Description
There is no out-of-the-box "Last N characters of X attribute"-rule in the User Logon Name Generation policy rules. But it is possible to add a script-based "Last N characters of X attribute"-rule.
For example, you need to configure the following Logon Name (pre-Windows 2000) conventions in the User Logon Name Generation policy:
- first 2 characters of the First Name (givenName), followed by
- first 4 characters of the Last Name (sn), followed by
- last 1 character of the LastName (sn), followed by
- 2-digit uniqueness number.
Using the Active Roles Console, do the following:
- Create a new virtual attribute and name it as edsvaLast1CharOfLastName
- Re-connect the ARS Console
- Add two script modules from this article - script #1 and script #2
- Create a policy object with three entries in following order:
- Script #1
- User Logon Name Generation policy
- Script #2
- Specify these rules in the User Logon Name Generation policy:
- first 2 characters of the First Name (givenName), followed by
- first 4 characters of the Last Name (sn), followed by
- first 1 character of the edsvaLast1CharOfLastName(edsvaLast1CharOfLastName), followed by
- 2-digit uniqueness number.
- Apply the policy object to the desired scope
- Try to create a new user object, specify its first name, last name, and click Generate button near by the User Logon Name (pre-Windows 2000) field.
Some notes:
- This sample is just a demo and has limited set of error handling.
- It uses some functions from the Active Roles Script Policy Best Practices
SCRIPT #1
'*********************************************************************************
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
' EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
' WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
'
' IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
' PLEASE CONTACT ONE IDENTITY PROFESSIONAL SERVICES.
'*********************************************************************************
Option Explicit
'***********************************************************************************
Function GetLast1CharOfLastName(Request)
GetLast1CharOfLastName = ""
Dim strSN, strLast1CharOfSN
If (IsAttributeModified("sn", Request)) Then
strSN = GetAttribute("sn", Request)
Else
strSN = GetAttribute("sn", DirObj)
End If
If (IsEmpty(strSN)) Then Exit Function
strLast1CharOfSN = Right(strSN,1)
GetLast1CharOfLastName = strLastCharOfSN
End Function
'***********************************************************************************
'** EVENT HANDLERS
'***********************************************************************************
Option Explicit
Sub onPreCreate(Request)
If (Not IsObjectClassRequested("user", Request)) Then Exit Sub
If (Not IsAttributeModified("sAMAccountName", Request)) Then Exit Sub
Request.Put "edsvaLast1CharOfLastName", GetLast1CharOfLastName(Request)
End Sub
Sub onPreModify(Request)
If (Not IsObjectClassRequested("user", Request)) Then Exit Sub
If (Not IsAttributeModified("sAMAccountName", Request)) Then Exit Sub
Request.Put "edsvaLast1CharOfLastName", GetLast1CharOfLastName(Request)
End Sub
Sub onCheckPropertyValues(Request)
If (Not IsObjectClassRequested("user", Request)) Then Exit Sub
If (Not IsAttributeModified("sAMAccountName", Request)) Then Exit Sub
Request.Put "edsvaLast1CharOfLastName", GetLastCharOfLastName(Request)
End Sub
'****************** END OF CODE ****************************************************
SCRIPT #2
' *****************************************************************************
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
' EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
' WARRANTIES OF MERCHANTBILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE
'
' IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
' PLEASE CONTACT QUEST PROFESSIONAL SERVICES OR CUSTOM DEVELOPMENT.
' *****************************************************************************
'
Option Explicit
'***********************************************************************************
Function GetLast1CharOfLastName(Request)
GetLast1CharOfLastName = ""
Dim strSN, strLast1CharOfSN
If (IsAttributeModified("sn", Request)) Then
strSN = GetAttribute("sn", Request)
Else
strSN = GetAttribute("sn", DirObj)
End If
If (IsEmpty(strSN)) Then Exit Function
strLast1CharOfSN = Right(strSN,1)
GetLast1CharOfLastName = strLastCharOfSN
End Function
'***********************************************************************************
'** EVENT HANDLERS
'***********************************************************************************
Sub onGetEffectivePolicy(Request)
If (Not IsObjectClassRequested("user", Request)) Then Exit Sub
If (Not AttributeGenerationRequested("sAMAccountName", Request)) Then Exit Sub
Request.Put "edsvaLast1CharOfLastName", GetLastCharOfLastName(Request)
End Sub
'****************** END OF CODE ****************************************************