name adminAccount -ReferenceAttribute adminAccount -ProvisioningAttribute hasAdminAccount -ShadowObjectClass shadowAdminAccount
    
    Write-Host "✅ Database schema configuration completed successfully!" -ForegroundColor Green
}
catch {
    Write-Host "❌ Error during schema configuration:" -ForegroundColor Red
    $_.Exception.ToString()
    throw
}

Step 2: Sample Data Creation

Create sample organizational units and person objects to demonstrate ACMA functionality. Adjust file paths to match your environment.

# Connect with business rules configuration
Connect-AcmaEngine -ServerName localhost -DatabaseName AcmaDemo -ConfigFile "C:\AcmaDemo\acma-demo.acmax" -LogFile "C:\AcmaDemo\demo.log" -LogLevel Debug

# ============================================
# CREATE ORGANIZATIONAL UNITS
# ============================================

Write-Host "Creating organizational units..." -ForegroundColor Yellow

$orgUnit1 = Add-AcmaObject -ObjectClass orgUnit
$orgUnit1.displayName = "Finance"
$orgUnit1.ouNumber = "2001"
Save-AcmaObject $orgUnit1

$orgUnit2 = Add-AcmaObject -ObjectClass orgUnit
$orgUnit2.displayName = "IT"
$orgUnit2.ouNumber = "2002"
Save-AcmaObject $orgUnit2

$orgUnit3 = Add-AcmaObject -ObjectClass orgUnit
$orgUnit3.displayName = "Sales"
$orgUnit3.ouNumber = "2003"
Save-AcmaObject $orgUnit3

# ============================================
# CREATE PERSON OBJECTS
# ============================================

Write-Host "Creating person objects..." -ForegroundColor Yellow

# Manager in IT department
$person1 = Add-AcmaObject -ObjectClass person
$person1.firstName = "John"
$person1.sn = "Smith"
$person1.employeeNumber = "1000"
$person1.orgUnit = $orgUnit2
Save-AcmaObject $person1
Write-Host "✅ Created John Smith (IT Manager)" -ForegroundColor Green

# Sales employee with unique name
$person2 = Add-AcmaObject -ObjectClass person
$person2.firstName = "William"
$person2.sn = "Keys"
$person2.employeeNumber = "1001"
$person2.orgUnit = $orgUnit3
$person2.manager = $person1
Save-AcmaObject $person2
Write-Host "✅ Created William Keys (Sales)" -ForegroundColor Green

# Finance employee with middle name (tests email conflict resolution)
$person3 = Add-AcmaObject -ObjectClass person
$person3.firstName = "William"
$person3.middleName = "John"
$person3.sn = "Keys"
$person3.employeeNumber = "1002"
$person3.orgUnit = $orgUnit1
$person3.manager = $person1
Save-AcmaObject $person3
Write-Host "✅ Created William John Keys (Finance)" -ForegroundColor Green

# Employee with surname only (tests account name generation)
$person4 = Add-AcmaObject -ObjectClass person
$person4.sn = "Stewart"
$person4.employeeNumber = "1003"
$person4.orgUnit = $orgUnit3
$person4.manager = $person1
Save-AcmaObject $person4
Write-Host "✅ Created Stewart (Sales)" -ForegroundColor Green

# Another William Keys (tests uniqueness handling)
$person5 = Add-AcmaObject -ObjectClass person
$person5.firstName = "William"
$person5.sn = "Keys"
$person5.employeeNumber = "1004"
$person5.orgUnit = $orgUnit1
$person5.manager = $person1
Save-AcmaObject $person5
Write-Host "✅ Created William Keys (Finance) - duplicate name test" -ForegroundColor Green

Write-Host "🎉 Lab environment setup completed successfully!" -ForegroundColor Cyan

Verification Steps

After running the setup scripts, verify the configuration:

  1. Check object creation: Verify all objects were created successfully
  2. Validate business rules: Confirm automatic attribute population (account names, email addresses)
  3. Test inheritance: Check that orgUnitName and directReports are populated correctly
  4. Verify sequences: Ensure unixUid values are assigned sequentially
  5. Check shadow objects: Confirm admin accounts are created for IT department users

Next Steps

Clone this wiki locally