DESCRIPTION
When you copy a user account, certain attributes are copied. The list of attributes to copy is defined in AD schema. Attribute, that should be copied when the object is copied, has a 16th bit set in the seachFlags property in schema. For details, see MSDN.
If you have an attribute, that has this bet set, but you do not want its value to be copied, you has to use script policy, provided below. For example, such attributes as Exchange custom attributes (extensionAttribute1, ..., extensionAttribute10), has that bit set.
Although you can't preventing copying these attributes, you can clear them in onPostCreate event handler, after they have been set.
Note This code may use functions from the ARS Script Policy Best Practices. Please, follow the link to obtain instructions and code for those functions.
SCRIPT
'*********************************************************************************
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
' EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
' WARRANTIES OF MERCHANTBILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
'
' IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
' PLEASE CONTACT QUEST PROFESSIONAL SERVICES.
'*********************************************************************************
'
' This code is published on the ActiveRoles Script Center:
' http://communities.quest.com/docs/DOC-9991
'
' This code may use functions from the ARS Script Policy Best Practices:
' http://communities.quest.com/docs/DOC-10016
'
' Please, follow the link to obtain instructions and code for those functions.
'*********************************************************************************
Sub onPostCreate(Request)
' Optimization: handle only Copy request, skip processing Create requests
If (CInt(Request.Parameter("Type")) <> EDST_REQ_COPY) Then Exit Sub
' Optimization: handle only user account operations
If Request.Class <> "user" Then Exit Sub
' Clear required attributes, for example Exchangte custom attributes
DirObj.PutEx ADS_PROPERTY_CLEAR, "extensionAttribute1", Empty
DirObj.PutEx ADS_PROPERTY_CLEAR, "extensionAttribute2", Empty
DirObj.PutEx ADS_PROPERTY_CLEAR, "extensionAttribute3", Empty
' ... etc.
DirObj.PutEx ADS_PROPERTY_CLEAR, "extensionAttribute10", Empty
DirObj.SetInfo
End Sub
'***** END OF CODE ***************************************************************
COMPATIBILITY
Script compatible with the following version(s): EDM 5.1, ActiveRoles Server 5.2