Symantec IGA

​Hi Guys,
   i am extending the ADS schema to be able to populate some extended custom AD attributes using the Provisioning engine.
I already did this several time on IM based on Windows servers but now I have to do this with Identity Suite vApp and Unix.
I created the schema.ext file in PS_HOME/data/ads/ folder listing all custom attributes name.
I restarted PS and JCS, closed and restarted the Provisioning Manager but I am not able to see these attributes in a new template creation process.
Does anybody have any suggestion about this is not working or can give me a check list for Identity suite vApp ?
Is this extension supported by IS vApp?
Many thanks in advance
Regards,
Claudio

------------------------------
Claudio Cordaro
Services Architect
------------------------------

When using the IM vapp you need to install an instance of the JCS/CCS on a Windows machine and then use ConnectorXpress to configure the routing of AD Connector requests to this Windows instance. You should put the schema.ext file on that Windows instance.
Original Message:
Sent: 07-29-2019 08:42 AM
From: Claudio Cordaro
Subject: ADS Schema extension on unix IDentity suite

​Hi Guys,
   i am extending the ADS schema to be able to populate some extended custom AD attributes using the Provisioning engine.
I already did this several time on IM based on Windows servers but now I have to do this with Identity Suite vApp and Unix.
I created the schema.ext file in PS_HOME/data/ads/ folder listing all custom attributes name.
I restarted PS and JCS, closed and restarted the Provisioning Manager but I am not able to see these attributes in a new template creation process.
Does anybody have any suggestion about this is not working or can give me a check list for Identity suite vApp ?
Is this extension supported by IS vApp?
Many thanks in advance
Regards,
Claudio

------------------------------
Claudio Cordaro
Services Architect
------------------------------

Hi Kenneth, thanks for your quick reply. The Windows server hosting JCS and CCS is already in place, I will make the configuration over there.
Many thanks
Claudio​
Original Message:
Sent: 07-29-2019 09:08 AM
From: Kenneth Verrastro
Subject: ADS Schema extension on unix IDentity suite

When using the IM vapp you need to install an instance of the JCS/CCS on a Windows machine and then use ConnectorXpress to configure the routing of AD Connector requests to this Windows instance. You should put the schema.ext file on that Windows instance.
Original Message:
Sent: 07-29-2019 08:42 AM
From: Claudio Cordaro
Subject: ADS Schema extension on unix IDentity suite

​Hi Guys,
   i am extending the ADS schema to be able to populate some extended custom AD attributes using the Provisioning engine.
I already did this several time on IM based on Windows servers but now I have to do this with Identity Suite vApp and Unix.
I created the schema.ext file in PS_HOME/data/ads/ folder listing all custom attributes name.
I restarted PS and JCS, closed and restarted the Provisioning Manager but I am not able to see these attributes in a new template creation process.
Does anybody have any suggestion about this is not working or can give me a check list for Identity suite vApp ?
Is this extension supported by IS vApp?
Many thanks in advance
Regards,
Claudio

------------------------------
Claudio Cordaro
Services Architect
------------------------------

​Hi Kenneth, even modifying the JCS/CCS Windows Servers hosting the connector used by vApp to provision AD I am not currently able to view the extended attributes in the AD Account Templates.
I read about the needing to make some explore and correlate task with "update GU" option, but I wouldn't make this update since this could make some modification to customer current environment.
Is this needed?
Could I put inside the eTADSPayload attribute the correct syntax manually so that the template can show that fields in the configuration and process it?

I found this example:
extendedAttribute1:01:0006=value1;extendedAttribute2:01:0007=value10;extendedAttribute2:01:0008=value100

How should I configure that string to provision, for instance, the following attributes:
costCenter
employeeStatus
enrollID

I remember I already did this for another customer but didn't have all this issues… the new attributes appeared in the template immediately.

