Version: 2.1
Category: Process
Extended Category: LDAP
Action Package: Extended Actions
Description
This action generates user id’s in purpose to create unique directory/SQL user accounts. The action gives you the opportunity to build user id’s from session object input to the action. This input could be a given number of characters from, for instance, given name, middle name and last name.
In some cases a given prefix/suffix or a digit etc may be added.
There are a number of settings in Compose and Generate User ID that makes it possible to generate a user id from the naming rules that apply to the current database.
Note that the generated user id is case sensitive and may be formatted with PIP components as desired.
Parameter | Description | Example |
User ID Composition | [Mandatory] The user ID is composed in a format like ‘1,3,4’. 1=The first part of the user ID (could be three characters from the given name). 2=The second part of the user ID (could be a character from the middle name). 3=The third part of the user ID (could be three characters from the last name). 4=A serial number from a counter that is stored in an attribute/ou. EXAMPLE: Create a user name to ‘Peter Wu’. Example=1,3 will return ‘petwu’. NOTE: Please place ‘4’ (which gets the serial number) first or last in ‘User Id Composition’ . Example: 1,3,4 or 4,1,3 or 1,2,3,4″ | |
Session Attribute for User ID | [Mandatory] The session attribute where the result of the generated user ID will be stored. Default value is empty. | |
LDAP Data Source | [Optional] The LDAP directory where to perform a search in order to ensure that the generated user ID is unique. | My Active Directory |
LDAP Search Base DN | [Optional] The LDAP base DN. The search of user object starts here to determine if the generated user ID is unique. Supports SESSION(). | ou=users,o=company,dc=local |
LDAP Search Filter for User ID Lookup | [Optional] The search criteria to avoid user ID conflicts. Use ##UID## to insert the new user ID value. Default value=(&(objectclass=user)(samaccountname=##UID##)) | samaccountname=##UID## |
Second LDAP Data Source | [Optional] The second LDAP directory where to perform a search in order to ensure that the generated user ID is unique. | My Active Directory |
Second LDAP Search Base DN | [Optional] The LDAP base DN for the second LDAP directory. The search of user object starts here to determine if the generated user ID is unique. Supports SESSION(). | ou=users,o=company,dc=local |
Second LDAP Search Filter for User ID Lookup | [Optional] The search criteria to avoid user ID conflicts (in the second LDAP directory). Use ##UID## to insert the new user ID value. Default value=(&(objectclass=user)(samaccountname=##UID##)) | samaccountname=##UID## |
SQL Data Source | [Optional] The SQL database where to perform a search in order to ensure that the generated user ID is unique. | My SQL Data Source |
SQL SELECT Statement for User ID Lookup | [Optional] The search criteria to avoid user ID conflicts. Use ##UID## to insert the new user ID value. | SELECT * FROM users WHERE userid=’##UID##’ |
Session Attribute for the First Part of the User ID | [Optional] Session Attribute for the first part of the User ID. This value can, for instance, be taken from the first three characters of the given name. Default value is empty. NOTE: This part of the user ID can be placed in any order when composing the user ID with the setting User ID Composition. | givenName |
Session Attribute for the Second Part of the User ID | [Optional] Session Attribute for the second part of the User ID. This value can, for instance, be taken from the first character of the middle name. Default value is empty. NOTE: This part of the user ID can be placed in any order when composing the user ID with the setting User ID Composition. | middleName |
Session Attribute for the Third Part of the User ID | [Optional] Session Attribute for the third part of the User ID. This value can, for instance, be taken from the first three characters of the last name. Default value is empty. NOTE: This part of the user ID can be placed in any order when composing the user ID with the setting User ID Composition | sn |
