"attrSearchCountAccounts" not checking mail addresses in all OU's

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

Hi Folks,

I am using below query to search for any existing mail or proxy address attributes during user creation. If its “0” then it will take the default mail else it will increment with 1 to create unique mail attributes.

But, if any user matches mail exist in different OU, then it is not searching for that attribute.

Example: User ‘Test’ exist in OU “ORG1” with mail ‘Test@xyz.com’. Now during new user creation, below query is searching mail in AD with ‘Test@xyz.com’ in AD, but if user exist in different OU other then user’s actual OU to be created, say “ORG2”, then it is taking the same mail "‘Test@xyz.com’, instead of incrementing it.

-------------------- Code------------
do {
String newEmail = namePrefix + (suffixCounter == 0 ? “” : String.valueOf(suffixCounter)) + emailSuffix;
List emailCandidate = new ArrayList(Arrays.asList(new String {
“smtp:” + newEmail, “SMTP:” + newEmail,newEmail
}));

if(idn.attrSearchCountAccounts(sourceId, SEARCH_ATTR_NAME, SEARCH_EQUALS_OP, emailCandidate) == 0 && idn.attrSearchCountAccounts(sourceId, SEARCH_MAILATTR_NAME2, SEARCH_EQUALS_OP, emailCandidate) == 0)

Please suggest if we can add search OU filter around this to work. So it will check all AD’s OU for any value.

Thanks

2

Hi @msingh39,

The method idn.attrSearchCountAccounts usually checks/compares the accounts that are aggregated within the source.

If you do not plan to bring in the accounts from other OU’s into the source, but want to do the uniqueness check, you may want to try the method - isUniqueLDAPValue

Here is the link

image
image1606×704 57.2 KB

1 Like
3

Thanks for suggesting this parameter. I will try this out now.

4

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.