Move AD Account to cross domain

IdentityIQ (IIQ) IIQ Discussion and Questions
,
1

Hi,

How to move AD account to cross domain?

2

Hi,

Did you try it using BeforeProvisioning Rule ?

Thanks

3

Hi @kalyan_dev21

I dont think it is supported OOTB by AD Connector. You need to write a powershell script to achieve this

4

Yes, i have tried but it’s not working.

5

Could you guide me. how to achieve this?

6

This looks like a duplicate (or possibly 2 people working on the same problem for the same customer) as this post: How to move AD Account to cross domain?

I’d recommend consolidating the discussion to that thread.

2 Likes
7

Hi @kalyan_dev21 ,

This is aa sample Before Provisioning Rule to move account to different OU if there is change in department.

import java.util.List;

import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.tools.Util;

        String newOU = "OU=ASIA,DC=domain,DC=com";
        if (null != plan && (!Util.isEmpty(plan.getAccountRequests()))) {
            for (AccountRequest accountRequest : plan.getAccountRequests()) {
                if (accountRequest.getOperation().equals(ProvisioningPlan.AccountRequest.Operation.Modify)) {
                    List attributeRequestList = accountRequest.getAttributeRequests("department");
                    if (attributeRequestList != null && !attributeRequestList.isEmpty()) {
                        accountRequest.add(new AttributeRequest("AC_NewParent",
                                ProvisioningPlan.Operation.Set, newOU));
                    }

                }
            }
        }

This is rule is not checking for the uniqueness of nativeIdentity.

8

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.