Hi,
I'm trying to write a script that will check the build the Uniqueness value of the cn attribute and then set the UPNPrefix (edsaUPNPrefix) attribute to the CN. I understand that the normal way is just to set a uniqueness value at the end of the SAM account name by Policy. However, that is not what I want. because the SAMAccountName is: . (J.Smith, J.Smith1 etc) but the CN has to be . (John.Smith, John.Smith1 etc).
A further complication is that it has to construct the CN by just the givenName, sn and the SAMAccountName. Added to that, the givenName and sn are provided by SPML code from a HR database. So the cn has to be constructed on a PreCreate method. That is, BEFORE the duplicate cn is detected.
As the SAM Account name is the only attribute that automaticall adds a uniqueness number on create, I have written a script that will on preCreate: 1. Read the last diget of the SAM and 2. if a number exists at the end of the SAM, add that value to the sn and 3. let the Policy validation build the CN and UPN Prefix. But this does not seem to actually change the object's sn even though a get sn after a put on the sn attribute indicates that it has in my script logging.
Any alternative ideas would be greatly appriciate.
- Products
- View all products
- Free trials
- Privileged Access Management
- Overview
- PAM Essentials
- Safeguard
- Safeguard On Demand
- Safeguard for Privileged Analytics
- Safeguard for Privileged Passwords
- Safeguard for Privileged Sessions
- Safeguard Remote Access
-
Endpoint Privilege Management
- Privilege Manager for Windows
- Privilege Manager for Unix
- Safeguard Authentication Services
- Safeguard for Sudo
- Access Management
- Identity Governance and Administration
- Active Directory Management
- Log Management
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities