<div dir="ltr"><div dir="ltr">Hi Daniel<br><div><br></div><div><div>I am not a Coder. But I tried to resolve a similar situation as follows:</div><div><br></div><div>Step 1</div><div>In my HR system, I have a unique identifier for each person. This person identifier I put in the employeeID field in the properties of each person's account in Active Directory through a script in powershell.</div><div><br></div><div>Ex:</div><div>HR System</div><div>Employee Name: Sara</div><div>Employee ID: 14769224206</div><div>Employee Manager: Sara</div><div><br></div><div>Employee Name: Joe</div><div>Employee ID: 25670335317</div><div>Manager: Maria</div><div><br></div><div>Step2</div><div>For each person in my HR system I search ( powershell script) Active Directory and inform the person's unique identifier and if I find it, I take the information from the Manager field and add it to the CSV file that I will import in Midpoint.</div><div>Ex:</div><div>Employee ID = 25670335317</div><div>ManagerCN = CN = sara, OU = employee, OU = users, DC = xyz, DC = net</div><div><br></div><div>Step 3</div><div>I created an additional field in Midpoint (through the custom schema process - XSD) called ManagerCN. In this field I record the information in the ManagerCN field of the CSV file.</div><div>When creating an account in Active Directory I inform all the necessary data including the Manager information of each person.</div><div><br></div><div>I believe that there must be a simpler way to achieve this goal, but as I said I am not a Coder so the way I found it was this, I hope it helps in your implementations.</div><div><br></div><div>Regards</div></div><div><br></div><div>Gus</div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Em seg., 14 de dez. de 2020 às 12:27, Macias, Daniel via midPoint <<a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>> escreveu:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-US">
<div class="gmail-m_-4668841999549741921WordSection1">
<p class="MsoNormal">Hello,<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Running version midPoint 4.2<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">I’m trying to pass over to AD the DN of the manager but I’m having a bit of a hard time during. AD requires this attribute to be a distinguishedName but HR can only provide employee number, full name, or email.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">How can I fetch the DN of the manager from midPoint (I’m also storing the User’s DN on a custom attribute) from the HR Data reference and populated in the user object?<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Also, is there a way to automatically assign the defined manager in AD as manager of an ORG in midPoint or is this a manual process?<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Please advise.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Thanks in advance. <u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><b><span style="font-size:13pt;font-family:Arial,sans-serif;color:black">Daniel M.</span></b><span style="font-size:12pt;font-family:"Times New Roman",serif"><u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<hr size="2" width="100%" align="center">
<span style="font-size:7.5pt;font-family:Arial,sans-serif;color:gray">This communication is intended only for the use of the individual or entity named as the addressee. It may contain information that is privileged and/or confidential under applicable law.
If you are not the intended recipient or such recipient's employee or agent, you are hereby notified that any dissemination, copy or disclosure of this communication is strictly prohibited. If you have received this communication in error, please immediately
notify CareCentrix Compliance Hot Line at (877) 848-8229 and notify the sender by electronic mail. Please delete this communication without making any copies. Thank you for your cooperation.
</span>
</div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote></div>