Hi all,
I have a specific edge case on AD account creation. We need to limit the length of some attributes such as givenName, sn, displayName, mail etc. in Active Directory Create Account policy. What I am looking for something like “cloudMaxSize” attribute but I know that one is only applicable for username transform. Any idea on how I can do this for other attributes? Thanks in advance!
Hi @sahincelik , Try using substring transform to limit the length of attributes in a create profile.
Hi @sahincelik,
This will depend on how you calculate your different accounts attributes.
Here an example for checking Active directory sAmAccountName :
{
"name": "sAMAccountName",
"transform": {
"type": "static",
"attributes": {
"samAccountNameValue": {
"type": "identityAttribute",
"attributes": {
"name": "uid"
}
},
"value": "#if($samAccountNameValue && $samAccountNameValue.length()<20)$samAccountNameValue#{else}$samAccountNameValue.substring(0,20)#end"
},
},
"attributes": {},
"isRequired": false,
"type": "string",
"isMultiValued": false
}
But if you identfied a list of attributes that you want to check those attributes length, you can gives actually logic that you use for each attributes.
Thanks a lot @baoussounda
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.