Overview

The BHOLD Model Loader is a file based utility program that can be used to initialize or update a BHOLD Role Model. The utility takes an XML files and imports that file into a BHOLD database. One application that you can use to generate a Model Loader XML file is BHOLD Model Generator, but you can also create a new Model Loader XML file from scratch.
One common use of Model Loader is the scenario where an existing BHOLD Role Model is exported in an XML dataset that can be consumed by the Model Loader utility to merge changes from a staging environment into a production model.
This document describes the format dataset that is being generated by Model Generator and can be consumed by Model Loader.
Model Generator and Model Loader can also be used to port an existing production BHOLD Role Model to a staging environment.
For more information about Model Generator, please refer to http://technet.microsoft.com/en-us/library/dn320950(v=ws.10).aspx
For information about using Model Loader, please refer to http://technet.microsoft.com/en-us/library/dn320947(v=ws.10).aspx

↑ Return to top


Dataset organization

The input for Model Loader is a standard XML file. The model is partitioned by the following sequence of objects:
  • BHOLD Extensible Object Definitions
  • Applications and Permissions
  •  Organizational Tree
  • Roles and Permission
  • Role Policies
  • Role Tree
  • Object Ownerships
  • Organizational Unit & Role binding
  • Users
  • Application Accounts
  • Explicit Role & User binding
All XML elements need to following common format:
Element
Attribute
Description
Object element
 
BHOLD object name, like:

·         object

·         role

·         orgunit

 
Name
The unique name of a BHOLD Object.
 
Other
Object Specific
Sub element
 
Object bindings, parent to child.
Example(s)
<object name=’User’> … </object>
References the BHOLD User object.
<role name=’clerk’>…</role>
References, creates or updates a BHOLD Role object named clerk.
<role name=’clerk’>
        <user name=’kevin’ alias=’kevd/>
</role>

1.      References, creates or updates a BHOLD Role object named clerk.

2.      Bind a user with the alias kevd to the role.

 
Model loader can be used to remove objects from a target model by using the obsolete element.
Element
Attribute
Description
Sample(s)
<role name=’clerk’>
    <obsolete>
        <user name=’kevin’ alias=’kevd/>
    </obsolete>
</role>

1.      References, creates or updates a BHOLD Role object named clerk.

2.      Unbind a user with the alias kevd from the role.

<obsolete> 
    <role name=’clerk’>
        <obsolete>
          <user name=’kevin’ alias=’kevd/>
         </obsolete>
    </role>
</obsolete>

1.      References, creates or updates a BHOLD Role object named clerk.

2.      Unbind a user with the alias kevd from the role.

3.      Deletes the role

 

↑ Return to top


Object elements

Orgunit element

Element
Attribute
Description
orgunit
 
Defines an organizational unit to be referenced, created or deleted.
 When the top most organizational unit in the dataset is not found in the target model then it created under the root an organizational unit.
 
name
Required. The unique name of an organizational unit.
 
type
Optional. The organizational unit type name. Organizational unit may be classified. For display, documentation & synchronization purposes only.
 
Any other attribute
Optional. The defined extensible attributes for the BHOLD OrgUnit object.
Possible parent elements
 
orgunit
Optional. Any child organizational unit.
 
role
Optional. Any role to be bound either effective or optional to organizational unit.
 
 
 
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
 
orgunit
Optional. Any child organizational unit.
 
role
Optional. Any role to be bound either effective or optional to organizational unit.
 
user
Optional. Any user or person who is member of the organizational unit.
 
supervisor
Optional. Bind an internal authorization object to the organization unit.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Example
<orgunit name=’acme laundry services’> … </object>
A BHOLD OrgUnit, named acme laundry services, is created under the root.
<orgunit name=’acme laundry services’>
      <orgunit name=’going green’ type=’project’ />
</orgunit>

1.      A BHOLD OrgUnit, named acme laundry services, is reference or created under the root.

2.      A BHOLD Orgunit, named going green, is:

a.       Referenced and moved as child.

b.      Is created as child.

c.       The orgunit type is changed to project.

Note: The project type must have been declared priorly.
<orgunit name=’acme laundry services’>
      <user name=’kevin’ alias=’kevd/>
</orgunit>

1.      A BHOLD OrgUnit, named acme laundry services, is reference or created under the root.

2.      A BHOLD User, named Kevin, is:

a.       Referenced and bound as member.

b.      Is created as member.


