Answered

Identity Broker Provisioning

13 years ago in UNIFYBroker/Microsoft Identity Manager • updated by 9 years ago • 4

Do we have any examples of provisioning to Broker if the object has a multi-part DN (eg: UID=<object>,OU=users). Currently I'm getting an error in that OU=users does not exist. Has this been done? Proven not to work?

Vote

Replies 4
Oldest first
- Newest first
- Oldest first

13 years ago

Hey Peter,

The reason it hasn't really been "documented" as such is because this issue is actually a FIM-side issue to do with containers, common to all management agents. In the same way as you can't provision to AD without bringing in a matching hierarchy first via import or otherwise, you can't provision an object in FIM unless the container already exists in the connector space. This could be resolved in two ways, possibly more:

Run an import with at least one item present to bring in the container, the same as you would for Active Directory/ADAM
If you have no entities, you will need to initially provision the container in your logic (object class "container", DN of the same format you want, ie. OU=Users)

Let me know if you have any further thoughts on this or if this does not help.

Matt

13 years ago

Yeah - knew that was a problem. I was wondering if someone had worked around it somehow. I have 4 object types to provision for Cisco and can't break it up any other way. Its a pity that we can't 'autoprovision' as they do for the AD MA.

13 years ago

Peter,

Good point on the Provisioning Hierarchy thing, it could be useful to have. I've added it as a feature request when looking at ~~IDBFIM-18~~ (if it's possible for us to do). Otherwise, import a single entity in that container, or provision the container initially.

13 years ago

Question answered - will work around it.

Customer support service by UserEcho

Identity Broker Provisioning

Votes left: 9/9

Topic stats