Skip to content

ConditionalRename

Jump to bottom Edit New page
Søren Granfeldt edited this page Dec 1, 2017 · 2 revisions

The ConditionalRename element enables you to do conditional renames of DN's. You can specify conditions that need to be met before renaming takes place. Renames are typically used against LDAP source, such as Active Directory for moving objects between OUs.

Currently, the rename supports changing the DN. It is also possible to perform de-provisioning and (re-)provisioning instead of an actual rename. This is useful for systems, such as SAP, that does not support renaming. Source element - This is the source attribute containing the new anchor value, e.g. distinguishedName could be used against Active Directory. Allowed values are the name of any metaverse attribute.

  • NewDNValue - This is new value for the [DN]. You can use the #mv:# to insert values from metaverse attributes (a blank is inserted if no value is present). In the example below, you can see how a new Active Directory distinguishedName is constructed
  • DNAttribute - Current only the value [DN] is supported.
  • Conditions - This contains a list of the conditions that must to be met before the renaming is done. These conditions are specified exactly as the conditions used for provisioning and deprovisioning.

NOTE - You can include the ConditionRename element in a 'Provision' action and that rule could then also rename an existing connector if conditions match.

Please note the Action in the sample below is set to 'Rename' for rename rules.

<Rule>
      <Name>rename active user without adou</Name>
      <Description></Description>
      <TargetManagementAgentName>ad</TargetManagementAgentName>
      <Enabled>true</Enabled>
      <SourceObject>person</SourceObject>
      <TargetObject>user</TargetObject>
      <Action>rename</Action>
      <ConditionalRename>
        <NewDNValue>CN=#mv:displayName# (#mv:accountName#),OU=Full Time Employees,DC=contoso,DC=com</NewDNValue>
        <DNAttribute>[DN]</DNAttribute>
        <Conditions>
          <ConditionBase xsi:type="ConditionIsPresent">
            <Description>accountName must be present</Description>
            <MVAttribute>accountName</MVAttribute>
          </ConditionBase>
          <ConditionBase xsi:type="ConditionIsNotPresent">
            <Description>adOU must be empty</Description>
            <MVAttribute>adOU</MVAttribute>
          </ConditionBase>
          <ConditionBase xsi:type="ConditionMatch">
            <Description>employeeStatus is ACTIVE</Description>
            <MVAttribute>employeeStatus</MVAttribute>
            <Pattern>^ACTIVE$</Pattern>
          </ConditionBase>
        </Conditions>
      </ConditionalRename>
</Rule>
Add a custom footer

Home

Rules

Externals

Installation

Clone this wiki locally