An example would be one user gets created in the Employees OU and another in the Contractors OU:
cn=jsmith,ou=Employees,dc=example,dc=com
cn=jdoe,ou=Contractos,dc=example,dc=com
Here is how you would incorporate something like this:
On your AD resource, set the identity/dn template to something like this: $ADAccountId$
Then on your user form you would have a field similar to this:
<Field name='accounts[AD].ADAccountId' type='string' displaytype='text'>
<Display class='Text'>
<Property name='title' value='AD Account String'/>
</Display>
</Field>
In this example, I’ve just put a text box on the user create form.
Inside this text box, you could put either of these two values:
cn=jsmith,ou=Employees,dc=example,dc=com
or
cn=jdoe,ou=Contractos,dc=example,dc=com
What this will do is set the variable ADAccountId, which is referenced in the resource dn template.
Doing this allowed me to create two users in different AD ou’s.
In a real world environment, this field would be hidden and have some logic that would dynamically build up your dn string as needed. Like concat:
cn= + waveset.accountId + , + ou=…….
No comments:
Post a Comment