Udostępnij za pośrednictwem


How to: Deprovision Objects After a Specified Time

You can use the Provision method to trigger deprovisioning on a single connector or multiple connectors in Forefront Identity Manager Synchronization Service (FIM Synchronization Service) to an MVEntry object after a specified time.

Note

This example works only if you run the management agent that contains the remaining connector space object in full-synchronization mode. This operation is very time-consuming in a large metadirectory.

The following examples show how to deprovision an object from the FIM Synchronization Service database (metaverse) after a specified time. You can use this example to schedule an activity for an object in the metaverse, such as implementing a Time To Live scenario. The example assumes that the metaverse object has two additional attributes: DateofTermination and TimeToLive. These attributes are set during import attribute flow on the metaverse object.

Public Sub Provision( _
   ByVal mventry As MVEntry) _
   Implements IMVSynchronization.Provision


   ' If the function returns true, the account is expired. Disconnect the 
   ' <tla rid="fim_syncdb_short" /> object from the connector space.
   If AccountTTLExpired(MVEntry("DateofTermination").Value, MVEntry("TimeToLive").Value) Then
       MVEntry.ConnectedMAs.DeprovisionAll()
   End If

' Continue with normal provisioning.

End Sub

Public Function AccountTTLExpired(ByVal TerminatedDate As String, _
                                 ByVal TTL As String) As Boolean

   ' If the TerminatedDate and TimeToLive attributes contain values, then
   ' add the attributes and compare to the current date. If the current date
   ' is more than or equal to the TerminatesDate and ToLiveTime value,
   ' the function returns true.

   Dim TTLExpired As Boolean = False

   If TerminatedDate.Equals("") Or TTL.Equals("") Then Exit Function

   Try
      Dim StartTTLDate As Date = CDate(TerminatedDate)
      Dim DaysToTTL As Double = CDbl(TTL)
      Dim TimeToLiveDate As DateTime

      TimeToLiveDate = StartTTLDate.AddDays(DaysToTTL)

      If Now >= TimeToLiveDate Then
         TTLExpired = True
      End If

   Catch
      ' Handle exceptions here.

   End Try
   AccountTTLExpired = TTLExpired
End Function
void IMVSynchronization.Provision (MVEntry mventry)
{

    // If the function returns true, the account is expired. Disconnect the 
    // <tla rid="fim_syncdb_short" /> object from the connector space.
    if (AccountTTLExpired (mventry["DateofTermination"].Value, mventry["TimeToLive"].Value))
    {
        mventry.ConnectedMAs.DeprovisionAll();
    }
    // Continue with normal provisioning.
}
//...
public bool AccountTTLExpired(string TerminatedDate, string TTL)
{
    // If the TerminatedDate and TimeToLive attributes contain values, then
    // add the attributes and compare to the current date. If the current date
    // is more than or equal to the TerminatesDate and ToLiveTime value,
    // the function returns true.
    if (TerminatedDate.Equals(""))
    {
        return(false);
    }
    if(TTL.Equals(""))
    {
        return(false);
    }
    try
    {

        // Convert TerminatedDate to a DateTime object.
        DateTime StartTTLDate;
        StartTTLDate = Convert.ToDateTime(TerminatedDate);

        // Convert the TTL string to a double.
        double DaysToTTL = Convert.ToDouble(TTL); //TTL
        DateTime TimeToLiveDate = new DateTime();

        // Add DaysToTTL to StartTTLDate to get TimeToLiveDate.
        TimeToLiveDate = StartTTLDate.AddDays(DaysToTTL);
        if (DateTime.Now >= TimeToLiveDate)
        {
            return(true);
        }
    } 
    catch
    {
        // Handle exceptions here.
    }
    return false;
}

See Also

Reference

MVEntry

Concepts

Deprovisioning Objects in the Connector Space