Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.
Hi All,
we have a beanshell rule of type ‘AttributeGenerator’ to derive a unique name after searching in different sources for accounts(including uncorelated ones).
We use accountExistsByDisplayName(java.lang.String applicationName, java.lang.String displayName) across various AD sources, and it seems to work. However to derive the uniquename not ony AD sources we have to look up for NON-AD downstream system as well (elearning system),
by looks accountExistsByDisplayName method does not work for NON-AD based systems. I can see some recommendaton to use accountExistsByNativeIdentity(applicationName, nativeIdentity), but at the same time, I am hearing it will not work for un-corelated accounts, in our situation we need to scan both un-corelated and corelated accounts.
Can someone shed some light as to what would be the best practice to have for such a lookup? Is there any other function we can use which is more generic which will scan both the accounts?
If you have configured that attribute as the native identity in other downstream applications, you can use the following method to perform a uniqueness check:
If you want to search across multiple sources and not all of them has the attribute you’re wanting to search as the display name or id (nativeIdentity), use attSearchCountAccounts and have your IsUnique function return a true or false based on if the result of that method is zero or not.
HI @UjjwalJain thanks for your reply, I cannot see this attribute defined as native identity unfortunately, because I can see ‘Account ID’ in schema but not mapped to anything in ‘Create Account’, as such we cannot use getAccountByNativeIdentity
However due to above my intent is to use attSearchCountAccounts function.
As a side question, given in our system, the above rule is a cloud rule of type AttributeGenerator, how can I quickly test it out.? because currently we ask sailpoint support to upload it, is there any quick way I can do the change and unit test?
Thanks @mcheek Yes plan is to use attSearchCountAccounts function.
However in our system, the above rule is a cloud rule of type AttributeGenerator, how can I quickly test it out.? because currently we ask sailpoint support to upload it, is there any quick way I can do the change and unit test myself ?
Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.