0
Answered

Trigger event on delete from source

Paul Zelenewicz 3 months ago in UNIFYBroker/Microsoft Identity Manager • updated by Matthew Davis (Engineering Manager) 3 months ago 5

We are currently working with a datasource (via Broker to MIM) which only shows active users - there is no end-date field for us to trigger events on termination.

Is there a way to capture the record delete event in Broker and create an action based on that (i.e., write some field about the record to a log file, etc..)?

Thanks.

Affected Versions:
Fixed by Version:

Answer

+1
Answer
Answered

Hey Paul,

As discussed, a potential solution would be to hook up a new MA, that connects to the same UNIFYBroker Adapter. You could then configure this MA to remove its Connector Space objects when they are removed from the adapter, and join to your existing metaverse object. That way you have a record of who has been terminated and who hasn't - if they're terminated they'll exist in one MA, and if not terminated they'll exist in both.

You should be able to use this and a combination of some other logic to trigger your notifications and other requirements.

Let us know how it goes. As mentioned, I wouldn't recommend relying on the changelog table as a source of truth as the format could potentially change in future versions and it's not directly supported as a data source so we can't guarantee the integrity of the data.

Under review

Hi Paul,

Which connector are you using? By "record delete event", are you referring to the record being removed by a full import from the connector?

Hi Matthew,

we are using a Database connector (MSSQL), and yes, referring to record removal on full import.

The record deletion will appear in the UNIFYBroker changelog as a deletion (OOTB). Is this what you are after?

that would probably do the job if I could (excuse the irony) setup a new broker adapter using the changelog as the datasource and filter by delete events (is that the 'ChangeType' column?) - I get the feeling that could tear a hole in the time-space continuum.. any constraints/support issues on trying this approach?

+1
Answer
Answered

Hey Paul,

As discussed, a potential solution would be to hook up a new MA, that connects to the same UNIFYBroker Adapter. You could then configure this MA to remove its Connector Space objects when they are removed from the adapter, and join to your existing metaverse object. That way you have a record of who has been terminated and who hasn't - if they're terminated they'll exist in one MA, and if not terminated they'll exist in both.

You should be able to use this and a combination of some other logic to trigger your notifications and other requirements.

Let us know how it goes. As mentioned, I wouldn't recommend relying on the changelog table as a source of truth as the format could potentially change in future versions and it's not directly supported as a data source so we can't guarantee the integrity of the data.