Udostępnij za pośrednictwem


Rules Extensions - MapAttributesForJoin

Update 1/19/2017

When configuring your "Join Logic" via a Custom MA Extension we need to remember to try and keep it simple i know that's not always possible but the more complex the Join Logic the greater the risk of joining two objects up incorrectly, Also try not to get into the trap of trying to make a super complex join logic to cover every possible scenario, Join logic should not be a replacement for good old fashion Data Clean Up. Yes using code can and will make Data Clean up easier but if you have 2 million objects and there is one object that has no real data to be used for joining do you waste countless hours to come up with logic to allow that 1 object to join up with something or do you find that object after and just clean it up at the source.

by modifying the following section you can build a more advance Join Logic, the below code is referenced from the following post Rules Extension -MAExtension

 

void IMASynchronization.MapAttributesForJoin (string FlowRuleName, CSEntry csentry, ref ValueCollection values)
        {
            //
            // TODO: write join mapping code
            //
            throw new EntryPointNotImplementedException();
        }

 

If you would like to join objects from a Source Directory that has samAccountNames with the format that includes "SP_" added to the accountName from other directories.

in a Disaster Recovery Scenario where you have to rebuild the Metaverse and join objects back up.

the following piece of code would remove "SP_" from the samAccountName of the source object and than attempt to join to an object in the metaverse with the accountName that matches the sAMAccountName of the source object minus the "SP_"

Example A

void IMASynchronization.MapAttributesForJoin (string FlowRuleName, CSEntry csentry, ref ValueCollection values)
        {
            //
            // TODO: write join mapping code
            //
            values.Add(csentry["samAccountName"].StringValue.Replace("SP_", ""));
            //throw new EntryPointNotImplementedException();
        }

 

The problem with the above code is, I left no room for addition Join logic. If I wanted to use the Same extension across several Management Agents each with their own unique Join Statement I would need to modify the code like the following example

Example B

void IMASynchronization.MapAttributesForJoin(string FlowRuleName, CSEntry csentry, ref ValueCollection values)

{

switch (FlowRuleName)

{

case "SPAccountName":

values.Add(csentry["samAccountName"].StringValue.Replace("SP_", ""));

break;

case "BuildAccountName":

if (csentry["accountName"].IsPresent)

{

values.Add(csentry["accountName"].StringValue);

}

else if (csentry["firstName"].IsPresent && csentry["lastName"].IsPresent)

{

values.Add(csentry["firstName"].StringValue + "." + csentry["lastName"].StringValue);

}

break;

}

}

Example A would require the MA Join Logic to be configured like

 

joinLogicEXA

Example B would use the FlowRuleName making it easier to manage

joinLogicEXB

 

Once the code has been compiled See Rules Extensions - Build and Compile

Right Click on the Management Agent that the extension is for and click on Properties

in this example we wrote an extension for Join Logic so we will click on Configure Join and Projection Rules

Select the object type you wish to configure the Join Rule for, in this example we chose group.

now Select New Join Rule,

In the Data Source attribute: section we selected sAMAccountName

for Mapping Type we selected Rules Extension

For Metaverse object type: select the object type that you wish to join to in the metaverse do not leave as ANY, unless that is what you really need.

and for Metaverse Object type: we selected accountName

 

Once you have that selected click on Add Condition, you may get the following message about joining non-indexed

Click on OK

Now in the next window you need to define context or function in which will be called in the rules extension that will perform the action you desire.

If you dont know what it is open up the extension again in Visual Studios

In this example we will use IMASynchronization.MapAttributesForJoin

Remove the value in the window

now add the function name in this example we will use "IMASynchronization.MapAttributesForJoin" it should look like the following

Click on OK

At this point if you click on OK you will probably receive the following message unless you have the rules extension selected under Configure Extensions

When you click on OK from this window you should be directed to the Configure Extensions Window

Click on Select next to the Rules Extension at the top

This will open up a window which will display all .dll files within the default extensions directory "C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Extensions\*.dll"

Locate the Extension you just Compiled and select and highlight it, click on OK

It should now be listed in the Rules Extension Name section.

Click on OK to complete and save the configuration.

If there are multiple functions that are using rules extensions you need to add all the functions to a single .dll.

 ## Additional information on "IMASynchronization.MapAttributesForJoin Method"  can be located here