↑ Return to top


 Application element

Element
Attribute
Description
application
 
Defines an application to be referenced, created or deleted.
 
name
Required. The unique name of an application.
 
parameter
Required. The application type name. Application may be classified. For display, documentation & synchronization purposes only.
 
description
Optional. A descriptive text for the application.
 
module
Obsolete.
 
protocol
Obsolete.
 
Any other attribute
Optional. The defined extensible attributes for the BHOLD Application object.
Possible parent elements
 
 
 
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
 
permission
Optional. Any authorization object within the application to which users may be granted access.
 
account
Optional. The user account for persons bound to this application.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
 
supervisor
Optional. Bind an internal authorization object to the application.
Example
<application name=’acme laundry services’> … </object>
A BHOLD Application, named acme laundry services, is created under the root.
<application name=’acme laundry services’>
      <permission name=’createorder’ description=’Create a work order’ />
</application>

1.      A BHOLD Application, named acme laundry services, is reference or created under the root.

2.      A BHOLD Permission, named createorder, is:

a.       Referenced and updated.

b.      Is created as application member.


↑ Return to top


Permission element

Element
Attribute
Description
permission
 
task
 
Defines a permission to be referenced, created or deleted.
 
name
Required. The unique name of a permission.
 
description
Optional. A possible explanation or description of a permission.
 
cat
Optional. Used to declare a permission as context adaptable.
 
max-roles
Optional. The maximum number of roles to which this permissions may be bound.
 
max-users
Optional. The maximum number of users to which this permissions may be granted.
 
Any other attribute
Optional. The defined extensible attributes for the BHOLD Permission object.
Possible parent elements
 
Application
Optional. The parent application for the permission.
 
role
Optional. The role to which the permission is to be bound.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
 
permission
Optional. Any authorization object within the permission to which users may be granted access.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
 
supervisor
Optional. Bind an internal authorization object to the permission.
Example(s)
<permission name=’acme laundry services’> … </object>
A BHOLD Permission, named acme laundry services, is referenced.
<application name=’acme laundry services’>
      <permission name=’createorder’ description=’Create a work order’ />
</application>

1.      A BHOLD Application, named acme laundry services, is reference or created under the root.

2.      A BHOLD Permission, named createorder, is:

a.       Referenced and updated.

b.      Is created as application member.


↑ Return to top


 Role element

Element
Attribute
Description
role
 
Defines a role to be referenced, created or deleted.
 
name
Required. The unique name of a role.
 
Proposed
Optional. Declare how the role will be bound to an organization unit. Only valid when binding.
 
cat
Optional. Used to declare the role as context adaptable.
Context adaptable permissions may only be bound to roles who are declared as context adaptable.
 
sv
Optional. Used to declare the role as a supervisor role.
 
Inherit-roles
Optional. Declares that the role will be inherited by child organizational units. Only valid when binding roles to organizational units.
 
max-sub-roles
Optional. The maximum number of child roles to be bound to this role.
 
max-users
Optional. The maximum number of users which may be granted this role.
 
max-permissions
Optional. The maximum number of permissions which may be bound to this role.
 
replace-permissions
Optional. Declares that all permission sub elements will replace the existing role permission content in the target model.
 
replace-roles
Optional. Declares that all role sub elements will replace the existing role content in the target model.
 
replace-users
Optional. Declares that all user sub elements will replace the existing role members in the target model.
 
Any other attribute
Optional. The defined extensible attributes for the BHOLD Role object.
Possible parent elements
 
role
Optional. Any child role.
 
role
Optional. Any role to be bound either effective or optional to role.
 
 
 
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
 
role
Optional. Any child role.
 
role
Optional. Any role to be bound either effective or optional to role.
 
user
Optional. Any user or person who is member of the role.
 
supervisor
Optional. Bind an internal authorization object to the organization unit.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Example(s)
<role name=’acme laundry services’> … </object>
A BHOLD Role, named acme laundry services, is created.
<role name=’acme laundry services’>
      <role name=’going green’ type=’project’ />
</role>

1.      A BHOLD Role, named acme laundry services, is reference or created under the root.

2.      A BHOLD Role, named going green, is:

a.       Referenced and moved as child.

b.      Is created as child.

