[midPoint] couple of questions after a dry run
Ivan Noris
ivan.noris at evolveum.com
Mon Jun 22 17:21:26 CEST 2015
Hi Jason,
On 06/22/2015 05:11 PM, Jason Everling wrote:
> I did a dry run this weekend, and glad Ivan had mentioned it, over
> 2000 accounts would have been modified/changed.
>
> I failed to remember the middle initial that active directory uses in
> the DN for the account, not everyone has one or used.
>
> So in midpoint AD resource config I added the intials attributes
> mapped to additionalName,
>
> Question though,
>
> If I change the DN build in the resource config to
>
> <code>
> 'cn='+givenName+' '+additionalName+'
> '+familyName+iterationToken+','+organization+''
> </code>
>
> Will this work also for users without or null value for
> "additionalName" ? Or do I need to check for value in additionalName
> first then return 2 different codes for one with and one without
> additionalName?
Just a very wil guess: if additionalValue is null, you get two spaces
between givenName and familyName, right? That's perhaps not what you
need. Also I'm not sure, but in some circumstances you could get
"cn=Peter null Smith,..." DN.
So, if/then/else will be probably better.
Ivan
--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
More information about the midPoint
mailing list