Click HERE to see how Saviynt Intelligence is transforming the industry. |
07/23/2024 06:47 AM
Hi,
We have a requirement where we need to create CN while created AD account not specific to OU but across the AD.
For example:
OU1 - retail
OU2 - Store
User1 - bobby john
user 2 - Bobby John
If both the users are created in same OU, cn would be like
john bobby
john 1\bobby
but if created in different OU, it would be john bobby.
Now we want to create AD account with
john bobby
john 1\bobby
even if created in different OUs.
Please confirm if its possible? if yes, how
07/23/2024 07:05 AM
Hi @Shubhamjain27 , never worked on this requirement but worth giving it a shot.
Keep base DN in connection to top level OU for DC and then in checkuniqueaccount do a check on cn value.
07/23/2024 07:18 AM
I will try, thanks.
Also if we use checkforunique attribute for cn, do we still need to pass accountnamerule with else conditions(###)?
07/23/2024 07:21 AM - edited 07/23/2024 07:22 AM
Yes it it finds duplicate one it need to reconstruct the value.
07/24/2024 01:52 AM
Tried using the below configuration:
Accountnamerule : CN=${user.lastname+'\\, '+user.firstname},${if(user.employeeType=='Contractor'){user.customproperty10} else {if(user.employeeType!='Contractor' && (user.customproperty10==null||user.customproperty60==null||user.departmentname==null)){'OU=__Provision,OU=ABC,DC=local'} else {user.customproperty10}}}###CN=${user.lastname+'1'+'\\, '+user.firstname},${if(user.employeeType=='Contractor'){user.customproperty10} else {if(user.employeeType!='Contractor' && (user.customproperty10==null||user.customproperty60==null||user.departmentname==null)){'OU=__Provision,OU=ABC,DC=local'} else {user.customproperty10}}}
Checkforunique - {
"CN": "${user.lastname+'\\, '+user.firstname}###${user.lastname+'1'+'\\, '+user.firstname}###${user.lastname+'2'+'\\, '+user.firstname}"
}
Created two users
George Blank - OU(retail)
George Blank - OU(STR)
While provisioning I could see the CN is same as well as DN is same apart from the OU part in DN.
Createaccountjson -
{
"accountExpires": "${user.enddate!=null?(10000*(user.enddate.getTime()+11644473600000)):'0' }",
"c": "US",
"cn": "${cn}",
"co": "United States",
"company": "Bob's Discount Furniture",
"department": "${user.departmentname!=null?user.departmentname:''}",
"description": "${if(user.employeeType == 'Contractor' && user.customproperty28.contains('Companyname')){user.customproperty28.replace('Companyname',user.companyname)} else if (user.title != null && user.departmentname!= null && user.customproperty28 == null){user.title+' - '+user.departmentname} else {user.customproperty28}}",
"displayname": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"employeeID": "${user.username}",
"employeeType": "${user.employeeType != null ? user.employeeType : ''}",
"extensionAttribute1": "${user.customproperty19!=null?user.customproperty19:''}",
"extensionAttribute14": "",
"extensionAttribute2": "${user.customproperty18!=null?user.customproperty18:''}",
"extensionAttribute3": "${user.username!=null?'A'+user.username:''}",
"extensionAttribute4": "X",
"extensionAttribute5": "2",
"extensionAttribute6": "LOCL",
"extensionAttribute7": "G",
"extensionAttribute8": "BUK-1000",
"extensionAttribute9": "${user.customproperty11!=null?user.customproperty11:''}",
"extensionAttribute10": "ZW10T",
"extensionAttribute11": "QE1CLNT100",
"extensionAttribute12": "ER1CLNT100",
"extensionAttribute13": "${user.customproperty12!=null?user.customproperty12:''}",
"manager": "${ if (managerAccount == null || managerAccount?.accountID == null || managerAccount?.accountID == '' ){''} else {managerAccount?.accountID} }",
"facsimileTelephoneNumber": "${user.customproperty14 != null ? user.customproperty14 : ''}",
"givenName": "${user.firstname!=null?user.firstname:''}",
"l": "${user.city != null ? user.city : ''}",
"mail": "${user.email != null ? user.email : ''}",
"mailNickname": "${user.systemUserName}",
"name": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"physicalDeliveryOfficeName": "${user.location!=null?user.location:''}",
"postalCode": "${user.regioncode!=null?user.regioncode:''}",
"sAMAccountName": "${user.systemUserName}",
"sn": "${user.lastname}",
"st": "${user.state != null ? user.state : ''}",
"streetAddress": "${user.street!=null?user.street:''}",
"telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
"title": "${user.title!=null?user.title:''}",
"userAccountControl": "512",
"pwdLastSet": "0",
"userPrincipalName": "${user.systemUserName+'@mybobstest.com'}",
"wDCostCenterID": "${user.costcenter!=null?user.costcenter:''}",
"wDHomeCellPhone": "${user.phonenumber!=null?user.phonenumber:''}",
"wDjobCode": "${user.jobCode!=null?user.jobCode:''}",
"wdJobFam": "${user.customproperty7!=null?user.customproperty7:''}",
"wdJobFamGrp": "${user.customproperty6!=null?user.customproperty6:''}",
"wDWorkCellPhone": "${user.secondaryPhone!=null?user.secondaryPhone:''}",
"extUISponsor": "${if (user.employeeType.equals('Contractor')){user.owner} else ''}",
"extUISponsorName": "${if (user.employeeType.equals('Contractor')){user.customproperty27} else ''}",
"extUserCompany": "${if (user.employeeType.equals('Contractor')){user.companyname} else ''}",
"extUserEmailAddress": "${if (user.employeeType.equals('Contractor')){user.customproperty26} else ''}",
"proxyAddresses":"${'SMTP:' + user.email}"
}
07/31/2024 10:06 AM
Hi @Shubhamjain27 , were you able to accomplish your use case?
08/01/2024 06:23 AM
Sadly no 😞
08/01/2024 06:35 AM
Change your base DN
08/01/2024 06:28 AM
@Shubhamjain27 apart from cn did you try for any other attribute?
Upn, samaccount name?