Which IIQ version are you inquiring about?
8.3
I have a provisioning policy but i want to disable the AD account on creation how do i that and also i need to create a temp password for them ?
@rrcooke -
Step-by-Step Configuration
1. Provisioning Policy (Account Creation Policy)
Make sure the provisioning policy contains the following attributes:
a) userAccountControl
Set this to a value that disables the account.
514= Disabled Account (normal account + disabled)
b) Temporary Password
Set a temporary password using Provisioning policy form.
2. Before Provisioning Rule (Optional but Recommended)
If you want to dynamically generate the password and assign it, use a Before Provisioning Rule (on the AD application):
Example Snippet (BeanShell):
if (plan != null && plan.getOperation() == ProvisioningPlan.Operation.Create) {
List<AccountRequest> acctRequests = plan.getAccountRequests();
for (AccountRequest acctReq : acctRequests) {
if (acctReq.getApplicationName().equals("Active Directory")) {
String tempPwd = "Temp#" + System.currentTimeMillis(); // Or use your own password logic
acctReq.addAttributeRequest(new AttributeRequest("password", ProvisioningPlan.Operation.Set, tempPwd));
acctReq.addAttributeRequest(new AttributeRequest("userAccountControl", ProvisioningPlan.Operation.Set, "514")); // Disabled
}
}
}
Hope this helps.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.