Symantec IGA

Hi,

We have a requirement, where we need to validate the employee Number attribute which a manager fills in the Create User Form in the Identity Portal. The Validation handler needs to verify with the LDAP User Store to validate, if the typed in employee number, already exist for some other user id, and if yes throws an error message or else allows user creation.

If someone has tried, or had similar requirement?

Regards,

Lav Malhotra

Have you reviewed the handlers in the Form configuration?  I assume the following could be modified to check for 'employee id'

Create Forms - CA Identity Portal - 14.1 - CA Technologies Documentation 

• Validate Handler – in this example a regular expression is used to validate the name of the object provided by the user. Standard Javascript RegEx functions are used to define the regular expression and test it. The CA Identity Portal elements to note in this script are the usage of the prop variable that holds the information of the prop being validated. In this script the prop.value is being tested. In order to display the error message to the user the prop.error is being used. Note the Validate function must have a return value of true or false.

  function validate (api, prop) {
  var ptn = /^[-\s&()A-Za-z0-9]+$/;
  if (true === ptn.test(prop.value)) {
  return true;
  }
  prop.error = "Invalid object name: " + prop.value;
  return false;
  }

Hi,

Thanks for the response. It looks the below Validation Handler will check the pattern of the entered property.

The requirement, is to validate employeeNumber (in the LDAP user store). The value which a task requester enters, form handler validates that does not exist for any other user, and in case it exists display a error message and if not allow user creation.

Regards,

Lav Malhotra

If your LDAP User Store is CA Directory DSA, you may want to look into following:

Unique Attribute Values - CA Directory - 14.0 - CA Technologies Documentation 

set unique-attrs-subtree Command -- Enable Checks for Uniqueness Within a Subtree - CA Directory - 14.0 - CA Technologie… 

set unique-attrs Command -- Enable Checks for Uniqueness of Attribute Values - CA Directory - 14.0 - CA Technologies Doc… 

Hope this helps.

Thanks,

Hitesh

Hello,

We are aware of this, and this has already been set for the particular attributes of the Directory. But this check happens at the backend, after task submission which falls the task if a unique value is not entered.

But we are looking for something, a manager while creating the user through Identity portal enters the employeeNumber value, a validation handler is called which checks the directory and ensure it is unique or else display an error.

If any information or pointers how to achieve that?

Regards,

Lav Malhotra

Hi,

Has anybody tried similar requirement from Identity Portal? To check if the entered employeeNumber is unique by checking in the LDAP User Store to display an error message or allow creation.

Hi Lav

This post describes the general concept of making an LDAP search from a form in Identity Portal. You could probably adapt it to do a search for the employeeNumber, and if any user is returned, display an error.

Pearse

Hello,

I've had the exact same requirement, and solved it using the LDAP Search plugin, modified to search for EmployeeNumber. The document was found here and thanks to arape02 for the suggestions.

In the validation handler for the emplyee number field, I added the following, please ignore the dutch texts as error messages :

var heijmansNr = prop.value;

heijmansNr_trimmed = parseInt(heijmansNr, 10)

var usersLdapFilter = "employeeNumber="+heijmansNr_trimmed;
var usersAttributes = "displayName,employeeNumber";
var usersBaseDN = "DC=heijmans,DC=local";
var resultMessage= "Dit Heijmansnummer komt al voor bij de volgende gebruikers:" + "\n";

var count = 0;

return api.server(['LDAPSearch', usersLdapFilter, usersAttributes, usersBaseDN]).then(

function(success)
{
// First of all, get your return object
var result = success.returnValue;
console.log(result);
// Iterate through every entry in the result
for (var dn in result)
{
console.log(dn);
resultMessage= resultMessage+ dn + "\n";
if(result.hasOwnProperty(dn))
++count;
}


if(count > 0)
{
api.prompt(resultMessage);

console.log(resultMessage);
return false;
}
else
{
console.log("Uniek Heijmansnummer");
return true;
}

}
,
function(error)
{
// Do some eventual error handling like a message display
api.prompt("Het Heijmansnummer kan niet gecontroleerd worden, neem contact op met ICT beheer" );
return false;
}
);

Hi,

Thanks a lot for the wonderful suggestion. Have a question about use of below in the Plugin Java Script Code. Is this similar to Rhino? Facing the below error, if you have experienced the same or any resolution? The codes go to the Part, api.prompt("Het Heijmansnummer kan niet gecontroleerd worden, neem contact op met ICT beheer" );

// Allows the usage of 'importPackage' with JRE8

try{

load("nashorn:mozilla_compat.js");

}

catch(e){}

Regards,

Lav Malhotra

Hi,

It was some ldap connection issue, which is fixed. But the handler code returns already exist even if I enter a unique or existing value.

Will try to figure out and do some fixing.

Regards,

Lav Malhotra

Hi,

When a unique value is entered, flow goes to else part but looks it does not return true value. Console gives message that its a Unique Value but the Portal gives message Validation error. The validation works perfect if I enter a existing value, returns the Message Already exists. Any help if the number entered is unique, the task gets submit.

Regards,

Lav Malhotra