IdnRuleUtil Attribute Search Count Account with array validation

Hello Everyone! Hope you’re good!

I was developing a UsernameGenerator Rule for Active Directory, but i need to validate de sAMAccountName generated in more than one attribute and source. One of the attributes was the ProxyAddress from Azure, that return an array, and can be one or more values.

Using the IdnRule Util with this params:

idn.attrSearchCountAccounts(<Azure SourceId>, PromotedProxy, StartsWith, <sAMAccountName generated>)

the PromotedProxy is the searchable attribute config that have the azure source id and de ProxyAddress Attribute from Azure

The doubt is, using that startWith in an array return, it’ll validate one by one, going throught the values in the array, or it will validate the array like a string?

example of ProxyAddress Return:

"promotedProxy": [
    "x500:/o=Test/ou=Exchange Administrative Group (XXXXXXXX)/cn=Recipients/cn=User Example",
    "smtp:[email protected]",
    "SMTP:[email protected]",
    "smtp:[email protected]",
    "x500:/o=test/ou=Exchange Administrative Group (XXXXXXXXXX)/cn=Recipients/cn=userIdExample"
]

In this case I need to modify the sAMAccount to use the startWith and mock the ‘SMTP:’ before the sAMAccountName generated, its not a problem, just the doubt if it will validate the return as a string like "[ \"value1\", \"value2\" ]" or as an object getting string by string.

hi @GuiNab,

I doubt if the promotedProxy would be considered as object when you use attrSearchCountAccounts method.
If you use startsWith this might check only if the generated sAMAccountName is used at the starting of the promotedProxy.

I would suggest doing this.

1. Create a new identity attribute and store all of the values that you get in this.
2. Then use countIdentitiesBySearchableIdentityAttribute in your rule to identify if the generated sAMAccountName is used anywhere.

Thanks,
Uday

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.