none
CustomExpression for password value RRS feed

  • Question

  • I am trying to find a way to fix a password issue we have for certain account types. We have Vendor accounts by job classification which add "-V" to the last name. This was done by committee and cannot be changed without considerable modification to SOPs.  Here is our CustomExpression for password as defined in the Outbound Attribute Flow in MIM Portal:

    "!$"+SS4R+LowerCase(Right(lastName,2))

    Which ends up looking similar to this for vendor accounts:

    "!$1234-V"

    This is bad on so many levels.  It should end in the last 2 letters of the person's last name.

    My thought was to Replace -v with "". I attempted "!$"+SS4R+ReplaceString(lastName,"-v","") just to keep it simple.  I looked it up on MSDN (link here). It appeared to be accepted when I clicked OK.  However, I haven't tried to incorporate that with the rest of the function.

    As this is not the only suffix that has been appended to the lastName value (we've added -CS, -NS, -NI, -ECC and a few others I cannot recall off the top of my head).  How could I write this in a manner that could replace the suffix before selecting the last two characters.  I have a few IIF(IsPresent()) type expression in use which leads me to think I could "test for each suffix type" before replacing the characters in question. Or possibly use a RegEx to do the evaluation for all the various suffix types?

    What would be the best way to go about addressing this issue?  

    Additionally, what "language" is this written in? Visual Basic? Is it SharePoint specific or FIM specific?

    In case it matters... Home / About Microsoft Identity Manager says I'm on Version 4.4.1302.0 and the same is true for Sync Service Manager.  I believe this to be MIM 2016 SP1.

    Thanks in advance for your help.


    Edit:  corrected some grammar and added a comment about regex
    • Edited by JasGrant Thursday, July 19, 2018 8:55 PM
    Thursday, July 19, 2018 8:27 PM

All replies

  • Hi JasGrant,

    Please take a look on "Word()" Function - if you'd use that to divide LastName from V,CS,NS,NI,ECC:

    Word(LastName, 1, "-")

    it takes first part of a string divided by "-". The weak point is that you can possibly have LastNames like Li-Smith and then you'll have "Li" only.

    Another idea is to keep "V","CS","NS","NI" as another attribute within FIMService - then you can just use that.


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Friday, July 20, 2018 9:03 AM
  • Dominik,

    thank you for the reply. Unfortunately dividing on the last name won't work as we have last names which are hyphenated: "smith-jones" and similar.  As I said, this was a decision made by several folks.  I'm just trying to trim the known values from the last name before setting the password value based on the last name.

    Tuesday, July 31, 2018 2:24 PM