The script generates sequential property values consisting of a fixed textual part and a sequence number, for example IDDQD-001, IDDQD-002, IDDQD-003 etc.
To generate object names using the script, create a business rule triggered before creating an object. For details, see Validate/Modify User Input Using a Script.
PARAMETERS:
- $numberProperty - the name of the property of the managed domain that stores the last used number.
- $domainDN - Specifies the distinguished name (DN) of the domain that will store the last number set. For information on how to get the DN, see https://adaxes.com/sdk/HowDoI.GetDnOfObject/.
-
$propertyName - the name of the property to generate value for.
- $valueFormat - Specifies how to format the value. For details, see Getting started with the String.Format method.
- $objectCategory - Specifies the object category for which values are generated, e.g. user or computer.
- $initialNumber - Specifies the starting number to use if there is no number saved in Adaxes configuration.
- $maxNumber - Specifies the maximum number that can be assigned.
PowerShell
$numberProperty = "adm-CustomAttributeInt1" # TODO: modify me
$domainDN = "DC=domain,DC=com" # TODO: modify me
$propertyName = "employeeID" # TODO: modify me
$valueFormat = "IDDQD-{0:000}" # TODO: modify me
$objectCategory = "user" # TODO: modify me
$initialNumber = 1 # TODO: modify me
$maxNumber = 999 # TODO: modify me
function IsValueNotUnique($criteria)
{
$searcher = $Context.TargetObject
$searcher.Criteria = $criteria
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SizeLimit = 1
$searcher.VirtualRoot = $True
try
{
$searchResultIterator = $searcher.ExecuteSearch()
$searchResults = $searchResultIterator.FetchAll()
return $searchResults.Length -eq 1
}
finally
{
# Release resources
if ($searchResultIterator){ $searchResultIterator.Dispose() }
}
}
# Get the number stored in domain property.
$domain = $Context.BindToObjectByDN($domainDN)
try
{
$number = [int]($domain.Get($numberProperty))
$number++
}
catch
{
# Use the initial number
$number = $initialNumber
}
# Build value
$uniqueValue = [System.String]::Format($valueFormat, $number)
do
{
if ($number -gt [int]$maxNumber)
{
$Context.Cancel("Cannot generate a new value for $propertyName because the maximum `
allowed object number has been reached. Contact your system administrator.")
return
}
$criteria = New-AdmCriteria $objectCategory {$propertyName -eq $uniqueValue}
$isValueNotUnique = IsValueNotUnique $criteria
if ($isValueNotUnique)
{
# If the value is already in use, generate a unique one.
$number++
$uniqueValue = [System.String]::Format($valueFormat, $number)
}
}
while ($isValueNotUnique)
# Update the number in doamin property
$domain.Put($numberProperty, $number)
$domain.SetInfo()
# Update property value.
$Context.SetModifiedPropertyValue($propertyName, $uniqueValue)
What happends if we create 10 users at the same time, each triggering this "before user creation" process?
What we are facing is that all business rules are checking at the same time for the current value and those 10 created users will have the same incremented value.
Is it possible to wait for a business process to finish in case of multiple user creations?
> What happends if we create 10 users at the same time, each triggering this "before user creation" process? What we are facing is that all business rules are checking at the same time for the current value and those 10 created users will have the same incremented value.
If the users are actually created at the same time, the behavior is expected as they are separate unrelated processes and the business rule triggers separately for each of them.
>Is it possible to wait for a business process to finish in case of multiple user creations?
Unfortunately, there is no such possibility. The only option is to make sure users are created one after another.