I am trying to use below conditional transform in Provisioning Policy in which there is a rule to run (if condition matches), but it is not working. Can someone please tell a better approach for the same?
The issue is with the request centre ,While requesting entitlement it is not triggering ,it could be a bug.Try attaching the entitlement with an access profile and request the access profile.It will work for you!!
Try it Saurav.
Thanks!!
@imspurohit7991 , I suggest exploring “Create Unique LDAP Attribute” rule and find a workaround.
You could do following,
in “abcusername” identity attribute, calculate value of username based on the usertype value.
You could use conditional transform, if usertype is equal to “out” then value should be some value from account attribute, if usertype is something else, then calculate a base value of sAmAccountname, e.g. firstname.lastname
The in provisioning policy, you could do something like this to calculate sAMAccountName
The create account request is not getting triggered for any of the identities you tried? I believe you are requesting for an identity that does not have account in the target. The create operation will not get triggered if the sAMAccountName generated is not unique which means the account exists in the target. You can once check your rule logic if it generates unique username and the identity attribute “abcusername” is also unique. And ensure to define the correct rule name in the policy.
"transform": {...} isn’t a key that should be there. everything you have inside the transform block should be moved to the currently-empty attributes block, and remove the "transform": {}.
see the examples on the conditional transform primitive page.