Thanks in advance for your help.
Claudio
Original Message:
Sent: 07-29-2019 09:08 AM
From: Kenneth Verrastro
Subject: ADS Schema extension on unix IDentity suite

When using the IM vapp you need to install an instance of the JCS/CCS on a Windows machine and then use ConnectorXpress to configure the routing of AD Connector requests to this Windows instance. You should put the schema.ext file on that Windows instance.
Original Message:
Sent: 07-29-2019 08:42 AM
From: Claudio Cordaro
Subject: ADS Schema extension on unix IDentity suite

​Hi Guys,
   i am extending the ADS schema to be able to populate some extended custom AD attributes using the Provisioning engine.
I already did this several time on IM based on Windows servers but now I have to do this with Identity Suite vApp and Unix.
I created the schema.ext file in PS_HOME/data/ads/ folder listing all custom attributes name.
I restarted PS and JCS, closed and restarted the Provisioning Manager but I am not able to see these attributes in a new template creation process.
Does anybody have any suggestion about this is not working or can give me a check list for Identity suite vApp ?
Is this extension supported by IS vApp?
Many thanks in advance
Regards,
Claudio

------------------------------
Claudio Cordaro
Services Architect
------------------------------

​I have manually modified all "eTADSPayload" attributes in Provisioning Directory and I have been able to provision the required information to AD extended attributes… anyway I can only see these custom mappings in the Account Template configuration but, browsing the AD Account from the Provisioning Manager, the custom tab is empty even if the attributes have been provisioned.
Claudio
Original Message:
Sent: 08-26-2019 06:34 AM
From: Claudio Cordaro
Subject: ADS Schema extension on unix IDentity suite

​Hi Kenneth, even modifying the JCS/CCS Windows Servers hosting the connector used by vApp to provision AD I am not currently able to view the extended attributes in the AD Account Templates.
I read about the needing to make some explore and correlate task with "update GU" option, but I wouldn't make this update since this could make some modification to customer current environment.
Is this needed?
Could I put inside the eTADSPayload attribute the correct syntax manually so that the template can show that fields in the configuration and process it?

I found this example:
extendedAttribute1:01:0006=value1;extendedAttribute2:01:0007=value10;extendedAttribute2:01:0008=value100

How should I configure that string to provision, for instance, the following attributes:
costCenter
employeeStatus
enrollID

I remember I already did this for another customer but didn't have all this issues… the new attributes appeared in the template immediately.

Thanks in advance for your help.
Claudio
Original Message:
Sent: 07-29-2019 09:08 AM
From: Kenneth Verrastro
Subject: ADS Schema extension on unix IDentity suite

When using the IM vapp you need to install an instance of the JCS/CCS on a Windows machine and then use ConnectorXpress to configure the routing of AD Connector requests to this Windows instance. You should put the schema.ext file on that Windows instance.
Original Message:
Sent: 07-29-2019 08:42 AM
From: Claudio Cordaro
Subject: ADS Schema extension on unix IDentity suite

​Hi Guys,
   i am extending the ADS schema to be able to populate some extended custom AD attributes using the Provisioning engine.
I already did this several time on IM based on Windows servers but now I have to do this with Identity Suite vApp and Unix.
I created the schema.ext file in PS_HOME/data/ads/ folder listing all custom attributes name.
I restarted PS and JCS, closed and restarted the Provisioning Manager but I am not able to see these attributes in a new template creation process.
Does anybody have any suggestion about this is not working or can give me a check list for Identity suite vApp ?
Is this extension supported by IS vApp?
Many thanks in advance
Regards,
Claudio

------------------------------
Claudio Cordaro
Services Architect
------------------------------

Original Message------

​I have manually modified all "eTADSPayload" attributes in Provisioning Directory and I have been able to provision the required information to AD extended attributes… anyway I can only see these custom mappings in the Account Template configuration but, browsing the AD Account from the Provisioning Manager, the custom tab is empty even if the attributes have been provisioned.
Claudio