Prefix for User ID | [Optional] A prefix value that will be added in front of the generated user ID. Example: If the prefix value is set to ‘USR’ and the user name is ‘John Doe’, the user name could be set to ‘USRjohndoe’. The default prefix value is empty. Supports SESSION(). | Consult |
Suffix for User ID | [Optional] A suffix value that will be added to the end of the generated user ID. Example: If the prefix value is set to ‘USR’, the user name is ‘John Doe’, the user name could be set to ‘johndoeUSR’. The default suffix value is empty. Supports SESSION(). | Consult |
User ID Character Min Length | [Optional] User ID minimum length before user prefix, suffix or incremental character is added. Example: If the generated user ID consists of four characters (‘abcd’) AND ‘User ID Character Min Length’= 6, the generated used ID is filled up with the character of ‘User ID Fill up Character’ in the end of the user ID until ‘User ID Character Min Length’ is reached (‘abcdxx’). If ‘User ID Fill up Character’ is unset, the user ID won’t reach the length of ‘User ID Character Min Length’. Default value=6 | 8 |
User ID Character Max Length | [Optional] User ID maximum length before user prefix, suffix or incremental character is added. Example: A maximum of 12 characters for a user ID like ‘peterwitherspoone’ results in ‘peterwithers’. Default value=12 | 10 |
User ID Counter DN | [Optional] The DN of the user ID counter holder. Used for accounts like account0001, account0002 etc. The default value is empty. | cn=counter,o=company,dc=local |
User ID Counter Length | [Optional] Length of the user ID counter number. If the user ID counter length is larger than given length, zeros will be added ahead of the ‘User ID Counter’ until given length is reached. (Let’s say you want seven digits like 0080001, 0080002 and so on instead of 80001, 80001 …). Default value=5 | 3 |
User ID Counter Attribute | [Optional] The attribute which stores the user ID counter. The default value is empty. | title |
User ID Padding Character | [Optional] If the generated user ID (before user prefix, suffix or incremental character is added) consists of four characters (‘abcd’) AND ‘User ID Character Max Length’= 6, the generated usedID is padded with this character in the end of the user ID until ‘User ID Character Max Length’ is reached (‘abcdxx’). If ‘User ID Padding Character’ is unset, the user ID won’t reach the length of ‘User ID Character Min Length’. The default value is empty. | X |
Allow Spaces (true/false) | [Optional] Allow spaces in the user id (true). Default value=false | true |
Add Incremental Character (true/false) | [Optional] If set to true and if a matching name is found, a digit/digits (‘Incremental Digit Length’) or character/characters is added to the end of the user name (username1 or username A etc) . Default value=true | false |
Always Add Incremental Character (true/false) | [Optional] If set to true, a digit/digits (‘Incremental Digit Length’) is always added to the end of the user name (username1 etc). Default value=false | true |
Incremental Character Type (digit/alpha) | [Optional] If the incremental character should consist of digit/s or alphabetic (A=1, B=2, C=3 …) characters. Default value=digit | alpha |
Incremental Digit Length | [Optional] Length of the user ID incremental digit. If the user ID incremental digit length is shorter than given length, zeros will be added ahead of the incremental digit until given length is reached. (Let’s say you want three chars 009, 010 and so on instead of 9, 10 …). Default value=1 | 3 |
Place incremental digit/character/counter before prefix or after suffix | [Optional] If the counter should be placed before the prefix or after the suffix, or the incremental digit/character should be placed after the suffix (true), or if the prefix always should be placed as the first value and the suffix always should be placed as the last value (false). Default: true. | false |
