The following scenario demonstrates how to synchronize multiple owners attributes such as, ManagedBy and SecondaryOwners to Google Owners attributes. This scenario involves two tasks, Configuration on Active Roles Server and Configuration on Quick Connect Sync Engine.
This task includes the following steps:
To create the virtual attribute 'edsvaOwners'
To create the script module
function onPostCreate($Request)
{
if ($Request.Class -ine "GROUP") {
exit
}
if (!( (IsAttributeModified "managedBy" $Request) -or
(IsAttributeModified "edsvaSecondaryOwners" $Request)) )
{
exit
}
#1. Declare the result array
$resultObjects = @()
#2. Query ManagedBY
if ((IsAttributeModified "managedBy" $Request))
{
$managedBy = $Request.Get("managedBy")
$resultObjects +=$managedBy
# Read Secondary Owners from DirObj
$Dirobj.GetInfoEx(@("edsvaSecondaryOwners"), 0)
$edsvaSecondaryOwners = $Dirobj.Get("edsvaSecondaryOwners")
foreach ($qcobject in $edsvaSecondaryOwners)
{
$resultObjects +=$qcobject
}
}
#4. Query Secondary Owners
if ((IsAttributeModified "edsvaSecondaryOwners" $Request))
{
$edsvaSecondaryOwners = $Request.Get("edsvaSecondaryOwners")
#5. Loop edsvaSecondaryOwners
foreach ($qcobject in $edsvaSecondaryOwners)
{
$resultObjects +=$qcobject
}
# Read managedBy Owners from DirObj
$Dirobj.GetInfoEx(@("managedBy"), 0)
$managedBy= $DirObj.Get("managedBy")
$resultObjects +=$managedBy
}
$DirObj.Put("edsvaOwners", $resultObjects)
$DirObj.SetInfo()
}
function onPostModify($Request)
{
if ($Request.Class -ine "GROUP") {
exit
}
if (!( (IsAttributeModified "managedBy" $Request) -or
(IsAttributeModified "edsvaSecondaryOwners" $Request)) )
{
exit
}
#1. Declare the result array
$resultObjects = @()
#2. Query ManagedBY
if ((IsAttributeModified "managedBy" $Request))
{
$managedBy = $Request.Get("managedBy")
$resultObjects +=$managedBy
# Read Secondary Owners from DirObj
$Dirobj.GetInfoEx(@("edsvaSecondaryOwners"), 0)
$edsvaSecondaryOwners = $Dirobj.Get("edsvaSecondaryOwners")
foreach ($qcobject in $edsvaSecondaryOwners)
{
$resultObjects +=$qcobject
}
}
#4. Query Secondary Owners
if ((IsAttributeModified "edsvaSecondaryOwners" $Request))
{
$edsvaSecondaryOwners = $Request.Get("edsvaSecondaryOwners")
#5. Loop edsvaSecondaryOwners
foreach ($qcobject in $edsvaSecondaryOwners)
{
$resultObjects +=$qcobject
}
# Read managedBy Owners from DirObj
# set Binding to managedBy attribute
$Dirobj.GetInfoEx(@("managedBy"), 0)
# read managedBy
$managedBy= $DirObj.Get("managedBy")
$resultObjects +=$managedBy
}
$DirObj.Put("edsvaOwners", $resultObjects)
$DirObj.SetInfo()
}
function IsAttributeModified ([string]$strAttributeName, $Request)
{
$objEntry = $Request.GetPropertyItem($strAttributeName, $Constants.ADSTYPE_CASE_IGNORE_STRING)
if ($objEntry -eq $null) { return $false}
$nControlCode = $objEntry.ControlCode
if ($nControlCode -eq 0) { return $false }
return $true
}
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center