Generating unique ID value to IDN

ts_fpatterson · July 28, 2023, 8:21pm

Use case:
sAMAccountName can’t be reused and must be unique.
HR contains sAMAccountName values for past and existing users.
AD only has current users as they are deleted after 30 days.
We have a transform that populates a IDN attribute for sAMAccountName.

How do we do a query to IDN to check the sAMAccountName to make sure it is unique, writing it to IDN and then using it to create the account in AD?

Many have said that you must use the account generator on the connector. But the connector doing the lookup, AD does not have all of the sAMAccountNames. We are needing to do the lookup to IDN.

iam_nithesh · July 28, 2023, 8:34pm

Would the new account in AD be created by means of Provisioning Create Account Operation? In such case, to check the new sAMAccountName (that was generated using some logic) is unique in IDN you may use IdnRuleUtil.countIdentitiesBySearchableIdentityAttribute in BeforeProvisioning rule.
Please note that you will have to make sAMAccountName a searchable attribute using this API

system · September 26, 2023, 8:35pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Generate unique sAMAccountName even after deletion in AD ISC Discussion and Questions identity-security-cloud , provisioning	8	496	February 3, 2024
Custom Logic to generate sAMAccountName ISC Discussion and Questions rules , identity-security-cloud , sources	7	612	July 19, 2023
Generate unique samaccountname for AD source ISC Discussion and Questions	2	1602	July 19, 2023
Unable to generate incremental samAccountName in AttributeGenerator Rule ISC Discussion and Questions identity-security-cloud , provisioning , attributes	5	318	March 8, 2024
sAMAccountName Generator ISC Discussion and Questions	15	3779	July 19, 2023

Generating unique ID value to IDN

Related Topics