Rule description
This rule reads the specified data source file, for each file record finds a corresponding AD user account, and populates or updates this user questions and answers in the Self-Service Q&A Profile.
When to use this rule
Use this rule when you need to automatically enroll in bulk Active Directory users in Cayosoft Self-Service. For each Active Directory user that is in the rule scope, the data source file should contain the answers to the questions defined in the rule and the anchor attribute to find the corresponding user account.
Rule Settings
Query Section
Setting name | Description |
---|---|
Select Data Source |
Specify the text file to be imported. The […] button allows the user to browse for the file and the Create/Edit button allows the creation or editing of the existing file in the built-in Data Source editor. |
Limit scope to this domain or OU |
This setting defines the search query scope. To improve query performance, limit the scope to specific OU. Important: To test rule configuration, limit the rule scope to an OU that contains test accounts or objects.
|
Data Source Anchor attribute |
Specify the column in the Data Source that will be used to determine if the user account already exists. This value is compared to the Active Directory Anchor Attribute. Because user names are likely to have duplicates, some other attribute with a unique value should be used to determine if records read from the Data Source have already been processed. |
Active Directory Anchor attribute |
Specify the attribute in the AD to which the Data Source anchor attribute is to be compared. When a user is updated this value also specifies the AD attribute into which the Data Source anchor is written for comparison the next time the rule is executed. Note: If the Active Directory attribute you wish to use as the Active Directory Anchor attribute is not displayed, you can enter the LDAP name of the attribute in the field. The attribute must be flagged as searchable (https://msdn.microsoft.com/en-us/library/ms679765(v=vs.85).aspx) within Active Directory. To determine if the attribute is flagged as searchable you can use ADSI Edit to view the Schema Objects container and examine the attribute’s searchFlags property.
|
More Options |
|
Filter CSV Data |
This setting specifies the filter that can remove data rows from the imported text file that satisfy the specific condition. |
Filter AD Data |
To hide unwanted data set the filtering conditions here. Example: filter by the found object Distinguished Name. |
Initialization script |
You can initialize a global variable in this setting and then use it in Filter AD Data setting. Important: To use a variable, declared in initialization script, in the filter, it must be global: $global:<variable name>.
Example: Update AD users, created in the last ten days.
{$global:DatePeriod = (Get-Date).AddDays(-10)}
|
Action Section
Setting name | Description |
---|---|
Number of questions to enroll
|
Select the number of questions (from 1 to 5) that the data source file must have the answers. |
Questions 1 - Questions 5 |
Specify the list of questions. |
Question by Phone |
Specify the question that will be shared with the Help Desk. |
Answer 1 - Answer 5 |
Specify the column in the Data Source that will be used to determine the answers to questions. |
Answer to question shared with the help desk |
Specify the column in the Data Source that will be used to determine the answer to question shared with the help desk. |
Alternative Email Alternative Phone |
Specify the columns in the Data Source that will be used to determine the alternative user email and phone. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
Change History
Version | Notes |
---|---|
6.1.0 | The rule is introduced in the product. |
Comments
0 comments
Please sign in to leave a comment.