sorengranfeldt
commented
6 years ago Note to self: Have a look into GetValueOrDefault on Source to maybe implement Direction override value to get value from opposite source (CS or MV)
Closed gvweelden closed 6 years ago
sorengranfeldt
commented
6 years ago Note to self: Have a look into GetValueOrDefault on Source to maybe implement Direction override value to get value from opposite source (CS or MV)
sorengranfeldt
commented
6 years ago Will an option to specify / override Source value retrieval do the trick? The Source in rule below has the 'RetrieveFrom' override value of 'CS' to get the value from the CS instead of the MV (since this is an Export rule) and the FlowRule is conditional to only apply to those MV objects that are Inactive.
<FlowRule Name="UserAccountControl" Direction="Export" xsi:type="FlowRule">
<Conditions Operator="And">
<Condition xsi:type="SourceValueMatch" Source="MVEntry" AttributeName="accountName" Pattern="^SG$" />
</Conditions>
<SourceExpression>
<Source Name="userAccountControl" xsi:type="Attribute" RetrieveFrom="CS">
<Transforms>
<Transform xsi:type="SetBit" BitPosition="1" Value="true" />
</Transforms>
</Source>
</SourceExpression>
<Target Name="userAccountControl" ActionOnNullSource="None" />
</FlowRule>
Let me know if this is what you're looking for and I can put this into next release.
sorengranfeldt
commented
6 years ago Added to Release 1.1.2158
Currently it’s possible to use the bit handling transforms for the specific bits from the useraccountcontrol field. So you can import this values specific bit by bit. This works great! The request is: is it possible to export only 1 bit to the current value of the useraccountcontrol value in AD? I like to accomplish the export rule as detailed in the following blog, only then not with sync rules but with mare: https://blogs.msdn.microsoft.com/connector_space/2015/05/22/understanding-useraccountcontrol-management-with-fim/
In the documentation I found you can apply the setbit transform only on a source value. Is there a way to use an attribute from the target side as source? Or is there another way to achieve the goal?