Script repository
The script generates sequential property values consisting of a fixed textual part and a sequence number (e.g. IDDQD-001, IDDQD-002, IDDQD-003). To execute the script, create a business rule triggering Before creating an object of the required type.
To improve the performance, the last used sequence number is stored in the specified property of the specified managed domain.
Parameters
$numberProperty- the name of the property of the managed domain that stores the last used number.$domainDN- the disinguished name (DN) of the managed domain whose property stores the last number used. For information on hot ot get the DN, see Get the DN of a directory object.$propertyName- the name of the property to generate value for.$valueFormat- how to format the value. For details, see Getting started with the String.Format method.$objectCategory- the object category for which values are generated (e.g. user). Must match the object type the business rule is configured for.$initialNumber- the starting number to use if there is no number saved in Adaxes configuration.$maxNumber- the maximum number that can be assigned.
$numberProperty = "adm-CustomAttributeInt1" # TODO: modify me
$domainDN = "DC=domain,DC=com" # TODO: modify me
$propertyName = "employeeID" # TODO: modify me
$valueFormat = "IDDQD-{0:000}" # TODO: modify me
$objectCategory = "user" # TODO: modify me
$initialNumber = 1 # TODO: modify me
$maxNumber = 999 # TODO: modify me
function IsValueNotUnique($criteria)
{
# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = $criteria
$searcher.SizeLimit = 1
$searcher.VirtualRoot = $True
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
try
{
# Execute search
$searchResultIterator = $searcher.ExecuteSearch()
$searchResults = $searchResultIterator.FetchAll()
return $searchResults.Length -eq 1
}
finally
{
# Release resources
if ($searchResultIterator){ $searchResultIterator.Dispose() }
}
}
# Get the number stored in domain property.
$domain = $Context.BindToObjectByDN($domainDN)
try
{
$number = [int]($domain.Get($numberProperty))
$number++
}
catch
{
# Use the initial number.
$number = $initialNumber
}
# Build value
$uniqueValue = [System.String]::Format($valueFormat, $number)
do
{
if ($number -gt [int]$maxNumber)
{
$Context.Cancel("Cannot generate a new value for $propertyName because the maximum `
allowed object number has been reached. Contact your system administrator.")
return
}
$criteria = New-AdmCriteria $objectCategory {$propertyName -eq $uniqueValue}
$isValueNotUnique = IsValueNotUnique $criteria
if ($isValueNotUnique)
{
# If the value is already in use, generate a unique one.
$number++
$uniqueValue = [System.String]::Format($valueFormat, $number)
}
}
while ($isValueNotUnique)
# Update the number in doamin property.
$domain.Put($numberProperty, $number)
$domain.SetInfo()
# Update property value.
$Context.SetModifiedPropertyValue($propertyName, $uniqueValue)
Comments 2
You must be signed in to comment.
David
Hi Support,
What happends if we create 10 users at the same time, each triggering this "before user creation" process?
What we are facing is that all business rules are checking at the same time for the current value and those 10 created users will have the same incremented value.
Is it possible to wait for a business process to finish in case of multiple user creations?
Support
Hello David,
> What happends if we create 10 users at the same time, each triggering this "before user creation" process? What we are facing is that all business rules are checking at the same time for the current value and those 10 created users will have the same incremented value.
If the users are actually created at the same time, the behavior is expected as they are separate unrelated processes and the business rule triggers separately for each of them.
>Is it possible to wait for a business process to finish in case of multiple user creations?
Unfortunately, there is no such possibility. The only option is to make sure users are created one after another.