<role name=’acme laundry services’>
      <user name=’kevin’ alias=’kevd/>
</role>

1.      A BHOLD Role, named acme laundry services, is reference or created.

2.      A BHOLD User, named Kevin, is: Referenced and bound as member.

<role name=’acme laundry services’ proposed=’yes’>
      <orgunit name=’shiproom’ />
</role>

1.      A BHOLD Role, named acme laundry services, is reference or created.

2.      A BHOLD Orgunit, named shiproom, is referenced and created if needed.

3.      The role is bound optionally to the orgunit.

<orgunit name=’shiproom’ />
   <role name=’acme laundry services’ proposed=’yes’>
</orgunit>

1.      A BHOLD Orgunit, named shiproom, is referenced and created if needed.

2.      A BHOLD Role, named acme laundry services, is reference or created.

3.      The role is bound optionally to the orgunit.


↑ Return to top


Rule/Policy element

Element
Attribute
Description
and
 
Defines a policy for a role to be referenced, created or deleted.
 
name
Required. The unique name of a role.
Parent elements
 
role
Required. The role for which a policy is to be created.
Sub elements
 
Avp
Optional. The conditions to be applied.
Example(s)
<role name=’acme laundry services’>
      <and name=’must be local’ >
           <avp  name=’workplace’ value=’local’   />
      </and>
</role>

3.      A BHOLD Role, named acme laundry services, is reference or created under the root.

4.      A policy, named must be local, is created.

5.      The condition is the user’s workplace attribute value must be local.

 
Element
Attribute
Description
avp
 
Definies a binary condition for a policy.
 
name
Required. The unique name of a role.
 
Value
Require. The value to be tested.
Parent elements
 
And
Required. The policy for which the condition is created.
Sub elements
 
 
 
Example(s)
<role name=’acme laundry services’>
      <and name=’must be local’ >
           <avp  name=’workplace’ value=’local’   />
      </and>
</role>

1.      A BHOLD Role, named acme laundry services, is reference or created under the root.

2.      A policy, named must be local, is created.

3.      The condition is the user’s workplace attribute value must be local.


↑ Return to top


 User element

Element
Attribute
Description
user
 
Defines a user to be referenced, created or deleted.
 
Alias
Required. The unique and default alias or account name. The alias is used as the user’s  primary key.
 
name
Required. The non unique name of a user.
 
language
Optional. The language name. Defines the display language for the user in the BHOLD standard user interface.
 
relationship
Optional. When two user objects are linked then this attribute declares the relationship between these two objects.
 
max-roles
Optional. The maximum number of active roles which may bound to this user.
 
max-permissions
Optional. The maximum number of permissions which may be bound to this user.
 
enddate
Optional. The date on which the user must be terminated. On enddate all user authorization are revoked.
 
disabled
Optional. Declares the user as enable or disabled. A disabled user remains member of any orgunit, role or application but will loose all permissions.
 
Any other attribute
Optional. The defined extensible attributes for the BHOLD User object.
Possible parent elements
 
Application
Optional. The parent application for the user.
 
role
Optional. The role to which the user is to be bound.
 
orgunit
Optional. The organizational unit to which the user is to be bound.
 
user
Optional. A secondary user to which the user is to be bound.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
 
orgunit
Optional. The organizational to which the user is to be bound.
 
role
Optional. The role to which the user is to be bound.
 
user
Optional. A secondary user to which this user is bound.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
 
supervisor
Optional..
Example(s)
<orgunit name=’acme laundry services’>
      <user name=’kevin’ alias=’kevd/>
</orgunit>

1.      A BHOLD OrgUnit, named acme laundry services, is reference or created under the root.

2.      A BHOLD User, named Kevin, is:

a.       Referenced and bound as member.

b.      Is created as member.


↑ Return to top


 Application account or User Alias element

Element
Attribute
Description
alias
 
Defines a user to be referenced, created or deleted.
 
name
Required. The application specific user name or account.
 
