This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OnDiscarded table script

I'm trying to update affiliations when a person is added/removed from PersonInOrg.  The update is working correctly using a process with an Insert event.  However, the delete event does not work - I believe it is firing the delete event, but it seems to update affiliations using the data before the deletion occurs.  So now I'm trying to use an OnDiscarded table script in the PersonInOrg table, but it doesn't seem to be working either.  I'm wondering if the user info is already gone by the time the OnDiscarded script runs?   

Below is the script I'm using.  Any suggestions?


Dim affiliation As String = ""
Dim scopedAffiliation As String = ""
Dim f As ISqlFormatter = Session.SqlFormatter
Dim eLDAPAccountEnt As IEntity

affiliation = VI_Build_Affiliations( $UID_Person$, "CCC_scopedAffiliation", "0")
scopedAffiliation = VI_Build_Affiliations( $UID_Person$, "CCC_scopedAffiliation", "1")

If Not String.IsNullOrEmpty($UID_Person$) Then
Dim qPerson = Query.From ("LDAPAccount") _
.Where(f.AndRelation(f.UidComparison("UID_Person", $UID_Person$), _
"UID_TSBAccountDef In (SELECT UID_TSBAccountDef FROM LDAPAccount INNER JOIN TSBAccountDef ON LDAPAccount.UID_TSBAccountDef = TSBAccountDef.UID_TSBAccountDef WHERE TSBAccountDef.Ident_TSBAccountDef = N'Enterprise Directory Account')")) _
.Select ("UID_LDAPAccount", "CCC_affiliation", "CCC_scopedAffiliation")

eLDAPAccountEnt = Session.Source.GetCollection(qPerson).FirstOrDefault

If Not eLDAPAccountEnt Is Nothing Then
If Not affiliation = eLDAPAccountEnt.GetValue("CCC_affiliation").String Then eLDAPAccountEnt.PutValue("CCC_affiliation", affiliation)
If Not scopedAffiliation = eLDAPAccountEnt.GetValue("CCC_scopedAffiliation").String Then eLDAPAccountEnt.PutValue("CCC_scopedAffiliation", scopedAffiliation)
eLDAPAccountEnt.Save(Session)
End If
End If

  • The XOrigin is '4' and XMarkedForDeletion is '0'
  • I need to be able to get a userID for the affected account through the PersonInOrg OnDiscarding table script, but need to call another script from OnDiscarded, after the row has been removed. Maybe there is a way to set a global variable in OnDiscarding and use it in OnDiscarded?
  • XOrigin = 4 means, that the assignment is still valid and was assigned by a dynamic role. So, even if you try to delete the (direct) membership, the system will not delete the entry completely but just removing the direct membership from the flag XOrigin. That explains, why the delete (or remove) event is not triggered. The membership is still valid.
  • A recalculation of the dynamic role is actually deleting rows from PersonInOrg in some cases. I'm now trying the table OnSaved event to trigger the method we need to run. It is firing, but I'm getting the errors:
    [810186] Error executing script for event OnSaved.
    [810222] Error executing script 'PersonInOrg_OnSaved'.
    [System.NotSupportedException] Specified method is not supported.

    Thanks again for the help!
  • Of course, the entries will be removed if the assignment by dynamic role was the last and only assignment patch for an entry and if the person is no longer a member according to the dynamic role definition.

    Which method are you referring to?
  • Right now, with OnSaved, I'm trying to run the script at the beginning of this post. It calls VI_Build_Affiliations to populate several LDAP affiliation fields. I'm not sure which method the System.NotSupportedException is referring to though.
  • Then try to take a look at the stack trace or post the stack trace of the error. It should contain the necessary information. Without that, it is impossible to help you out, as the script "VI_Build_Affiliations" is not part of the product (even if it starts with VI_) and you haven't posted the content of it.
  • I'm working on finding that.
  • This is the error I get through the Job queue:

    ErrorMessages = (2018-01-22 15:03:36.557) Error saving 15580147-2ee5-47df-a3c1-bf3ac01f430d - b8ad0a75-ed8f-4a43-94d2-12e6e748118b: [810306] Error during execution of 'OnSaved' in logic module 'VI.DB.Entities.EntityScriptLogic'.
    [810186] Error executing script for event OnSaved.
    [810222] Error executing script 'PersonInOrg_OnSaved'.
    [System.NotSupportedException] Specified method is not supported.

    Please let me know if there a better source for debugging errors!
  • You should use the System Debugger to debug the error. It allows you to do single step-debugging of your script in Visual Studio.

    When you open the System Debugger, and created the script library you can open the file Tables.vb and set a breakpoint to your script PersonInOrg_OnSaved.

    See my screenshot where I did it with the table script Person_OnSaved.

    Then start the System Debugger, switch to the Tables tab, select your PersonInOrg table, choose one entry of your PersonInOrg table using the ComboBox modify the object as needed an press the save button. Visual Studio will then stop at your breakpoint and you can use single step debugging or any other toolset of Visual Studio to solve your error.

    Please note that you might want to use the checkbox Transaction with rollback to avoid that any data is written to the One Identity Manager database.

    Again a screenshot using the Person table.

    HtH