Provision with a different Account ID on AD
Hi,
I have a requirement where in I am supposed to provision an AD resource with the user ID other than the one in IDM. Theres a mapping from accountID of IDM to sAMAccountName attribute of AD. If I tried to change the user id by doing : user.accounts[AD].accounId, I am facing an error which says ID doesnot exist. And also can any one guide me as to which is the attribute that AD considers as its user id, is it sAMAccountName or something else?
So I would appreciate for any kind of help.
Thanx.
[524 byte] By [
rsdthfstha] at [2007-11-26 16:58:07]
# 1
I am a newbiew in IDM but I have few ideas on your problem, but not sure whether they will work out.
Have you tried doing something likes this "resourceAccounts.currentResourceAccounts[AD].accountId
" I found it under 'BrowseResources' of BPE.
Also, I think you can customize the transformation[hardcode or use rule] of lighthouse to AD accountid through 'Meta View' and then 'Identity Attributes' tabs [these features are available in IDM7.0]
# 2
The way to set the account ID in the resource at create time is via the identity template (set during your resource configuration). However, if the ID has already been set and you want to change it you need to use the rename view in your workflow to rename the resource account.
# 3
Hi,Thanx alot for all the responses.Just to add, I want the ID on the IDM to remain same as it is, but only ID on the AD needs to be different.Thanx
# 4
Hi,When you provision you can use the "identity" field to set the UID on a resource account to be different than the Waveset.accountId, like this<set name='user.accounts[AD].identity'><s>SomeValue</s></set>HTH,Paul
# 5
Hi,
I am facing the same problem.
we need to use rename view, I tried with rename view and managed to change the DN which I can see in my rename view, but still I am not able to create multiple accounts with different DNs.
I am getting error as 'Object already exists'
can anybody give any ideas..
Thanks
# 6
You have two different unique attributes in AD with exchange server.
When you set identity to a value for an account, identity for the second account must be different.
But same constraint occurs on samaccountname for exchange server managed by AD.
So, in your WF, you should set identity and samaccountname to different values for each account.