Any other attribute
Optional. The defined extensible attributes for the BHOLD User object.
Parent elements
 
Application
Required. The application for which account are set.
 
user
Required. The user for which an application account is created.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Sample(s)
<application name=’acme laundry services’>
      <user name=’kevin’ >
           <alias name=’XVK123’ />
      </user>
</application>

1.      Application acme laundry services is referenced to define account.

2.      A BHOLD User, named Kevin, is referenced.

3.      The account XVK123 is created for user Kevin on application acme laundry services.


↑ Return to top


Supervisor element

Element
Attribute
Description
supervisor
 
A supervisor role is a role with built-in behavior with BHOLD.
 
name
Required. The unique name of a role.
 
Any other attribute
See the role element for attribute details.
Possible parent elements
 
application
Optional. The application being managed with this supervisor role.
 
Role
Optional. The role being managed with this supervisor role.
 
permission
Optional. The permission being managed with this supervisor role.
 
orgunit
Optional. The organizational unit being managed with this supervisor role.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Possible Sub elements
 
application
Optional. The application being managed with this supervisor role.
 
Role
Optional. The role being managed with this supervisor role.
 
permission
Optional. The permission being managed with this supervisor role.
 
orgunit
Optional. The organizational unit being managed with this supervisor role.
 
User
Optional. The user who is granted supervisorship over the supervisor role content.
 
obsolete
Optional. Declares the sub elements of the object element must be purged from the target.
Sample(s)
<supervisor name=’acme laundry services sv role’> … </supervisor>
A BHOLD Role, named acme laundry services sv role’, is created.
<role name=’acme laundry services’>
      <supervisor name=’acme laundry services sv role’ /> </role>

1.      A BHOLD Role, named acme laundry services, is reference or created under the root.

2.      A BHOLD Supervisr Role, named acme laundry services sv role, is:

a.       Referenced or created and bound for supervisorship of the role.

<supervisor name=’acme laundry services sv role’ >
      <user name=’kevin’ alias=’kevd/>
</supervisor>

1.      A BHOLD Role, named acme laundry services sv role, is reference or created.

2.      A BHOLD User, named Kevin, is: Referenced and made supervisor of all objects bound to the supervisor role.


↑ Return to top


Clearance element

 
Element
Attribute
Description
clearance
 
Forces controlled cleaning of the target BHOLD Role Model
 
empty-roles
Optional. Will delete all empty roles.
 
unused-roles
Optional. Will delete all roles not bound to any user.
 
unused-permissions
Optional. Will delete all permissions not granted to any user.
 
obsolete-users
Optional. Will delete all users without any granted permission.
Example
< clearance empty-roles=”yes”  unused-roles=”yes”  unused-permissions=”yes”  obsolete-users=”yes”  />
All unused and empty roles, permissions and users are deleted.

↑ Return to top


Object element

Element
Attribute
Description
object
 
References a built-in extensible BHOLD object.
 
name
Required. The BHOLD object name. Must be Role, OrgUnit, Application, Permission, User or Account.
Possible Sub elements
 
attributeset
Optional. Defines a group of ordered attributes on an extensible.
Example(s)
<object name=’Role’> … </object>
References the BHOLD Role object.
<object name=’OrgUnit’>
      <attributeset name=’WorkFlow’ >
           
      </attributeset>
</object>

1.      References the BHOLD Orgunit object.

2.      References or creates and bind an attribute set named WorkFlow to the referenced.


↑ Return to top


Attributeset element

Element
Attribute
Description
attributeset
 
References or creates an group of attributes to be bound to BHOLD Extensible objects.
 
name
Required. The attribute set name.
 
Note: Attribute sets can be bound to multiple BHOLD Extensible objects.
 
english
The display name in English.
 
dutch
The display name in Dutch.
 
visible
Optional. Declares the attribute to be visible or invisible in the BHOLD Administrative User Interface.
Possible parent elements
 
object
Optional. The BHOLD Extensible object to which the attribute set is to be bound.
Possible Sub elements
 
attribute
Optional. Defines the attributes contained in the set.
Example(s)
<object name=’OrgUnit’>
      <attributeset name=’WorkFlow’ >
           <attribute name=’Approver1’ … />
           <attribute name=’Approver2’ … />
      </attributeset>
</object>

1.      References the BHOLD Orgunit object.

2.      References or creates and bind an attribute set named WorkFlow to the referenced.

3.      References or creates attributes Approver1 and Approver2.

4.      Bind the attributes to the set.


↑ Return to top


Attribute element

Element
Attribute
Description
Attribute
 
References or creates attributes to be bound to BHOLD Extensible objects through attributes sets.
 
name
Required. The attribute name.
 
