Automate Deleting a particular metaverse object using some script(powershell) RRS feed

  • Question

  • Hi,

    We are using Generic Rest API MA for Google(Naohiro) Provisioning from FIM. For provisioning,we are using provision code and mapped FIM "Email" Attribuite with DN(google) i.e.(FIM Email->dn) and FIM Email-->PrimaryEmail(Google) in MVExtension code. Now we have to change PrimaryEmail value on Google. As 'PrimaryEmail' is used as Anchor attribute, through FIM Sync we are unable to change PrimaryEmail. So, we came up by deleting/disconnecting the metaverse object  and re provisioned the user with changed Email. So now we want to automate deleting a particular user from Metaverse.

    Is there any way for automating the deletion of a specific user from metaverse using some script(powershell or any others).



    Sunday, May 10, 2015 8:39 AM

All replies

  • You have many options.

    1. using Classical Rules, Code.

    2. Setting a deletion rule, out of the box, in Metaverse Console

    3. FIM Portal (with this option you need to ensure there is a Deprovisioning to other MAs, "Delete" option)

    In all these cases, you need to have a way to identify the users, once you do the rest is easy.

    From Portal,

    1. Create a Set for these users

    2. Create an MPR "Transition In" - using the set from step 1 and applying "Expiration Workflow" which deletes the objects of this set. 

    3. in FIM Metaverse, set the deletion rules, so that when user is deleted in FIM Portal, deletes the MV object as well. 

    Nosh Mernacaj, Identity Management Specialist

    • Proposed as answer by UNIFYBobMVP Monday, May 11, 2015 2:11 PM
    Monday, May 11, 2015 1:16 PM
  • Just to add to what Nosh has said, it's a REALLY BAD idea to touch the metaverse directly. If you need to delete an MV user then use the MV deletion rules - do not use Powershell or SQL to remove things from the MV tables directly, you will end up in a complete mess.



    Tuesday, May 12, 2015 10:45 AM