Need Provisioning Forms for Update & Delete Operations for Active Directory Application

IdentityIQ (IIQ) IIQ Discussion and Questions
, ,
1

I’m currently working on customizing provisioning in SailPoint IdentityIQ (v8.x) for an Active Directory application. I already have a Create Account provisioning form in place, but I now need to implement Update Account and Delete Account provisioning forms.

Could anyone please share an example or best-practice approach for:

  • Update Account Provisioning Form

  • Delete/Disable Account Provisioning Form (for account deactivation or full deletion)

If you have sample XML files, form structures, or guidance on how you implemented this in your environment, it would be a big help.

Thanks in advance!

2

Hi @Viraj
Try this for update

<Section label="Account Details" name="Account">

    <!-- DN (readonly) -->
    <Field displayName="Distinguished Name"
           name="distinguishedName"
           type="string"
           readOnly="true"/>

    <!-- Display Name -->
    <Field displayName="Display Name"
           name="displayName"
           type="string">
        <Value>
            <Script>
                return account.getAttribute("displayName");
            </Script>
        </Value>
    </Field>

    <!-- Department -->
    <Field displayName="Department"
           name="department"
           type="string">
        <Value>
            <Script>
                return account.getAttribute("department");
            </Script>
        </Value>
    </Field>

    <!-- Title -->
    <Field displayName="Title"
           name="title"
           type="string">
        <Value>
            <Script>
                return account.getAttribute("title");
            </Script>
        </Value>
    </Field>

    <!-- Manager -->
    <Field displayName="Manager (DN)"
           name="manager"
           type="string">
        <Value>
            <Script>
                return account.getAttribute("manager");
            </Script>
        </Value>
    </Field>

    <!-- Enable / Disable Checkbox -->
    <Field displayName="Disable Account"
           name="IIQDisabled"
           type="boolean">
        <Value>
            <Script>
                return account.getAttribute("IIQDisabled") == "true";
            </Script>
        </Value>
    </Field>

    <!-- Group Membership -->
    <Field displayName="Groups (DN List)"
           name="memberOf"
           type="string"
           multi="true">
        <Value>
            <Script>
                return account.getAttribute("memberOf");
            </Script>
        </Value>
    </Field>

</Section>
3

Hi @Viraj ,

Can you please specify your requirements for both operations. for ex- in update what the fields that you are looking for update and same for disable/delete.