Note: Attribute can be bound to multiple BHOLD Extensible objects.
 
english
Required. The display name in English.
 
dutch
Optional. The display name in Dutch.
 
type
Optional. The data type for the attribute.
 
ength
Optional. The maximum number of characters.
 
default
defaultvalue
Optional. A default value.
 
 
 
Possible parent elements
 
attributeset
Optional. Defines the attributes contained in the set.
Possible Sub elements
 
Attributevalue
Optional.
Example(s)
<object name=’OrgUnit’>
      <attributeset name=’WorkFlow’ >
           <attribute name=’Approver1’ … />
           <attribute name=’Approver2’ … />
      </attributeset>
</object>

1.      References the BHOLD Orgunit object.

2.      References or creates and bind an attribute set named WorkFlow to the referenced.

3.      References or creates attributes Approver1 and Approver2.

4.      Bind the attributes to the set.


↑ Return to top


Example of a Model Loader file 

<?xml version="1.0" encoding="UTF-16"?>
<bhold>
  <!--ObjectTypes - Attribute Sets - Attributes-->
  <object name="Application">
    <attributeset name="Attestation Attributes" english="Attestation Attributes">
      <attribute name="steward1" english="steward1" />
    </attributeset>
  </object>
 
  <object name="OrgUnit">
    <attributeset name="Custom OrgUnit Attributes" english="Custom OrgUnit Attributes">
      <attribute name="Managers_CorporateKey" english="Managers_CorperateKey" />
      <attribute name="OU_Description" english="OU_Description" />
    </attributeset>
  </object>
 
  <object name="Permission">
    <attributeset name="Custom Permission Attributes" english="Custom Permission Attributes">
      <attribute name="Application_Owner_ID" english="Application_Owner_ID" />
    </attributeset>
 
    <attributeset name="test" english="test">
      <attribute name="Address" english="Address" />
      <attribute name="B1EnforceABARepeatInterval" english="B1EnforceABARepeatInterval" />
      <attribute name="B1EnforceABAStartHour" english="B1EnforceABAStartHour" />
      <attribute name="bholdAliasFormula" english="bholdAliasFormula" />
    </attributeset>
  </object>
 
  <object name="Role">
    <attributeset name="Common Role Attributes" english="Common Role Attributes">
      <attribute name="ManagedByFIM" english="ManagedByFIM" />
      <attribute name="Role_Class" english="Role_Class" />
      <attribute name="RoleType" english="RoleType" />
    </attributeset>
 
    <attributeset name="Custom Role Attributes" english="Custom Role Attributes">
      <attribute name="Role_Description" english="Role_Description" />
    </attributeset>
  </object>
 
  <object name="System">
    <attributeset name="bholdAttestationSettings" english="bholdAttestationSettings">
      <attribute name="bholdAttestationServiceInterval" english="bholdAttestationServiceInterval" />
    </attributeset>
  </object>
 
  <object name="User">
    <attributeset name="Common User Attributes" english="Common User Attributes">
      <attribute name="Email" english="Email" />
    </attributeset>
 
    <attributeset name="Custom User Attributes" english="Custom User Attributes">
      <attribute name="Days_lst_log" english="Days_lst_log" />
      <attribute name="Employee_Type" english="Employee_Type" />
      <attribute name="Job_Title" english="Job_Title" />
      <attribute name="Status" english="Status" />
      <attribute name="steward1" english="steward1" />
      <attribute name="Valid_NDA" english="Valid_NDA" />
    </attributeset>
  </object>
 
  <!-- START OF Create applications and permissions -->
  <application name="Active Directory" module="" parameter="0" protocol="">
    <Permission name="Department Share (CAP)" description="Department Share (CAP)" />
    <Permission name="Domain administrator" description="Domain administrator" />
    <Permission name="File Share (CAP)" description="File Share (CAP)" />
  </application>
  <!-- END OF   Create applications and permissions -->
 
