To enable storing of data for which there are no Active Directory attributes, Adaxes provides custom attributes of AD objects, such as, for example, CustomAttributeText1 or CustomAttributeInt1. The attributes are stored at Adaxes Configuration Server (AD LDS) and can be used with any Active Directory objects, such as users, groups, containers etc.
Adaxes service configuration is also stored on the configuration server in a directory container. Its custom attributes can also be used to store data. For example, it can store the last employee number assigned to a user in order to quickly assign the next one in sequence when creating the next user account.
Custom attributes of the configuration container cannot be edited directly. To edit them, you need to use scripts. The below example demonstrates how to do that. It copies a value from an attribute of a user to an attribute of the Adaxes configuration container.
To update the configuration container attributes with the help of the script, you can:
- Create a home page action that allows users to edit a certain attribute of their own account: To do this:
- Create a Modify User home page action. For information on how to do this, see Configure Home Page Actions, section Modify Object.
- On Step 1 of the section, select Modify User.
- On Step 3, enable the Always perform for the current user option.
- On Step 4, modify the form used in the action so that users can modify the attribute whose value will be copied to the configuration container.
- Create a business rule that runs the below script after updating the attribute of the user account. Sample rule:
Parameters:
- $numberPropertyInUserAccount - Specifies the LDAP name of the attribute of a user account whose value will be copied to Adaxes configuration.
- $globalNumberPropertyName - Specifies the LDAP name of the attribute of the Adaxes configuration container where the value will be copied.
See Also:
$numberPropertyInUserAccount = "adm-CustomAttributeInt1" # TODO: modify me
$globalNumberPropertyName = "adm-CustomAttributeInt1" # TODO: modify me
$number = $Context.TargetObject.Get($numberPropertyInUserAccount)
# Bind to the global configuration container
$adaxesSettingsPath = $Context.GetWellKnownContainerPath("ConfigurationSetSettings")
$adaxesSettings = $Context.BindToObject($adaxesSettingsPath)
# Reset the initial number in the global configuration
$adaxesSettings.Put($globalNumberPropertyName, $number)
$adaxesSettings.SetInfoEx(@($globalNumberPropertyName))
# Clear custom attribute in user account
$Context.TargetObject.Put($numberPropertyInUserAccount, $NULL)
$Context.TargetObject.SetInfoEx(@($numberPropertyInUserAccount))