Skip to Content

Getting the AD GUID into IDM via Workflow

Happy New Year everyone! Hope everyone got to enjoy their holidays.

I've got a question for the group mind here... Does anyone out there have a method they use to get the AD objectGUID attribute into the Identity Store using Workflow? I can do it easily enough in a reconciliation job, but I'd like to get it during provisioning. I've been playing with some PowerShell but it's not working the way I'd like it to. If anyone has already invented this particular wheel, I'd appreciate the benefit of your experience.



Add comment
10|10000 characters needed characters exceeded

1 Answer

  • Posted on Jan 03, 2019 at 11:15 AM

    Hi Matt,

    thanks, happy new year to you also.

    Have you tried the uLDAPGetEntry script function?

    OK, I get some gibberish out of it in the uWarning. Probably needs some UTF-8 stuff or the uWarning is just not capable of that.

    Script is quite simple, most relevant rows here:

    var ldapEntry = uLDAPGetEntry(fullSearchDN, user, password); // user and pw from the connection user

    var value = ldapEntry.get(attrname); // objectguid

    Called from another script with (dn = DN of the user):

    var fullSearchDN = "LDAP://%$rep.LDAP_HOST%:%$rep.LDAP_PORT%/" + dn + "??BASE?(objectclass=*)";

    var wantedValue = isv_ad_getAttributeFromLDAP(fullSearchDN, user, password, attrname);

    Kind regards


    Add comment
    10|10000 characters needed characters exceeded