none
Using AD DN to get values for attributes in MIM portal RRS feed

  • Question

  • Hi

    I need to split AD DN and then use those values to fill in FIM Portal person attributes. I am trying to achieve this using MIM WAL but not sure how to do this. I had created the MPR, SET and workflow but seems not working. 

    a- How can we use/make available DN in Update Resource Activity .

    b- If dn is available i can use ValueByIndex(SplitString([//Target/ADDN],"="),1) to get amd map values. 

    Can anyone give some direction/pointers to achieve this?

    Thanks in advance.

    Thursday, October 31, 2019 1:07 PM

Answers

  • Thanks for the answer, I had tried the PowerShell approach which i would had published in this forum in few days.

    With this approach I crated a powershell activity which

    a- Fetches the dn based on the unique user id/accountname

    b- Split the dn

    c- return the hashtable of values.

    d- Use update attributes of workflow to map those values into MIM portal.

    Not sure if this is good practice and performance impact.

    • Marked as answer by Markus_MIM2016 Monday, November 18, 2019 4:15 PM
    Friday, November 8, 2019 3:54 AM

All replies

  • You can use a sync rule to import data into MIM metaverse, then to MIM Service.  Sync rules have several functions to extract data.  One is a function called Word, which lets you parse for text values.  

    https://docs.microsoft.com/en-us/microsoft-identity-manager/reference/mim2016-functions-reference#data-retrieval-functions

    Monday, November 4, 2019 9:47 PM
  • It's nearly impossible to do in MIM alone, because the only function for working with DNs only lets you choose one by number from the most specific end (the object name).  So unless you are incredibly rigorous with your container structure in AD, it's not going to help much.
    Workable solutions might include using a SQL MA for ETL, a generic powershell MA, or installing MIMWAL and using a transition workflow with its powershell activity.
    • Proposed as answer by Jordan Mills Monday, November 18, 2019 6:18 PM
    Thursday, November 7, 2019 12:59 AM
  • Thanks for the answer, I had tried the PowerShell approach which i would had published in this forum in few days.

    With this approach I crated a powershell activity which

    a- Fetches the dn based on the unique user id/accountname

    b- Split the dn

    c- return the hashtable of values.

    d- Use update attributes of workflow to map those values into MIM portal.

    Not sure if this is good practice and performance impact.

    • Marked as answer by Markus_MIM2016 Monday, November 18, 2019 4:15 PM
    Friday, November 8, 2019 3:54 AM
  • Thanks for the answer, I had tried the PowerShell approach which i would had published in this forum in few days.

    With this approach I crated a powershell activity which

    a- Fetches the dn based on the unique user id/accountname

    b- Split the dn

    c- return the hashtable of values.

    d- Use update attributes of workflow to map those values into MIM portal.

    Not sure if this is good practice and performance impact.

    As long as it only runs with local .NET objects (and doesn't make calls to remote services or load modules in remote sessions) it seems to have great performance.  What you're doing will probably not have much impact.
    Tuesday, November 12, 2019 5:09 PM