  <!-- START OF Build of organization structure -->
  <orgunit name="root" type="root">
    <orgunit name="Test123" type="root" />
    <orgunit name="The Company" type="root" Managers_CorperateKey="ABERCROMBIEKIM" OU_Description="The Company">
      <orgunit name="BU1 Finance" type="root" Managers_CorperateKey="ABOLROUSHAZEM" OU_Description="BU1 Finance">
        <orgunit name="Financial Administration" type="root" Managers_CorperateKey="ADAMSTERRY" OU_Description="Financial administration">
          <orgunit name="Accounts Payable" type="root" Managers_CorperateKey="AFFRONTIMICHAEL" OU_Description="Accounts Payable" steward1="AFFRONTIMICHAEL" />
          <orgunit name="Control" type="root" Managers_CorperateKey="AGARWALNUPUR" OU_Description="Control" />
          <orgunit name="Finance" type="root" Managers_CorperateKey="AGARWALMANOJ" OU_Description="Finance" />
        </orgunit>
      </orgunit>
    </orgunit>
  </orgunit>
  <!-- END OF   Build of organization structure -->
 
  <!-- START OF Roles definitions -->
  <role name="Accountant" Role_Description="Accountant">
    <task name="Select-Invoice-For-Payment" description="Select-Invoice-For-Payment" />
  </role>
 
  <role name="Accounts Payable Clerk" Role_Description="Accounts Payable Clerk">
    <task name="Ticket Creation" description="Ticket Creation" />
    <task name="View-Payment-Overview" description="View-Payment-Overview" />
    <task name="View-Production-Status" description="View-Production-Status" />
    <task name="GgpApp-Create-invoice" description="GgpApp-Create-invoice" />
    <task name="GgpApp-Invoice-overview" description="GgpApp-Invoice-overview" />
    <task name="GgpShr-Invoice-Overdue-Overview" description="GgpShr-Invoice-Overdue-Overview" />
    <task name="GgpShr-Monthly-reports" description="GgpShr-Monthly-reports" />
  </role>
  <!-- END OF   Roles definitions -->
 
  <!-- START OF Role Supervisorships -->
  <role name="Accounts Payable Clerk">
    <supervisor name="SV-Accounts Payable Clerk-Regular" />
  </role>
 
  <role name="Attestor">
    <supervisor name="SV-Attestor-Regular" />
  </role>
 
  <orgunit name="The Company">
    <supervisor name="SV_The Company" />
  </orgunit>
  <!-- END OF  OrgUnit Supervisorships -->
 
  <!-- START OF Role rules (ABA) -->
  <role name="SV_3rd party manufacturing">
    <and>
      <avp name="Job_Title" value="Manager" />
    </and>
  </role>
 
  <role name="SV_Accounts Payable">
    <and>
      <avp name="Job_Title" value="Manager" />
    </and>
  </role>
  <!-- END OF   Role rules (ABA) -->
 
  <!-- START OF Roles structure -->
  <role name="Accountant">
    <role name="Invoice Approval" />
  </role>
  <!-- END OF   Roles structure -->
 
  <!-- START OF Link effective roles the organization structure -->
  <orgunit name="root">
    <role name="TestRole123" cat="yes" />
  </orgunit>
  <!-- END OF   Link effective roles the organization structure -->
 
  <!-- START OF Add users to the organization structure -->
  <orgunit name="root">
    <user name="Root" alias="ILM-VM-SERVERAD\Administrator" language="en" />
  </orgunit>
 
  <orgunit name="BU1 Finance">
    <user name="Abolrous, Hazem" alias="ABOLROUSHAZEM" language="en" Days_lst_log="5" Email="Abolrous.Hazem@Contoso.com" Employee_Type="Internal" Job_Title="Sales Representative" Status="Active" Valid_NDA="Y" />
  </orgunit>
  <!-- END OF   Add users to the organization structure -->
 
  <!--Application User Aliases-->
  <application name="Active Directory">
    <user name="ABOLROUSHAZEM">
      <alias name="ABOLROUSHAZEM" />
    </user>
 
  <application name="Payments_Processor">
    <user name="ALLENMICHAEL">
      <alias name="ALLENMICHAEL" />
    </user>
  </application>
 
  <!-- START OF Activate roles for users -->
  <role name="SV_BU1 Finance">
    <user name="Abolrous, Hazem" alias="ABOLROUSHAZEM" language="en" />
  </role>
  <!-- END OF   Activate roles for users -->
 
</bhold>

↑ Return to top