Hi
We are busy with a birthright process and I need to know the following
- We need to lookup if a user already exists within Multiple AD domains based on one or more
attributes that is unique within AD - If the user does exist we need to write a message to ccg.log or other log file on the VA(Virtual Appliance) stating the user already exist and stop the process of creating the user and adding user to groups within AD.
- If there is a user within the same OU of an AD with preferred name and surname we need append the value as to create an unique value
My questions are the following
- Is this possible within IDN
- If all above is possible what rules we need to use based on the document link below
https://community.sailpoint.com/t5/IdentityNow-Articles/IdentityNow-Rule-Guide/ta-p/76665
1.As far as I can see the lookup(Point 1) for part will fall under the following rule?(Before Creation Rule) Thus looking up if the account has been created yes or no. The question I have is how then do we stop the process as to create an user account
2. Can you inject data in ccg.log file and if not can you create a log file file specifically for this or will the standard ccg.log file level suffice?
3. I think we do have a rule for this but just need some clarity on this one