FIM workflows help RRS feed

  • Question

  • Objects:
    The HR database is simple. The difference from the diagram "HR_DB" is that the person table has more columns.
    The original person object of Metaverse is in use. For the workgroups we've created a custom object in MV as shown in the diagram "MV".
    The original Person object of FIM Portal is in use. For the workgroups we've created a custom object as shown in the diagram "FIM".
    The lifecycle of a workgroup starts in HR. Than it flows to MV and after that to the FIM Portal. 
    In the portal the administrator should add some pointers to the Security Groups associated with this particular WG.
    The members of the WG are controled by the HR DB. However, to effectively be a member of the WG, and therefore be member of the Security Groups associateds, there must be an appro
    vation of the WG's manager. If he not approves, then the member must be removed from WG only in FIM, to force another approval workflow until the member is removed from HR DB (PERSON_WG table).
    "The road so far":
    The synchronization works perfectly from HR to MV to FIM (with the non reference values). 
    We are creating the workflow for the approval process.
    1 - We are using the attributes ManagerStr and MemberStr in MV because the referenceDN cannot be modified in a C# MA Extension (at least the VS2010 throws a excetpion telling us this). How to use references instead of mere strings? Knowing that the objects to be referenced are not of the same type of the object containing the references.

    2 - The membership needs to be approved in a per user basis. So if more than one member is added to the WG's HR in the same operation there must be a distinct approval process to each member. In this case, there is a way to create multiple workflows (one for each member) and control them?

    Thursday, July 19, 2012 9:03 PM

All replies

  • 1. I'm pretty sure you are going to have to use references. Can you not configure these attributes to be references, or get new columns added to the HR view? A reference value needs to have the same value as the key to a user.  If not you may need another MA that works out the references.

    2. This would need to be controlled by adding the references one at a time (I think the sync engine adds them all at once as a second update). I don't think the FIM MA will do this, so you'd need another custom MA to do this.

    Friday, July 20, 2012 2:55 PM
  • Tks 4 the reply Hancock. 

    1. The value of the column is the key to a user. The problem is that, if the reference points to a user, the object is not found to be referenced. We've changed the MA to point to the key of a workGroup object. With this configuration the object could be found and referenced. Bottom line, if all the objects are of the same type, the references works. Otherwise not.

    2. Exactly, the sync engine adds them all at once. The custom MA is the plan B,
    the idea is solve this with workflows since we gonna need them anyway.
    Friday, July 20, 2012 7:38 PM