HI Everyone, I have a simple question, are there ways in declarative provisioning to create collision logic? i.e if I have two people named John Jackson and the second one is added after the first to have FIM modify the username/DN to accomodate (such as by adding a number). I'd imagine I'd have to set that in my sync rules some how, with some sort of custome expression. However, is there a common approach to this?

Brandon, From my understanding, to solve this you can use the classic MA rules extensions and search the MV to check if the value for the CN already exists or you should be able to use a custom workflow activity for this, as well. I hope this helps!

Hy. With declarative provisioning you can't do that. To generate different account name,by means of adding a number or somethig else you should use rules extensions. So what cou can do is for example in FIM Synchronization Service application take firstname and lastname and connect that with username. By doing that you will create rules extension and open a project in Visual Studio. Then if you would like to create accountname when importing from HR database, you would call your function for accountgeneration in MapAttributesForImport routine. Your code should look something like: void IMASynchronization.MapAttributesForImport (string FlowRuleName, CSEntry csentry, MVEntry mventry) { switch(FlowRuleName) { case "mailNicknameMapping" : //case "mailNicknameMapping": // If the mailnickname attribute exists, set attribute to // a value from the nickname function. If the nickname attribute // does not exist, delete the metaverse entry. if(csentry["mailNickname"].IsPresent) { // The value for the mailnickname attribute should be unique on every // metaverse entry. To create a unique value, call a function that // calculates a unique name based upon the connector space entry. // Use this calculated value as the attribute value for the metaverse // entry. string newMailNickname = GetCheckedMailNickName(csentry["mailNickname"].Value, mventry); // If a unique nickname could not be created, throw an exception. if(newMailNickname.Equals("")) { throw new TerminateRunException("A unique mailNickname could not be found"); } mventry["mailNickname"].Value = newMailNickname; } else { mventry["mailNickname"].Delete(); } break; default : break; } } // This function creates a unique mailNickname for use in a metaverse entry. string GetCheckedMailNickName(string mailNickname, MVEntry mventry) { MVEntry[] findResultList = null; string checkedMailNickname = mailNickname; // Create a unique naming attribute by adding a number to // the existing mailNickname value. for (int nameSuffix = 1; nameSuffix < 100; nameSuffix++) { // Check if the mailNickname value exists in the metaverse by // using the Utils.FindMVEntries method. findResultList = Utils.FindMVEntries("mailNickname", checkedMailNickname, 1); if (findResultList.Length == 0) { // The current mailNickname is not in use. return(checkedMailNickname); } // If a metaverse entry was found with the specified mailNickname, // see if this is the entry specified. MVEntry mvEntryFound = findResultList[0]; if (mvEntryFound.Equals(mventry)) { return(checkedMailNickname); } // If the passed nickname is already in use by another metaverse // entry, concatenate the counter number to the passed value and // verify this new value exists. Repeat this step until a unique // value is created. checkedMailNickname = mailNickname + nameSuffix.ToString(); } // Return an empty string if no unique nickname could be created. return ""; } This example and other you can find on FIM developers reference here.www.V-irtualization.com

Brandon, You can implement that type of logic within the FIM Portal/Service as well, as Glenn mentioned. A custom workflow activity to build/define your username and DN can kick off similar logic as to what Domagoj is suggesting in rules extensions. I've implemented both approaches in the past. Cheers, Marc Marc Mac Donell, ILM MVP, VP Identity and Access Solutions, Avaleris Inc.

We do exactly this with a Custom Workflow Activity. We use this to follow a set of business rules to define how the username should be asserted.

I'm new to FIM and i'm also not primarily a programmer. in saying that my Visual.NET/Visual C skills are not that sharp. Is the custom workflow activity based on these technologies? Perhaps I can modify an existing custom extension.

Just to reply you from my experience.. I really really had little programming experience (and i don't like programming), but some programming in FIM is really easy. You can easily reuse existing code from online examples or someone else. For example you could reuse above code with just changing your particular attribute names in for csentry and for mventry. Domagoj Pernarwww.V-irtualization.com

It's .net based, so you can write a CWA in vb.net, c#, f#, etc, whatever works for you. We work in C#. Probably a good idea to look at online samples as Domagoj says.