As we know very well that LDAP or Active Directory(AD)is always being used to store data in hierarchical structure by making different-different Groups.
The Groups in LDAP or AD can be expanded to any level in hierarchical structure.
There is always LDAP or AD Administrator who creates Groups in a domain as per
predefined requirement.
But sometimes as an IDM developer you might face a situation to create a Group
dynamically after being evaluated some logics in your business Work Flow.
Here is my endeavor to make your work little bit smoother
<Action id='0' name='create groups in LDAP'>
<expression>
<block name='create groups in LDAP' trace='true'>
<set name='resourceObject'>
<invoke name='getObject'>
<invoke name='getLighthouseContext'>
<ref>WF_CONTEXT</ref>
</invoke>
<invoke name='findType' class='com.waveset.object.Type'>
<s>Resource</s>
</invoke>
<s>DemoLDAP</s> <!-- LDAP or AD resource name -->
</invoke>
</set>
<set name='resourceAdapterHandle'>
<invoke name='findAdapter' class='com.waveset.provision.ResourceOp'>
<ref>resourceObject</ref>
<invoke name='getCache'>
<invoke name='getLighthouseContext'>
<ref>WF_CONTEXT</ref>
</invoke>
</invoke>
</invoke>
</set>
<set name='newOUGenericObject'>
<new class='com.waveset.object.GenericObject'>
<map>
<s>objectId</s>
<s>ou=GroupName,dc=test,dc=root</s> <!-- Group name -->
<s>objectType</s>
<s>Organizational Unit</s>
</map>
</new>
</set>
<invoke name='createObject'>
<ref>resourceAdapterHandle</ref>
<ref>newOUGenericObject</ref>
<map/>
</invoke>
</block>
</expression>
</Action>
Subscribe to:
Post Comments (Atom)
The code looks so familiar
ReplyDelete