Uniquely generated id using IDN Rule Util method conflicts during AD account creation

Hi All,

I am trying to generate a unique id value for a new user during new AD account creation. I am using attrSeachCountAccounts method (IDN Rule Util method) for this.

I see an issue while using this method.

This method works perfectly when I create one user at a time.

But if I send multiple user creation requests in a single go, my requests don’t know that the unique value generated is conflicting among themselves. So same unique value is assigned to all of my requests.

Is there a way we can fix this issue in this scenario? Any insights would be helpful.

Following is my attribute generator rule:

	import sailpoint.tools.GeneralException;
    import java.util.ArrayList;
    import java.util.List;
    import java.util.Arrays;
    import sailpoint.object.Identity;
    import org.apache.commons.lang.StringUtils;

    List eeNumberSources = new ArrayList(Arrays.asList(new String[] {

    public String generateEENumber (String eeNumPrefix, int iteration) throws Exception {
        if (iteration > 999999) {
            throw new Exception("Duplicate eeNumber counter limit 999999!");
        String eeNum = eeNumPrefix + iteration;
        if ( isUnique (eeNum))
            return eeNum;
        else  {
            return generateEENumber(eeNumPrefix,iteration+1);
    public boolean isUnique(String currentEENumber) {
        String equalsOp = "Equals";
        boolean isUnique = true;
        List searchValues = new ArrayList(Arrays.asList(new String[] {currentEENumber}));
        // check eeNumbers
        if (idn.attrSearchCountAeeounts(eeNumberSources, "alleeNumbers", equalsOp, searchValues) > 0) {
            isUnique = false;
        return isUnique;
    int maxInitialEeNumber = 500000;
    String eeNumPrefix = "ee";
    String generatedUniqueEENumber = null;
    generatedUniqueEENumber = generateEENumber(eeNumPrefix,maxInitialEeNumber);
    return generatedUniqueEENumber;

I appreciate your help thanks.


We faced the same issue but since it was a sparse scenario with our client they agreed to fix it manually if it occurred.

As per my understanding, for the uniqueness check to function correctly that data has to be committed/present in system before the new request is generated. If its part of the same request it may possibly return the same value for multiple users. If you are doing it in Source create profile you can try using the sourceCheck:true option set and check if that helps!

Hi @sharvari,
Thank you for responding.

Quick question: What will this sourceCheck:true option do?


It validates the existence of value in target system.