[Replace this text with your version of IIQ. The more specific you can be (7.1, 8.3, 8.X), the more people can help. If you do not know, put Unsure.]
[Please insert images here, otherwise delete this section]
[Please insert files here, otherwise delete this section]
I am working on a utility to create role and assign entitlements if the data is provided in an excel file. If some groups or entitlements are not present in the IIQ, then I need to create it automatically as part of the script. Can anyone please guide me what is the best approach to handle this usecase.
msingh900
January 30, 2026, 1:00pm
2
Hello @utkirjonkamiljanov
Is there any specific target applications for which you are trying to create group through utility? if there is , please specify and whether those app supports group creation or not.
3 Likes
This group creation is mainly for AD Application.
msingh900
January 30, 2026, 5:01pm
6
You can also use this method to create GROUP in IIQ.
/***
*
* @param plan
* @param groupCN
* @return
*/
private WorkflowLaunch launchLCMProv(ProvisioningPlan plan, String groupCN) {
// TODO Auto-generated method stub
logger.error("Exiting method launchLCMProv");
String satus = null;
WorkflowLaunch launch = null;
try {
if(null != plan) {
String workflowName = "Entitlement Update";
WorkflowLaunch wfLaunch = new WorkflowLaunch();
Workflow workflow = context.getObjectByName(Workflow.class, workflowName);
if(null != workflow) {
wfLaunch.setWorkflowName(workflow.getName());
wfLaunch.setWorkflowRef(workflow.getName());
Workflower workflower = new Workflower();
Map launchArgsMap = new HashMap();
launchArgsMap.put("plan", plan);
launchArgsMap.put("forgroundProvisioning", "true");
launchArgsMap.put("approvalScheme", "none");
launchArgsMap.put("notificationScheme", "none");
launchArgsMap.put("noTriggers", "true");
launchArgsMap.put("trace", "true");
wfLaunch.setVariables(launchArgsMap);
launch = workflower.launch(wfLaunch);
context.decache(workflow);
}
}else {
logger.error("Plan is null");
}
}catch(Exception excp) {
}
logger.error("Exiting method launchLCMProv");
return launch;
}
/***
*
* @param groupCN(DN of the group Name)
* @param dedicatedGroupDN (DN-groupName)
* @param launcher
* @param appName
* @param roleName
* @return
*/
public Object createGroupPlan(String groupCN, String dedicatedGroupDN, String launcher, String appName, String roleName) {
logger.info("Entering method createGroupPlan");
boolean isCreateGrpSuccess = false;
try {
ProvisioningPlan plan = new ProvisioningPlan();
ObjectRequest objReq = new ObjectRequest();
objReq.setApplication(appName);
objReq.setType("group");
objReq.setOp(ProvisioningPlan.ObjectOperation.Create);
objReq.setNativeIdentity(groupCN);
objReq.add(new ProvisioningPlan.AttributeRequest("distinguishedName", ProvisioningPlan.Operation.Set, groupCN));
objReq.add(new ProvisioningPlan.AttributeRequest("sAMAccountName", ProvisioningPlan.Operation.Set, getSamAccountName(groupCN)));
objReq.add(new ProvisioningPlan.AttributeRequest("description", ProvisioningPlan.Operation.Set, "Created by IIQ"));
objReq.add(new ProvisioningPlan.AttributeRequest("msDS-PrincipalName", ProvisioningPlan.Operation.Set, appName.toUpperCase()+"\\"+getSamAccountName(groupCN)));
plan.add(objReq);
WorkflowLaunch wfLaunch = launchLCMProv(plan, groupCN);
boolean isSuccess = getErrorMessageFromWorkflow(wfLaunch, groupCN, launcher, roleName);
if(!isSuccess) {
logger.error("Error while creating the group");
}else {
isCreateGrpSuccess = true;
}
}catch(Exception exception) {
logger.error("Exception occured "+ exception.getMessage());
isCreateGrpSuccess = false;
throw exception;
}
logger.info("Exiting method createGroupPlan");
return isCreateGrpSuccess;
}
Let me know if this works or not.
3 Likes
Thanks @msingh900 Let me try.
1 Like
system
March 31, 2026, 5:02pm
8
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.