Set Connector Space Object Properties
Hi There, I am Syam Pinnaka, Dev in IAM services team at Microsoft.
Have you ever wondered how to set an FIM connector space (CS) object Distinguished Name (DN) to a value that’s easy to read and use format? I had this question last week and the solution is easy.
Before I go into the solution to the above problem, its worth mentioning\recap “IMVSynchronization.Provision” method.
In FIM 2010 or latest versions IMVSynchronization.Provision method is used to handle changes to a metaverse object. Most notably to check if specific connector space object exists and if not, to create one. The triggering point for IMVSynchronization.Provision is when an import attribute flow changes attribute values to the metaverse object. IMVSynchronization.Provision is also triggered when a connector space object is projected, joined or disconnected to the metaverse object.
Typically relative distinguished name (RDN) and from that distinguished name (DN) is constructed in this method and set on the connector space object along with its other properties.
Assuming the connector space is from a SQL MA, the “IMVSynchronization.Provision” code will look like below .
string csEntryObjectType = null; if (mventry.ObjectType == Constants.Common.Person) csEntryObjectType = Constants.Common.Person; else if (mventry.ObjectType == Constants.Common.Computer) csEntryObjectType = Constants.Common.Computer; csentry = managementAgent.Connectors.StartNewConnector(csEntryObjectType); csentry[Constants.Common.IsDeleted].Value = Constants.Common.False; //"IsDeleted" is a field in SQL table. csentry[Constants.Common.ObjectGUIDString].Value = mventry[Constants.Common.ObjectGUIDString].Value; //"ObjectGUIDString" is another field in SQL table. csentry.CommitNewConnector();
All this works perfect and connector space object will be created as desired. Now lets see how to set connector space (CS) object distinguished name (DN) to a value that’s easy to read and use. For this all that we need to do is construct that easy to use value and set it to DN property of the csentry. For example if we would like to set it to lets say ‘domain\alias’ format the code will look like below.
string csEntryObjectType = null; if (mventry.ObjectType == Constants.Common.Person) csEntryObjectType = Constants.Common.Person; else if (mventry.ObjectType == Constants.Common.Computer) csEntryObjectType = Constants.Common.Computer; csentry = managementAgent.Connectors.StartNewConnector(csEntryObjectType); string RDN = mventry[Constants.Common.Domain].Value + Constants.Common.ForwardSlash +
mventry[Constants.Common.AccountName].Value;<br>csentry.DN = managementAgent.EscapeDNComponent(RDN); csentry[Constants.Common.IsDeleted].Value = Constants.Common.False; //"IsDeleted" is a field in SQL table. csentry[Constants.Common.ObjectGUIDString].Value = mventry[Constants.Common.ObjectGUIDString].Value; //"ObjectGUIDString" is another field in SQL table. csentry.CommitNewConnector();
Please note EscapeDNComponent in the above code. EscapeDNComponent works based on the management agent its called against and escapes Backslash ('\'). In order to work around the same, the above code uses a forwardSlash instead of backslash.
lDN can be set to any value as shown above and in some cases its advantageous to set it to a custom format.
Thanks for reading and happy syncing. :- )