• State Verified Answer
  • Replies 6 replies
  • Subscribers 62 subscribers
  • Views 1969 views
  • Users 0 members are here
Options
Related

Create OU with Workflow

Gégé
over 2 years ago 
Hello all !

I hope you are well :)

I have a quick question.

I created a new OU creation form.
With a Worflows which creates sub OU, groups, ...

Do you know how I can link Access Templates and Policies to the OUs I created?
The Access Templates are already created, the Trustee group too. Same for the Policy they are already created.
I did not find an action in the Workflow that allows it.
In script can be?

Thank you in advance for your help ;)
Gégé
Parents
  • +1 over 2 years ago

    For the Access Templates, you want to take a look at Quest cmdlet New-QARSAccessTemplateLink.

    For linking policies, I would suggest you look at the sample scripts found here on your AR server:

    <install drive>:\Program Files\One Identity\Active Roles\7.4\SDK\Samples\ADSI Provider\Policy Object

  • 0 over 2 years ago in reply to JohnnyQuest

    Hello JohnnyQuest

    Everything works well !

Link the Access Templates using a script in the Workflow!

Create a strategy with a script.

Just a problem with the "Add Entries" script. I can't find how to add an attribute with "must be" and different values ​​...

This is the last point and after all will work perfectly!



Thank you for your precious help;)
Reply
  • 0 over 2 years ago in reply to JohnnyQuest

    Hello JohnnyQuest

    Everything works well !

Link the Access Templates using a script in the Workflow!

Create a strategy with a script.

Just a problem with the "Add Entries" script. I can't find how to add an attribute with "must be" and different values ​​...

This is the last point and after all will work perfectly!



Thank you for your precious help;)
Children
  • 0 over 2 years ago in reply to Gégé

    I'm confused - I thought you already have all of your policy objects built?  Are you now trying to script the creation of policy rules?

  • 0 over 2 years ago in reply to JohnnyQuest 
    No problem, my message may not be clear and my English is not perfect.

I already have global policy that I link with a script and it work fine.
And I also have to create specific policy (provisioning and deprovisioning) that what I want to create them by script.
I tried with the "ADd Entries" script but I cannot make an attribute "must be" and give values.
  • +1 over 2 years ago in reply to Gégé

    Hello Johnny, Hello all ;)

    I found how to create provisionning policy and a deprovisioning policy.

    I give commands if that can help someone.

    Provisioning:
    New-QADObject -ParentContainer XXX -Proxy -Name YYY -Type "edsPolicyObject"


    Deprovisioning:
    New-QADObject -ParentContainer XXX -Proxy -Name YYYY -Type "edsPolicyObject" -ObjectAttributes @{edsaPolicyType="1"}

    I just have to found how to add paramerts in policy (attributes must be, ....).

    Gégé