none
Custom Search Scope RRS feed

  • Question

  • Hello All,

    We have two custom search scope to get registered and unregistered users for SSPR , But they are not working as expected.

    Registered user is showing no users and unregistered user is showing total users(registered+unregistered).

    Kindly suggest.

    Regards,
    Suman

    Thursday, July 21, 2016 10:33 AM

Answers

  • Hello There,

    Sorry, i forgot to do IISRESET :(

    so just tried that and it is working. No need to cretae new MPR. Adding attribute in the MPR " "User management: Users can read selected attributes of other users" will work.

    Thanks for your suggestion and time.

    Regards,

    Suman

    • Marked as answer by Suman Baurai Thursday, July 28, 2016 11:32 AM
    Wednesday, July 27, 2016 3:08 PM

All replies

  • How have you configured your search scopes? Could you provide more details?

    Thursday, July 21, 2016 12:46 PM
  • Use the following filters for registered and unregistered assuming the displayname for your AuthN workflow for password registration is "Password Reset AuthN Workflow"

    Registered users search scope filter
    Export-FIMConfig -CustomConfig "/Person[AuthNWFRegistered = /WorkflowDefinition[DisplayName = 'Password Reset AuthN Workflow']]"

    Unregistered users search scope filter

    Export-FIMConfig -CustomConfig "/Person[not(AuthNWFRegistered = /WorkflowDefinition[DisplayName = 'Password Reset AuthN Workflow'])]"


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Thursday, July 21, 2016 12:48 PM
  • i have defined the search filter on the basis of "AuthNWFRegistered". User who are a part of these workflow are in teh registered search scope and who are not , they are in the unregistered search scope.

    Please let me know if any more details are needed.

    Regards,

    Suman

    Thursday, July 21, 2016 12:50 PM
  • Maybe Jorge's guide will help? https://jorgequestforknowledge.wordpress.com/2012/11/11/finding-all-users-within-fim-that-have-not-registered-for-sspr/

    It sounds like you're on the right path but might have made some mistake. A screenshot or copy/paste of your filter would be useful to help you debug if the link above doesn't help you. 

    Thursday, July 21, 2016 12:52 PM
  • Hello,

    I follow the steps provided in the link above but still my issue is not resolved. Also i cannot see the search scope in home page of FIM portal.

    

    Kindly suggest.

    Regards,

    Suman

    Friday, July 22, 2016 8:35 AM
  • Hello,

    can anyone suggest what to do in this case ?

    Regards,

    SUman


    Monday, July 25, 2016 12:05 PM
  • Follow these steps:

    Make sure you can see some users in the table above after you type your search scope filter and click some where else on the window.

    and you'll see it in your homepage:


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Monday, July 25, 2016 1:58 PM
  • Forgot to say, you need to do iisreset from an elevated cmd prompt before you can see it in homepage

    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Monday, July 25, 2016 2:42 PM
  • Thank you So much.

    But now the issue is different my scope filter condition is not working as expected.

    i have pasted above . Kindly suggest.

    Regards,

    SUman

    Monday, July 25, 2016 4:13 PM
  • Can you try this search filter for registered users?

    /Person[AuthNWFRegistered = /WorkflowDefinition[DisplayName = 'Password Reset AuthN Workflow']]

    and how many Password Reset Authentication workflows do you have?

    It seems you're ORing many Auth workflow GUIDs and I'm not sure you have that many and I'm not sure if these are correct GUIDs in your MIM portal.

    If you have multiple Password Reset AuthN Workflows, you can OR them by display name like this:

    /Person[AuthNWFRegistered = /WorkflowDefinition[DisplayName = 'Password Reset AuthN Workflow' or DisplayName = 'SectionAuthenticationWorkflow']]

    does this help?


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    • Marked as answer by Suman Baurai Tuesday, July 26, 2016 9:20 AM
    • Unmarked as answer by Suman Baurai Monday, August 1, 2016 8:52 AM
    Monday, July 25, 2016 5:19 PM
  • Hello,

    Yes, i have 6 workflows for different-2 languages. I am using GUID of those in the scope filter condition . But i have two issues.

    1) The "Registered user" search scope is working correctly. But when i am checking the search scope using ADMIN account login it is showing the users,  but when i am using general user account the result is blank.

    However, i have added the attributes in the required MPR. So that the general users can read that.

    2) The "unregistered User" search scope is not working as expected neither using administrator account nor general user account. Even the search scope filter is not working.

    Kindly suggest.

    Regards,

    SUman


    Tuesday, July 26, 2016 8:28 AM
  • Can send your search filter for the unregistered users.

    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Tuesday, July 26, 2016 12:29 PM
  • Hello, 

    Below is the search filter condition.

    /Person [not((AuthNWFRegistered = 'd4141913-9527-4c4a-9f60-a4d3a7bcbfa1') or (AuthNWFRegistered = '661c3d53-7669-4a62-8a58-6222f03c541f') or (AuthNWFRegistered = 'f1d94268-5c85-4235-981d-d6154ea18a66') or (AuthNWFRegistered = '25c7c1f5-daa2-4206-b008-cda93631a26c') or (AuthNWFRegistered = 'e6e08a42-2b4e-4c82-bfab-deaa9bceda98') or (AuthNWFRegistered = '122123ee-740b-48f7-a81c-0516183da234'))]

    Regards,

    SUman

    Tuesday, July 26, 2016 1:57 PM
  • Your search filter looks fine. When you say "Even the search scope filter is not working"... do you mean that some users are registered but they show as they are not registered?

    In the "Unregistered Users" Search Scope -> Search definition... does your search scope filter give you any result? Can you click on one of them that you think is not registered and look at the "AuthN Workflow Registered" attribute and confirm that it has a workflow there?

    I simulated your scenario and everything looks fine. Please show me some snapshot of the errors/empty results your're seeing so I can help.


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Tuesday, July 26, 2016 2:40 PM
  • Yes, search scope filter gives me user list . And both the search scope (registered and unregistered) are working fine, while i am logged in using ADMIN account.

    But when i am logging in using normal user account then unregistered search scope is showing result which consists total users(registered +unregistered)

    And register search scope is blank.

    Regards,

    Suman

    Wednesday, July 27, 2016 11:07 AM
  • Suman,

    If you want regular users to be able to filter based on the "AuthNWFRegistered" attribute, then you need to create an MPR to allow users to read AuthNWFRegistered attribute. did you do that already?


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Wednesday, July 27, 2016 1:39 PM
  • Not exactly but i have tried adding this attribute in the MPR "User management: Users can read selected attributes of other users" . unfortunately it was not working.

    Let me try creating a new MPR and bind it to the set of people. Is there any other setting need to be done apart from this.

    Regards,

    Suman

    Wednesday, July 27, 2016 2:55 PM
  • You just need to grant users to read this attribute and hope that'll fix your issue.

    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Wednesday, July 27, 2016 3:01 PM
  • Hello There,

    Sorry, i forgot to do IISRESET :(

    so just tried that and it is working. No need to cretae new MPR. Adding attribute in the MPR " "User management: Users can read selected attributes of other users" will work.

    Thanks for your suggestion and time.

    Regards,

    Suman

    • Marked as answer by Suman Baurai Thursday, July 28, 2016 11:32 AM
    Wednesday, July 27, 2016 3:08 PM
  • oh I didn't read that you said you tried to add the attribute, I thought you just enabled the MPR. Yes adding the attribute will have the same effect.

    I'm glad it's working.


    Did my post help? Please use "Vote As Helpful", "Mark as answer" or "Propose as answer". Thank you!

    Wednesday, July 27, 2016 3:10 PM