<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1124813653;
mso-list-type:hybrid;
mso-list-template-ids:45267722 -373817332 67895299 67895301 67895297 67895299 67895301 67895297 67895299 67895301;}
@list l0:level1
{mso-level-start-at:0;
mso-level-number-format:bullet;
mso-level-text:-;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-font-family:Calibri;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="FR" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Hello,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">I thinks yes, in my case we generate a certificate for each new user after her creation in AD. That means than the user
need to be exist before calling powershell script which will create the certificate.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">We use this script under resource balise.
<o:p></o:p></span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><![if !supportLists]><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><span style="mso-list:Ignore">-<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Operation focus that the script is execute on add user
<o:p></o:p></span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><![if !supportLists]><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><span style="mso-list:Ignore">-<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">And order permit to do this after<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;background:silver;mso-highlight:silver;mso-fareast-language:EN-US">scripts</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">script</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">host</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">resource</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">host</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">language</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">powershell</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">language</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">argument</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">c:path</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US">
<span style="color:#7F007F">xsi:type</span><span style="color:black">=</span><i><span style="color:#2A00FF">"t:ItemPathType"</span></i><span style="color:teal">></span><span style="color:black">$user/name</span><span style="color:teal"></</span><span style="color:#3F7F7F">c:path</span><span style="color:teal">></span><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">name</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">identity</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">name</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">argument</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">code</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">powershell
"D:\midpoint\create-certificate\create-certificate.ps1 $identity"</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">code</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">operation</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">add</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">operation</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">kind</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">account</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">kind</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US"> </span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"><</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">order</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">after</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">order</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;mso-fareast-language:EN-US">script</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:black;mso-fareast-language:EN-US">
</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US"></</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:#3F7F7F;background:silver;mso-highlight:silver;mso-fareast-language:EN-US">scripts</span><span lang="EN-GB" style="font-size:10.0pt;font-family:Consolas;color:teal;mso-fareast-language:EN-US">></span><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">If I remember change log, in last version you have more option for make critical or not the result of this script .<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Cordialement,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"><o:p> </o:p></span></p>
<table class="MsoNormalTable" border="1" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border:none;border-top:solid #00BBDF 3.0pt">
<tbody>
<tr>
<td width="708" valign="top" style="width:225.75pt;border:none;padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#1F497D"><img width="174" height="22" id="Image_x0020_1" src="cid:image001.png@01D40365.E0AFE0F0" alt="cid:8e2f30c3-f5eb-4f4e-aefb-9d083f8a3b45"></span><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><b><span style="font-size:10.0pt;line-height:105%;font-family:"Arial",sans-serif;color:#1F497D;mso-fareast-language:EN-US">Sylvaire-Kevin TIPA</span></b><i><span style="font-size:10.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#757B80;mso-fareast-language:EN-US">
<o:p></o:p></span></i></p>
<p class="MsoNormal" style="line-height:105%"><i><span style="font-size:10.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#767171;mso-fareast-language:EN-US">Thales Services / OIC / DevOps Automatisation Infrastructures<o:p></o:p></span></i></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#BFBFBF;mso-fareast-language:EN-US">…………………………………………………………………………………………<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:9.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:gray;mso-fareast-language:EN-US">THALES SERVICES SAS<br>
44 Quai Charles de Gaulle<br>
CS 20100<br>
69463 Lyon Cedex 06<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#BFBFBF;mso-fareast-language:EN-US">…………………………………………………………………………………………<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><a href="http://www.thalesgroup.com/"><span style="font-size:8.5pt;line-height:105%;font-family:"Arial",sans-serif;color:gray">www.thalesgroup.com</span></a></span><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#BFBFBF;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:black;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;display:none"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">De :</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> midPoint [mailto:midpoint-bounces@lists.evolveum.com]
<b>De la part de</b> Devin Rosenbauer<br>
<b>Envoyé :</b> mercredi 13 juin 2018 22:12<br>
<b>À :</b> midPoint General Discussion <midpoint@lists.evolveum.com><br>
<b>Objet :</b> [midPoint] Provisioning two steps with a delay (Hybrid Exchange)<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">Good afternoon,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I'm in the training with Ivan and he suggested I sent this off to the mailing list. The situation, which has come up several times in my corporate Oracle IDM projects, is Microsoft's Exchange
<a href="https://technet.microsoft.com/en-us/library/jj200581(v=exchg.150).aspx">
hybrid installation mode</a>.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">An account is created in local Active Directory and flagged as a remote mail user. This is typically done with PowerShell. A scheduled Microsoft process runs on the domain controller (every 30 minutes by default) that creates or updates
an Azure AD account and O365 mailbox for remote mail users in the cloud. This process is called DirSync.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><i>After</i> DirSync runs, we need to provision a license for the user in O365. This is done either via the Graph REST API or via another set of PowerShell commands. The license setup cannot be run before DirSync because the user doesn't
exist in O365 yet.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Here's how I've resolved this in OIM: After the AD PowerShell commands, I set a flag on the
<i>user</i> in OIM to mark them as needing a license. A custom scheduled job (just some Java code) in OIM attempts to provision the license for the each user with the flag set. If the license is successfully added, the user is un-flagged. If the license is
NOT successfully added, the user retains the flag and we try again.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Could something like this be done in Midpoint?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><br>
-- <o:p></o:p></p>
<div>
<div>
<p class="MsoNormal">Devin Rosenbauer<br>
Principal Consultant<br>
Identity Works LLC<br>
+1 585 210 3201<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<p style="font-size:8pt; line-height:10pt; font-family: 'Cambria','times roman',serif;">
This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are
notified that disclosing, distributing, or copying this e-mail is strictly prohibited.
</p>
</body>
</html>