• State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 62 subscribers
  • Views 4082 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Check for unique EmployeeID on user provisioning

paulmaddocks
over 6 years ago

Hi all,

 

Hopefully the community can share some insight here. I have been asked to try and put a check into the user provisioning process that ensures that the provided 'EmployeeID' field is unique within the domain. Users are provisioned using the 'New user' wizard via ARS.

 

I already have a couple of PS scripts that run on 'PreCreate' to deal with other unique organisational requirements, so I am not uncomfortable with putting things into those scripts.

My main question is how could this be approached and still complete in a timely manner. The only thing I can think to do is run some sort of query at every user creation to check all existing accounts for a match to the EmployeeID field - which with a search target of over 4000 accounts, is going to take a while and the wizard will pause while this process is completed.

Alternatively there is a human process to do a advanced search before each creation to search on that field, but this could be a bit of a stretch for our service desk and provisioning teams.

  • 0 over 6 years ago

    Doing an LDAP query against AD to look for that employeeID might not take as much time as you think esp if you use the native AD cmdlets and using AD Schema Mgr, you make sure the employeeID attribute is indexed...4000 users is not a lot to check.

    If you really don't want to do it that way, you could always build a cache file of employeeIDs on a scheduled basis and then scan that file for your new id each time. That would be very quick as well.

    'Hope this helps.