Hi everybody
I'm new to FIM and are trying to setup a synchronization between our HR system and AD, using the FIM sync service only (no portal). I have successfully set up an import of a csv file from the HR system, and created the users and groups in AD using an extension and C# code. What I'm stuck on is adding the users to the created groups.
A direct mapping in the FIM gui seems not to be possible due to the member variable is a reference variable, so I tried to add group membership to my user creation code (see below), but thats not working at all. I'm guessing it's because I don't have access to all objects in the agents space, only what is currently being created.
Any help or pointers as to where I can put the code to do this is much appreciated
My user creation code. What's not working is the last two lines where I try to lookup the Department Group and add the new user to it. It says the Object (DN) for the groups does not exist, even though it does (exist)
void IMVSynchronization.Provision (MVEntry mventry)
{
ConnectedMA managementAgent;
int connectors = 0;
CSEntry csentry;
ReferenceValue DN;
managementAgent = mventry.ConnectedMAs["AD-user"];
connectors = managementAgent.Connectors.Count;
if (connectors == 0)
{
if (mventry.ObjectType == "person")
{
string ansattNr = mventry["employeeId"].Value;
string username = "lds" + ansattNr;
string fullname = mventry["displayName"].Value;
DN = managementAgent.EscapeDNComponent("CN=" + fullname).Concat("OU=Managed-users,OU=Users,DC=test,DC=local");
csentry = managementAgent.Connectors.StartNewConnector("user");
csentry.DN = DN;
csentry["CN"].Value = fullname;
csentry["employeeID"].Value = ansattNr;
csentry["SamAccountName"].Value = username;
csentry["userPrincipalName"].Value = username + "@test.local";
csentry.CommitNewConnector();
ReferenceValue groupDN = managementAgent.EscapeDNComponent("CN="+ mventry["department"].Value).Concat("OU=IDM-Departments,OU=Users,DC=test,DC=local");
managementAgent.Connectors.ByDN[groupDN]["member"].Values.Add(DN);