Background: The existing IM r14.x ADS Connector has a pre-create/post-create process, that allows clients to add in additional business logic as needed during new user creation.
This process is a valuable feature when the IME is running on a Linux host, and the existing Policy Xpress business logic does NOT have the ability to run Powershell or other scripts natively for MS Windows OS.
These pre/post create exits can be executed on the remote IAMCS(JCS w/ embedded CCS), which allows this process to be used with the Virtual Appliance and/or remote cloud installations with a local deployment of the IAMCS(JCS w/ embedded CCS) services.
Examples of use:
1) MS O365 APIs (to convert a MS ADS User Account for preperation to be used with MS AD Azure Sync),
2) Distributions Lists (using Powershell to simplify 1000 of possible ADS Account Templates to a single powershell query)
3) Update of the remote home folder ACLs for ADS Account.
Challenge: While the pre/post-create process exists for active directory, the associated pre/post modify process does not.
To address the above challenge when using the IM solution with a Linux OS, it is necessary to install a remote SSH Service on a MS Windows Host. There is no current production ready process documented in the CA IM r14.x wiki.
The data flow for any Active Directory updates (via Powershell scripts) from an Linux OS (IME), is a PX CLI to SSH client service to a remote SSH server hosted on a MS Windows Server in the same domain as the managed endpoint and/or managed Exchange/O365 processes.
To avoid this cumbersome process, the follow enhancement request is:
Add in a similar pre/post modify action/process to the MS Active Directory Connector.