Create Virtual Attribute Script?

Need to create a bunch of Virtual Attributes. All single value Directory String, User attributes. Does any one have a script to create virtual attributes of a csv file or similar?

I am not finding any of the Quest CmdLets that do it. 

Parents
  • If you look on one of your AR servers in the following folder:

    \Program Files\One Identity\Active Roles\7.4\SDK\Samples\ADSI Provider\Virtual Attribute

    ...there is sample code there for creating new VAs.

  • That helps. I am having trouble getting a import of Virtual Attribute names to create from a csv. This is what I have so far.

    #Store the data from VAttributes.csv in the $VAttributes variable
    $VAttributes = Import-csv "C:\Scripts\VA\VaList.csv"

    #Loop through VAttribute in the CSV file
    foreach ($VA in $VAttributes)
    {
    # Set the property lDAPDisplayName for the VA
    $strAttributeName = $VA

    # Set the object class to which the VA will apply
    $strAttributeClass = "user"
    # Set the property attributeSyntax for the VA
    $strAttributeSyntax = "2.5.5.12"
    # Set the property oMSyntax for the VA
    $iAttributeOMSyntax = 64
    # Specify whether to store the VA in the Active Roles configuration database
    $bIsAttributeStored = $true
    # Specify whether the VA is single-valued
    $bIsAttributeSindleValued = $true
    # Set the property Description for the VA
    $strAttributeDescription = "AGN"
    # Set the property ContainerDN for VA
    $strVaContainerDn = "CN=Virtual Attributes,CN=Server Configuration,CN=Configuration"

    function CreateVA($AttrName, $ClassSchemas, $AttrSyntax, $OMSyntax, $IsStored, $IsSingleValued)
    {
    $objVaContainer = [ADSI]"EDMS://$strVaContainerDn"
    $objOctetString = New-Object -ComObject "AelitaEDM.EDMOctetString"
    "Creating VA $AttrName ..."
    $objNewVa = $objVaContainer.Create("edsVirtualAttribute", "CN=$AttrName")
    $objPolicyInfoList = $objNewVa.GetPolicyInfoList()
    $objOctetString.SetGuidString($objPolicyInfoList.Item("schemaIDGUID").GeneratedValue)

    $objNewVa.Put("edsaAttributeIsStored", [bool]$IsStored)
    $objNewVa.Put("isSingleValued", [bool]$IsSingleValued)
    $objNewVa.Put("lDAPDisplayName", [string]$AttrName)
    $objNewVa.Put("edsaClassSchemas", [string]$ClassSchemas)
    $objNewVa.Put("attributeSyntax", [string]$AttrSyntax)
    $objNewVa.Put("oMSyntax", [int]$OMSyntax)
    $objNewVa.Put("schemaIDGUID", $objOctetString.GetOctetString())
    $objNewVa.Put("attributeID", $objPolicyInfoList.Item("attributeID").GeneratedValue)
    $objNewVa.Put("description", [string]$strAttributeDescription)

    $objNewVa.SetInfo()
    }

    CreateVA -AttrName $strAttributeName -ClassSchemas $strAttributeClass -AttrSyntax $strAttributeSyntax -OMSyntax $iAttributeOMSyntax -IsStored $bIsAttributeStored -IsSingleValued $bIsAttributeSindleValued

    }

  • OK - this all looks fairly reasonable.  What kind of error are you receiving?

Reply Children