ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
470 views

Unique Usernames

Hi,

On user creation i created a policy which gives users a default username as follows: Substring(length="1", Operation Attribute("Given Name"))+Operation Attribute("Surname").
We would like usernames to be unique.
The aim is to check, on user creation, if the username generated has already used by another user in the vault.
In this case an additional letter from the Given Name will be added to the Username.
What is the best way to query all the usernames of all the Users in IDVAULT so that it would be easier to compare it later on with the newly created username?
Labels (1)
0 Likes
4 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Hi vkhoury,
You will be surprised, but I will recommend to use predefined IDM token unique-name.
https://www.netiq.com/documentation/identity-manager-47/policy_designer/data/tokenuniquename.html

It allows to create unique value for any attribute based on your rules

<rule>
<description>Unique Name</description>
<conditions>
<and/>
</conditions>
<actions>
<do-set-local-variable name="lvCN" scope="policy">
<arg-string>
<token-unique-name counter-digits="2" counter-pattern="last" counter-use="fallback" name="CN" on-unavailable="error" test-all-objects="false">
<arg-string>
<token-substring length="1">
<token-attr name="Given Name"/>
</token-substring>
<token-attr name="Surname"/>
</arg-string>
</token-unique-name>
</arg-string>
</do-set-local-variable>
</actions>
</rule>
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

On 8/8/2018 3:34 AM, vkhoury wrote:
>
> Hi,
>
> On user creation i created a policy which gives users a default username
> as follows: Substring(length="1", Operation Attribute("Given
> Name"))+Operation Attribute("Surname").
> We would like usernames to be unique.
> The aim is to check, on user creation, if the username generated has
> already used by another user in the vault.
> In this case an additional letter from the Given Name will be added to
> the Username.
> What is the best way to query all the usernames of all the Users in
> IDVAULT so that it would be easier to compare it later on with the newly
> created username?


There is a token for that, Unique Name.

You may not realize, but there is a lot of built inn functionality in
IDM, since many people before you have had teh same issues.

You might benefit from my book on all 140+ IDM tokens...

Amazon:
https://smile.amazon.com/IDM-Tokens-definitive-NetIQs-tokens-ebook/dp/B00OGR0AGW/ref=sr_1_1?ie=UTF8&qid=1533731258&sr=8-1&keywords=idm+tokens+carman

Hardcopy:
https://www.lulu.com/shop/search.ep?keyWords=geoffrey+carman&type=

Also, you may not yet know it, but there is a nice test tool for IDM
called Validator, for which I have also written a book, which is visible
on that Hardcopy link.

0 Likes
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

the token username only allow the use of a counter in case of duplicates. But i would like to add the first letter of initials in the case of duplicates.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

On 8/13/2018 9:14 AM, vkhoury wrote:
>
> the token username only allow the use of a counter in case of
> duplicates. But i would like to add the first letter of initials in the
> case of duplicates.


Look again. It is quite powerful.

Define two, three, four patterns.

First pattern matches, try second pattern. That matches, try third?

Final one can be to add a counter if you so desire.


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.