none
Contributing MA in Provisioning code RRS feed

  • Question

  • Hi all,

    I have a scenario, lets say I have two Management Agent which are SQLMA and ADMA. I enabled the projection rules from SQLMA at the same time I enable projection rules from ADMA as well.

    So now I have a UserA (projected from SQLMA) and UserB (projected from ADMA).

    When comes to provisioning, I enable provisioning rules to create an object to another Management Agent lets say HRMA. In this case, what can I do to choose to provision UserB instead of UserA?

    Does it have a way to determine which Contributing MA the object came from so that I can create a condition in provisioning code?

    Thanks. 


    Monday, November 28, 2016 9:15 AM

All replies

  • You can determine this in your privisioning Extension code, yes.

    If you want to use e.g. Portal Rules (Scoped Rules or EREs), you can set a static inbound attribute in the MetaVerse and then use this in your Scoped rule or Set/MPR. E.g. fromSQLMA=true or fromADMA=true.


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!


    Monday, November 28, 2016 12:11 PM
  • To add-on to this, the flow is transactional. Your provisioning extension will be called once for UserA, and again separately for UserB.

    Thanks,
    Brian

    Consulting | Blog | AD Book

    Monday, November 28, 2016 8:06 PM
    Moderator
  • Hi Leo Erlandsson,

    Thank you very much for the reply. 

    Unfortunately, we did not use the portal rules in my environment. So everything is rely on Metaverse Rules Extension when comes to provisioning part.

    If I want to determine which Contributing MA the object came from in my provisioning code, could you share some codes here?

    Thanks in advance.

    Tuesday, November 29, 2016 2:51 AM
  • Hi Brian,

    Thanks for your reply.

    Could you explain more on this? Is there a way to provision only UserA ? Or is there a way to stop UserB to be provision? 

    Appreciate your reply. =)

    Tuesday, November 29, 2016 2:57 AM
  • Yee-

    You can check if you have a connector for a user in an MA called HR, for example with code like this:

    if (mventry.ConnectedMAs["HR"].Connectors.Count == 0)
    {
      // there's no entry for the user in the HR MA
     // this might be a trigger to delete the user from AD
    }
    else if (mventry.ConnectedMAs["HR"].Connectors.Count == 1)
    {
     // there's a connector for the user in the HR MA
    } 
    else
         throw new UnexpectedDataException("User has more than one connector in the HR MA");

    If you need to see what MA(s) a user has a connector in, you can iterate the ConnectedMAs collection using a foreach loop to see.


    Thanks,
    Brian

    Consulting | Blog | AD Book

    • Proposed as answer by Leo Erlandsson Tuesday, November 29, 2016 3:37 PM
    Tuesday, November 29, 2016 3:26 AM
    Moderator