none
Unique AD username RRS feed

  • Question

  • Hi,

    IMHO, its the most common issue when provisioning users to AD (via FIM) and yet there is nothing out-of-the-box in FIM.

    Have found this option, and was wondering if anyone has used this, as I got a few questions: http://uniqueaccountnamefim2010.blogspot.in/

    1. The blog talks about creating multiple functions: Option1, Option2, Option3, etc

        So are these the 'Options' simply the various username options? And one would need to create quite a few of them to ensure uniqueness.

    2. Where does this activity check for username uniqueness? does it check the FIM Portal, or Active Directory?

    3. Our username convention is: 1st letter of firstName+surname+number (if there are conflicts) - limited to 20 characters as I recall for AD username. What would the custom expression be for this?:

    • Option 1: Custom Expression Left(FirstName,1)+Left(LastName,6)
    • Option 2: Custom Expression Left(FirstName,1)+Left(LastName,6)+String(1)
    • Option 3: Custom Expression Left(FirstName,1)+Left(LastName,6)+String(2)
    • etc

    4. Will this work with R2's Filter Based Outbound Sync Rules?

    Thank you,

    SK

    PS. Would be nice if the new FIM (MIM) version ships with a 'GenerateUniqueUsername' function :)



    • Edited by Shim Kwan Tuesday, May 6, 2014 12:12 AM
    Monday, May 5, 2014 11:55 PM

Answers

  • Hi Shim,

    This makes use of a custom workflow activity.  See below for more info on the activity. 

    http://www.wapshere.com/missmiis/generate-unique-attribute-activity

    Answers for your questions : 

    1. Yes, Option 1, 2, 3, 4 are various usernames in order of preference. Yes, this activity is limited to 4 options and assumes by then it finds a unique value.  

    2. The uniqueness is checked via a XPath query within the portal (FIM Service) against the attribute you choose. You need to keep this attribute synchronized with the AD attribute you want. 

    3. Yes you are right. 

    • Option 1: Custom Expression Left(FirstName,1)+Left(LastName,6)
    • Option 2: Custom Expression Left(FirstName,1)+Left(LastName,6)+"1"
    • Option 3: Custom Expression Left(FirstName,1)+Left(LastName,6)+"2"

    If you want more options you can right your own activity for this. see

    http://www.fimspecialist.com/fim-portal/custom-workflow-examples/generate-unique-attribute-workflow-using-enumerate-resources-activity/

    4. This workflow activity will set the value in a FIM portal attribute. You can use any type of sync rule to push the value to other sources. 

    • Marked as answer by Shim Kwan Tuesday, May 6, 2014 9:41 PM
    Tuesday, May 6, 2014 1:38 AM
  • I don't Carol has catered for special characters in her activity. However you can use ReplaceString Function in custom expression to remove or replace the special characters before you pass them to the activity. 

    If you are new to custom workflow activity and want to create one following is a good tutorial to start. 

    http://msdn.microsoft.com/en-us/library/windows/desktop/ff859524(v=vs.100).aspx

    • Marked as answer by Shim Kwan Tuesday, May 6, 2014 9:41 PM
    Tuesday, May 6, 2014 11:44 AM

All replies

  • Hi Shim,

    This makes use of a custom workflow activity.  See below for more info on the activity. 

    http://www.wapshere.com/missmiis/generate-unique-attribute-activity

    Answers for your questions : 

    1. Yes, Option 1, 2, 3, 4 are various usernames in order of preference. Yes, this activity is limited to 4 options and assumes by then it finds a unique value.  

    2. The uniqueness is checked via a XPath query within the portal (FIM Service) against the attribute you choose. You need to keep this attribute synchronized with the AD attribute you want. 

    3. Yes you are right. 

    • Option 1: Custom Expression Left(FirstName,1)+Left(LastName,6)
    • Option 2: Custom Expression Left(FirstName,1)+Left(LastName,6)+"1"
    • Option 3: Custom Expression Left(FirstName,1)+Left(LastName,6)+"2"

    If you want more options you can right your own activity for this. see

    http://www.fimspecialist.com/fim-portal/custom-workflow-examples/generate-unique-attribute-workflow-using-enumerate-resources-activity/

    4. This workflow activity will set the value in a FIM portal attribute. You can use any type of sync rule to push the value to other sources. 

    • Marked as answer by Shim Kwan Tuesday, May 6, 2014 9:41 PM
    Tuesday, May 6, 2014 1:38 AM
  • Thanks Sameera!

    One last question - I guess this activity won't deal with some things that might be found in surnames like

    " ' " or " - ", etc?

    Hence one may need to write an activity, or a rules extension to perform these additional checks?

    Tuesday, May 6, 2014 5:20 AM
  • I don't Carol has catered for special characters in her activity. However you can use ReplaceString Function in custom expression to remove or replace the special characters before you pass them to the activity. 

    If you are new to custom workflow activity and want to create one following is a good tutorial to start. 

    http://msdn.microsoft.com/en-us/library/windows/desktop/ff859524(v=vs.100).aspx

    • Marked as answer by Shim Kwan Tuesday, May 6, 2014 9:41 PM
    Tuesday, May 6, 2014 11:44 AM
  • Thx Sameera
    Tuesday, May 6, 2014 9:41 PM