none
MIM User creation through Portal - Multiple Domains in a Forest RRS feed

  • Question

  • Hi,

    We have a requirement with one of our customers where they need an option to create users using MIM portal. They have multiple domains in a Forest and while creating user all these domains needs to be available as an option in a dropdown for creating user.

    On the create user page there is an dropdown available for Domain but currently only one domain name is available which happens to be the same domain on which the MIM server has been installed. Not sure how do I get the option for all other domains.

    Have attached screenshot from MIM Portal which shows the option where we need multiple domain names in dropdown.

    Any help appreciated.


    Regards, Chandan

    Monday, August 14, 2017 12:30 PM

Answers

  • create a new custom attribute type string called UserDomain (Or whatever you want). 

    Bing it to user

    Add new Attribute in RCDC for user Creation, where you will populate the domains using this sample below.

    Use the value on UserDomain to build the DN for provisioning to AD

    <!--Sample for drop-down list control-->
    <my:Control my:Name="UserDomain" my:TypeName="UocDropDownList" my:Caption="{Binding UserDomain=schema, Path=UserDomain.DisplayName}" my:RightsLevel="{Binding Source=rights, Path=UserDomain}">
         <my:Options>
              <my:Option my:Value="Domain1" my:Caption="Domain1" my:Hint="to secure a local resource (i.e. a file share on your computer)" />
              <my:Option my:Value="Domain2" my:Caption="Domain2" my:Hint="to secure resources across your team or division" />
              <my:Option my:Value="Domain3" my:Caption="Domain3" my:Hint="to use this group across your organization" />
         </my:Options>
         <my:Properties>
              <my:Property my:Name="Required" my:Value="{Binding Source=schema, Path= UserDomain.Required" />
              <my:Property my:Name="ValuePath" my:Value="Value" />
              <my:Property my:Name="CaptionPath" my:Value="Caption" />
              <my:Property my:Name="HintPath" my:Value="Hint" />
              <my:Property my:Name="ItemSource" my:Value="Custom" />
              <my:Property my:Name="SelectedValue" my:Value="{Binding Source=object, Path= UserDomain, Mode=TwoWay}" />
         </my:Properties>
    </my:Control>
    <!--End of Sample for drop-down list control-->


    Nosh Mernacaj, Identity Management Specialist

    • Proposed as answer by Nosh Mernacaj Monday, August 14, 2017 6:10 PM
    • Marked as answer by Chandan19 Sunday, August 20, 2017 3:13 AM
    Monday, August 14, 2017 6:10 PM
  • Create a new forest object first. Only put the info for required field ignoring anything else. Actual information is not relevant if this is a single forest setup. 

    See Create Forest Configuration Objects and Create Domain Configuration Objects sections at: https://technet.microsoft.com/en-us/library/ff720154%28v=ws.10%29.aspx if you need additional info.

    • Marked as answer by Chandan19 Sunday, August 20, 2017 3:12 AM
    Thursday, August 17, 2017 2:19 PM

All replies

  • create a new custom attribute type string called UserDomain (Or whatever you want). 

    Bing it to user

    Add new Attribute in RCDC for user Creation, where you will populate the domains using this sample below.

    Use the value on UserDomain to build the DN for provisioning to AD

    <!--Sample for drop-down list control-->
    <my:Control my:Name="UserDomain" my:TypeName="UocDropDownList" my:Caption="{Binding UserDomain=schema, Path=UserDomain.DisplayName}" my:RightsLevel="{Binding Source=rights, Path=UserDomain}">
         <my:Options>
              <my:Option my:Value="Domain1" my:Caption="Domain1" my:Hint="to secure a local resource (i.e. a file share on your computer)" />
              <my:Option my:Value="Domain2" my:Caption="Domain2" my:Hint="to secure resources across your team or division" />
              <my:Option my:Value="Domain3" my:Caption="Domain3" my:Hint="to use this group across your organization" />
         </my:Options>
         <my:Properties>
              <my:Property my:Name="Required" my:Value="{Binding Source=schema, Path= UserDomain.Required" />
              <my:Property my:Name="ValuePath" my:Value="Value" />
              <my:Property my:Name="CaptionPath" my:Value="Caption" />
              <my:Property my:Name="HintPath" my:Value="Hint" />
              <my:Property my:Name="ItemSource" my:Value="Custom" />
              <my:Property my:Name="SelectedValue" my:Value="{Binding Source=object, Path= UserDomain, Mode=TwoWay}" />
         </my:Properties>
    </my:Control>
    <!--End of Sample for drop-down list control-->


    Nosh Mernacaj, Identity Management Specialist

    • Proposed as answer by Nosh Mernacaj Monday, August 14, 2017 6:10 PM
    • Marked as answer by Chandan19 Sunday, August 20, 2017 3:13 AM
    Monday, August 14, 2017 6:10 PM
  • All you need is to create the Domain Configuration objects for each of the additional domains and they'll automatically appear in the default User/Groups forms. If you don't have Forest Configuration object, you'll need to create it first. These are available via All Resource | Forest Configuration  or All Resource | Domain Configuration menu.

    PS: This post is not related to MIMWAL so I'll be moving this to FIM 2010 forum which covers both FIM and MIM.

    Tuesday, August 15, 2017 9:13 AM
  • Hi Nosh,

    I guess that would create separate attributes for domain values. Is there a way that I can use the existing Domain attribute on FIM Portal to have all Domain's values.. like Domain1, Domain2, Domain3...


    Regards, Chandan

    Wednesday, August 16, 2017 4:23 PM
  • What I suggested is one attribute, multivalue dropdown.

    You can use the build in, but I usually don't touch that for this purpose. The Domain Configuration is an Object, thus reference.

    What I am giving you is a string value.

    Choice is yours.


    Nosh Mernacaj, Identity Management Specialist


    Thursday, August 17, 2017 1:01 PM
  • We are working on the solutions by Nosh and Nilesh.. will update the post once we have resolved. Thanks.

    Regards, Chandan

    Thursday, August 17, 2017 1:45 PM
  • Hi Nilesh,

    I am trying to configure the Domain based on your suggestion and I tried to add domain but when I try to select the forest I see that Forest details are missing..and to Add new domain we need to select Forest details as it's a mandatory attribute.. any idea..? .. below image from MIM configuration...


    Regards, Chandan

    Thursday, August 17, 2017 2:05 PM
  • Create a new forest object first. Only put the info for required field ignoring anything else. Actual information is not relevant if this is a single forest setup. 

    See Create Forest Configuration Objects and Create Domain Configuration Objects sections at: https://technet.microsoft.com/en-us/library/ff720154%28v=ws.10%29.aspx if you need additional info.

    • Marked as answer by Chandan19 Sunday, August 20, 2017 3:12 AM
    Thursday, August 17, 2017 2:19 PM
  • Thanks Nilesh, it worked for me.

    Regards, Chandan

    Sunday, August 20, 2017 3:12 AM
  • Hi Nosh,

    Your idea threw some light for one of the other requirement which we were thinking how to achieve. It was related to portal customization. Thanks.


    Regards, Chandan

    Sunday, August 20, 2017 3:13 AM