Applies To:
GroupID 8, 9, 10 - Synchronize
Business Scenario:
Our company policy requires us to generate the user logon name as 'FLastName', i.e., the first initial of the first name + last name.
If there is already a user with the same sAMAccountName, append initials; otherwise append a digit.
Try F.Last
If conflict, try FI.Last, where I stands for initials.
If conflict, try FI(n).Last, where n is a number starting from 1.
Solution:
GroupID Synchronize jobs are used to synchronize user accounts and their attributes between a source and destination. While synchronizing our users from any source, like MS Excel to Active Directory, we can use a script to transform the attributes as per requirement.
Generating F.LastName can be done easily using the following script in transform. However, to verify uniqueness, we will use the built-in Power Tool, Imanami.Synchronize.ActiveDirectoryTool.dll.
| Left(DTM.Source("First"),1) & "." & DTM.Source("Last") |
| Note: | For this article, we will be using the sAMAccountName attribute; however, the process discussed below can be used to ensure uniqueness for any attribute, such as Display Name. |
Steps:
- In GroupID Management Console, expand the Synchronize node, right-click All Jobs and then proceed to create a new job that synchronizes users between two providers.
- Provide information about the source and the destination on the Select Source and Select Destination pages of the wizard respectively.
- On the Sync Object page, select an appropriate option for the type of users (User, Mail-enabled User, Mailbox-enabled User, Contact, or Mail-enabled Contact) you want to create.
- On the Select Fields page, select the required attributes.
- On the Field Map(s) page, click Edit Global Script.
- In Global Script Editor, click Tools > Add/Remove Reference.
- On the Add Reference dialog box, click Browse.
- (For GroupID 8) Go to C:\Program Files\Imanami\GroupID 8.0\Synchronize\PowerTools and select Imanami.Synchronize.ActiveDirectoryTool.dll. Click Open and then OK.
- In Global Script Editor, click Build > Compile Script. On successful compilation, close the editor.
- Now click the Transform button against sAMAccountName.
- On the Transform dialog box, select the Script option from the drop-down list and click Edit Script.
- In Script Editor, use the script given below. You may need to change the DTM.source values according to your source attribute names.
ActiveDirectoryTool.ConfigureFromDestination()
DIM gid as string
DIM sam as string
DIM fdl, fmdl, fm1dl as string
DIM num as integer
DIM isVerified as boolean
gid = Mid(DTM.Source("I"), 1, 1)
num = 1
fdl = Left(DTM.Source("First"),1) & "." & DTM.Source("Last")
fmdl = Left(DTM.Source("First"),1) & gid & "." & DTM.Source("Last")
'fm1dl = Left(DTM.Source("First"),1) & gid & num & "." & DTM.Source("Last")
If ActiveDirectoryTool.VerifyUniqueInDomain("sAMAccountName=" & fdl)
sam = fdl
else
isVerified = false
sam=fmdl
if(ActiveDirectoryTool.VerifyUniqueInDomain("sAMAccountName=" & sam))
isVerified = true
ELSE
do while(isVerified = false)
sam = Left(DTM.Source("First"),1) & gid & num & "." & DTM.Source("Last")
if(ActiveDirectoryTool.VerifyUniqueInDomain("sAMAccountName=" & sam))
isVerified = true
end if
num = num + 1
loop
end if
end If
DTM.Result = sam -
Now test the script by clicking the check mark next to Don't forget to test your script.
-
After successful testing, click OK to save and close the editor.
-
Now complete the remaining pages of the wizard to finish the job.
-
Run the job to get the results.