Skip to Content

Getting the AD GUID into IDM via Workflow

Happy New Year everyone! Hope everyone got to enjoy their holidays.

I've got a question for the group mind here... Does anyone out there have a method they use to get the AD objectGUID attribute into the Identity Store using Workflow? I can do it easily enough in a reconciliation job, but I'd like to get it during provisioning. I've been playing with some PowerShell but it's not working the way I'd like it to. If anyone has already invented this particular wheel, I'd appreciate the benefit of your experience.

Thanks!

Matt

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Jan 03 at 11:15 AM

    Hi Matt,

    thanks, happy new year to you also.

    Have you tried the uLDAPGetEntry script function?

    OK, I get some gibberish out of it in the uWarning. Probably needs some UTF-8 stuff or the uWarning is just not capable of that.

    Script is quite simple, most relevant rows here:

    var ldapEntry = uLDAPGetEntry(fullSearchDN, user, password); // user and pw from the connection user

    var value = ldapEntry.get(attrname); // objectguid

    Called from another script with (dn = DN of the user):

    var fullSearchDN = "LDAP://%$rep.LDAP_HOST%:%$rep.LDAP_PORT%/" + dn + "??BASE?(objectclass=*)";

    var wantedValue = isv_ad_getAttributeFromLDAP(fullSearchDN, user, password, attrname);

    Kind regards

    Dominik

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Dominik,

      Just wondering about that UTF 8 thing you were talking about since when I try to access the GUID it's not coming in any kind of format that IDM can work with as you can see when I try to get the length of the GUID string.

      Any thoughts on this?

      Thanks,

      Matt

      objectguid.jpg (90.3 kB)