locked
Generate unique attribute during projection RRS feed

  • Question

  • Hi all!

    I've got to generate a unique attribute during projection that takes the form: john.smith@myorganization.com. The problem arises if there happens to be another "John Smith" in the metaverse already.

    I would therefore like to create attributes that equal: john.smith1@myorganization.com, john.smith2@myorganization.com, and soforth. The projected objects are going to be provisioned to a system that requires that the said attribute, under no circumstaces may be duplicated.

    How would you sugest I check if the attribute already exists in the metaverse, to prevent dupes?

    I'm planning on doing the attribute modification in a rules extension .dll. If this can be solved easily in a codeless way, I'm all ears, but I assume I need to write some code :).

    void IMASynchronization.MapAttributesForImport(string FlowRuleName, CSEntry csentry, MVEntry mventry)
    {
        //
        // Import attribute flow code
        // Extremely simple code for simplicity
        //
    
        switch (FlowRuleName)
        {
          case "createEPPN":
            //create modified attribute from csentry[] values, and check for exisiting metaverse attribute
            csentry["EPPN"].Value = modifiedAttribute;
            break;
        }
    }
    
    
    
    

    Thanks,

    Francis

    Tuesday, November 23, 2010 10:06 PM

Answers

  • Yes! that's the (dependency) error i'm talking about :)

    What I do to create such a rules extension in the MA config:

    1. Select the object type
    2. Check Import
    3. Check Advanced
    4. Choose one (or more) attributes in the data source
    5. Choose one (or more? can this?) attributes in the metaverse
    6. Fill in the "flow rule name", in your case: createEPPN

    The attributes you choose (select in the IAF) in the data source, are the ones you can reference in your code using csentry["attributeName"]. So in your case you would need to select:

    • givenName from the datasource
    • EPPN from the metaverse

     


    http://setspn.blogspot.com
    Wednesday, November 24, 2010 9:33 PM

All replies

  • Here is a small example of how I handle a unique accountName generation. It uses FindMVEntries to check wheter the attribute is already used in the MV

     

          ' Check if the passed accountName value exists in the metaverse by
          ' using the Utils.FindMVEntries method.
          findResultList = Utils.FindMVEntries("accountName", strAccountName, 1)
    
          ' If the value does not exist in the metaverse, use the passed value
          ' as the metaverse value.
          If findResultList.Length = 0 Then
            getUnqiueAcountName = strAccountName
            Log("AccountName: " & strAccountName & " is not present in the MV")
            Exit For
          End If
    
          ' Check that the connector space entry is connected to the
          ' metaverse entry.
          mvEntryFound = findResultList(0)
          If mvEntryFound Is mventry Then
            getUnqiueAcountName = strAccountName
            Log("AccountName: " & strAccountName & " belongs to: " & mventry.ToString)
             End If
    
    

    And that piece of code is called from within the same method you reference: IMASynchronization.MapAttributesForImport
    To make sure it only gets changed at initial projection to the metaverse I've added the code below. It will only exeucte if "accountName" is NOT present.

    ' a value from the getUnqiueAcountName function. 
            If (Not mventry("accountName").IsPresent()) Then
    
    
    

     I'm not saying this code is 100% super. But I think it's a valid approach. I'm sure there's other ways. Comments are welcome.

     


    http://setspn.blogspot.com
    Tuesday, November 23, 2010 10:18 PM
  • Thanks, that was very usefull!

    I'm having a bit of an issue (probably very simple to solve).

    This works during synchronization:

    mventry["EPPN"].Value = "TEST";

    This gives me an error:

    mventry["EPPN"].Value = csentry["givenName"].Value;

    Microsoft.MetadirectoryServices.AttributeNotPresentException: Attribute "givenName" is not present.
       at Microsoft.MetadirectoryServices.Impl.AttributeImpl.get_Value()
       at SOAPOpenLDAPExportExtension.MAExtensionObject.Microsoft.MetadirectoryServices.IMASynchronization.MapAttributesForImport(String FlowRuleName, CSEntry csentry, MVEntry mventry)

    Do you have any idea as to why this is happening? givenName is mapped directly like this "givenName  --> givenName ".

    I also tried setting givenName to "Must have", but the error persists.

    Thanks,

    Francis

     

     

    Wednesday, November 24, 2010 6:00 PM
  • does that CSEntry has a value for givenName? if its empty the error like this one will occur.

    try

    if csentry["givenName"].IsPresent then

     mventry["EPPN"].value = csentry["givenName"].value

    end if

     

     

    Wednesday, November 24, 2010 6:54 PM
  • Evgeniy is right, it's a good idea to make your code as foolproof as possible.

    Besides that, did you include the "givenName" in the definition of the advanced IAF (rules extension)?  I know you have to include those attributes in order to be able to use them. However I have no clue whether the error you mentioned is the same error thrown by leaving out the called attributes. It' been a while since I did some coding.


    http://setspn.blogspot.com
    Wednesday, November 24, 2010 8:07 PM
  • Thanks,

    I'm not sure I understand what you mean with regards to declaring the attributes. Could you post an example? :)

    I have configured the attribute flow like this: EPPN --> EPPN (Rules Extension - createEPPN), the other attributes are mapped "direct".

    Not all objects I import have an EPPN, others just need updating.

    Only objects that allready have an EPPR get updated. If I select Advanced --> Constant, all objects get updated. Is there a way to update all object's "EPPR" programmatically?

    I tried the following code, as sugested by Evgeniy:

    void IMASynchronization.MapAttributesForImport(string FlowRuleName, CSEntry csentry, MVEntry mventry)
    {
      switch (FlowRuleName)
      {
        case "createEPPN":
          //mventry["EPPN"].Value = "hello world";
    
          if (csentry["givenName"].IsPresent)
            mventry["EPPN"].Value = csentry["givenName"].Value;
          else
            mventry["EPPN"].Value = "was null";
    
          break;
      }
    }
    

    Sadly, I still got an error stating:

    Microsoft.MetadirectoryServices.AttributeNotDefinedAsSourceException: Attribute "givenName" is not declared as a dependency.

    The commented out "hello world" code works for all objects that have an EPPN on import.

    Thanks again,

    Francis

    Wednesday, November 24, 2010 9:03 PM
  • Yes! that's the (dependency) error i'm talking about :)

    What I do to create such a rules extension in the MA config:

    1. Select the object type
    2. Check Import
    3. Check Advanced
    4. Choose one (or more) attributes in the data source
    5. Choose one (or more? can this?) attributes in the metaverse
    6. Fill in the "flow rule name", in your case: createEPPN

    The attributes you choose (select in the IAF) in the data source, are the ones you can reference in your code using csentry["attributeName"]. So in your case you would need to select:

    • givenName from the datasource
    • EPPN from the metaverse

     


    http://setspn.blogspot.com
    Wednesday, November 24, 2010 9:33 PM