XpressUtils - Articles / Forum - Can I select AD Groups from a table?

Utilities

Tech Talk

Tip of the day

You can add attachments to emails sent out by IDM. Refer to the article specifically guiding on how to accomplish this.

Current Poll

Which product (arranged below in alphabetical order), do you think has the best features in the 'Identity & Access Management' space today?

	CA IDM
	IBM Tivoli
	Novell IDM
	Oracle (Sun) IDM
	Others (please specify)

Comments:

Articles / Forum - Can I select AD Groups from a table?

Thank you for taking the initiative to make this article better!
Please feel free to add value to this page, support your modifications with files if you wish, and click Save when you're done. Share, wiki and grow!

Note: Please be aware and responsible about the content you post in this article. Inappropriate content wlll be moderated.

View all Articles

Can I select AD Groups from a table?

Posted by Radha Krishnan
on Feb 22, 03:23 PM

Rate this article

1 of 5

2 of 5

3 of 5

4 of 5

5 of 5

<< Back to view article

Your name:

required

Your email:

required

Notify me about updates to this article.

Your designation:

Article Title:

Change it

We have made it easy for you to reply on a forum-question.
Simply write your response below, and we will compile it in the form of a thread!

Upload new file:

Note: Only files each upto 1 MB may be uploaded

Can I select AD Groups from a table?

Posted by Radha Krishnan
on Feb 22, 03:23 PM

Hi,

Currently my ActiveSync Form assigns AD groups based on the Department the employee belongs to, as shown below. I am wondering instead of having to hard code this either in the Form or Rule if it would be efficient to obtain this info from a table using a custom java calss. Can someone please clarify if this is a right approach or do you see any pitfall in this approach?

For instance,

<Field name='accounts[AW Domain].groups'>
    <Expansion>
      <switch>
          <ref>activeSync.dept</ref>
          <case>
            <s>IT</s>
            <List>
              <String>Group 1</String>
              <String>Group 2</String>
            </List>
          </case>
          <case>
            <s>ENGG</s>
            <List>
              <String>Group 3</String>
              <String>Group 4</String>
            </List>
          </case>
          <case default='true'>
            <List>
              <String>Group 5</String>
            </List>
          </case>
        </switch>
    </Expansion>
</Field>

Thanks!

RK

Can I select AD Groups from a table?

Posted by Adi
on Feb 25, 10:29 PM

Hi RK,

It is always recommended to not hard-code Information that is dynamic in nature, so I think your thought of pulling the department-employee info from a database is a good idea.

The only contention here is that when information is being pulled from a database, the point of failure could be if the connection is lost (this might be a very low probability if the connection pools on the application server are well configured).

Another alternative is that the same information can be made available through a configuration object. By doing this, the availability of this data is "guaranteed" (if IDM cannot access the configuration object, it would not be able to access any other task/rule/subprocess either). With a neat interface to edit configuration objects (I would like to take this opportunity to market the Config-Editor utility available on this website :), this information may be updated on-the-fly too!

Finally I think, either way is a fine choice.

Can I select AD Groups from a table?

Posted by Radha Krishnan
on Feb 26, 09:04 AM

Hi Adi,

Thanks so much for your valuable response!

Could you please give me some idea about as to how to maintain the group info in a Config object? Could we maintain all the group info of all the departments in a single Config object or should we maintain separate objects for each department? If separate objects, I think I know how to retrieve the group info but if they all can be in a single object, how would I retrieve the information for a specific department during run time? Please let me know when you find time.

Thanks!

RK

The views expressed in this article are solely those of its contributor(s) and are not necessarily endorsed by xpressutils.com.

<< Back to view article

Feedback

Feedback / Comments:

We value comments from XpressUtils users! We strive to make this site better for you each day, so all constructive comments are appreciated.
Please feel free to send us your feedback!

From: Achin	Aug 30, 07:48 AM
Hi, team i want to know how to add uid to LDAP groups. if any body knows please help

From: mike	Aug 25, 09:08 AM
Can you give an example to use this rule? What does it mean "The trick to achieve this is use the "P ...

From: ajay nalawade	Jul 29, 08:43 AM
i want information about how to call java from expree boolean isConnectionSuccessful=connectDB.co ...

From: Carrie Cain	Jul 24, 05:22 AM
Want more clients and customers? We will help them find you by putting you on the 1st page of Google. Email us back to get a full proposal ...

From: nimish	Jul 20, 12:53 AM
In Handy Tools, Test Regular Expressions is not working. anybody used it?

From: nimish	Jul 13, 02:18 AM
hi team, I have some problem related to configure openSSO. Can I ask you for this or should I go to another site. ...

From: Anirudha	Jul 13, 01:41 AM
Wish you all the best...

From: hussain	Jun 05, 06:59 AM
Could u please provide an ebook for Sun Certified Integrator for Identity Manager 7.1

From: docsnyder	May 07, 05:52 AM
Hi! I have downloaded the rule tester JSP file and followed the instructions, but the following err ...

From: jagadisham	Mar 21, 12:48 PM
day by day it is improving...all the best!!!

View all comments >>

Submit a comment:

Tip: If you have a question related to programming in Xpress or some functionality in IDM, please post it as a new article in the Articles section.

It's quick, easy and does not require you to sign-up too!

Home | Terms of use | Contact us | Help

Copyright © 2008-2009 XpressUtils.com. All rights reserved.