Character Substitution | [Optional] Characters to be replaced if they are found in the generated user ID. [char to be replaced]|[char substitute]. Comma (,) is used as delimiter. Example: ‘günäsk’ will be converted to ‘gunask’. Default value= å|a,ä|a,ą|a,â|a,á|a,à|a,ã|a,è|e,é| e,ê|e,ë|e,ę|e,ç|c,ć|c,ł|l,ü|u,ñ|n,û| u,ú|u,ù|u,í|i,ì|i,î|i,õ|o,ò|o,ö|o,ø| o,ó|o,ô|O,æ|ae,ś|s,ß|ss,ź|z,ż|z,Å| A,Ä|A,Â|A,Á|A,À|A,Ã|A,È|E,É| E,Ê|E,Ë|E,Ç|C,ł|l,Ü|U,Ñ|N,Û|U,Ú| U,Ù|U,Í|I,Ì|I,Í|I,Õ|O,Ò|O,Ö|O,Ø| O,Ó|O,Ô|O,Æ|AE | å|a,ä|a,ö|o |
Textfile Containing Excluded User IDs | [Optional] The name and path to the file for excluded, blacklisted user ID’s. The words (names) in the file shall be separated by carriage return (line feed). The default value is empty. | c:\blacklist\excludedUserIDslist.txt |
Blacklist Replacement Chars | [Optional] Characters to be replaced if User ID is on the blacklist. [char to be replaced]|[char substitute]. Comma (,) is used as delimiter. Example: ‘DEVIL’ will be converted to ‘DDVIL’. Default value= a|z,e|d,i|h,o|n,u|t,y|x,å|x,ä|å,ö|ä,A| Z,E|D,I|H,O|N,U|T,Y|X,Å|X,Ä|Å,Ö|Ä | a|z,e|d,i|h,o|n,u|t,y|x,å|x,ä|å,ö|ä,A| Z,E|D,I|H,O|N,U|T,Y|X,Å|X,Ä|Å,Ö|Ä |
Replace Only First Letter Occurrence (true/false) | [Optional] Replace only the first letter occurrence in blacklisted words (true), replace all letter occurrences (false). Default value=true | false |
Use Cases
Compose the User ID
The user ID is composed by a number of components/methods. The components is enumerated, for instance number 1 will add the value of Session Attribute for the First Part of the User ID to the composed user ID.
The user ID is composed in the setting User ID Composition. A standard setting is ‘1,3’. This configuration will generate the user ID ‘petsmi’ for ‘Peter Smith’. If ‘petsmi’ already is in use, ‘petsmi1’ will be returned. If the setting Incremental Digit Length is set to ‘3’, ‘petsmi001’ is returned instead.
You’ll find the components/methods below:
Function Number | Function | Note |
1 | Gets the input value from the Session Attribute for the First Part of the User ID | This value is formatted as desired when it is submitted to this action |
2 | Gets the input value from the Session Attribute for the Second Part of the User ID | This value is formatted as desired when it is submitted to this action |
3 | Gets the input value from the Session Attribute for the Third Part of the User ID | This value is formatted as desired when it is submitted to this action |
4 | Gets a serial number | Gets a serial number from a counter that is stored in an attribute of given object |
Example 1
An account for ‘Peter Wo’ is ordered.
User ID composition: Use the three first letters from the givenname and the three first letters from the lastname. Add a digit to the end of the user name if it’s already in use. If the composed user ID is shorter than six characters, fill it up with an ‘x’.
Expected result for ‘Peter Wo’ = ‘petwox’
If petwox is taken, next generated username will be ‘petwox1’ and so on.
Used settings:
Parameter | Value |
LDAP Data Source | My LDAP Data Source |
LDAP Search Base DN | ou=users,… |
Session Attribute for the First Part of the User ID | threeCharFromGivenname |
Session Attribute for the Third Part of the User ID | threeCharFromLastname |
Session Attribute for User ID | samaccountname |
User ID Composition | 1,3 |
User ID Fill up Character | x |
Example 2
An account for ‘Peter Wo’ is ordered.
User ID composition: Use the three first letters from the givenname and the three first letters from the lastname. ALWAYS add a digit to the end of the user name if it’s already in use. If the composed user ID is shorter than six characters, fill it up with an ‘x’.
Expected result for ‘Peter Wo’ = ‘petwox1’
If petwox1 is taken, next generated username will be ‘petwox2’ and so on.
Used settings:
Parameter | Value |
LDAP Data Source | My LDAP Data Source |
LDAP Search Base DN | ou=users,… |
Session Attribute for the First Part of the User ID | threeCharFromGivenname |
Session Attribute for the Third Part of the User ID | threeCharFromLastname |
Session Attribute for User ID | samaccountname |
User ID Composition | 1,3 |
User ID Fill up Character | x |
Always Add Incremental Character | true |
Example 3
An account for ‘Peter William Smith’ is ordered.
User ID composition: Use the two first letters from the givenname, the two first letters from the middlename and the two first letters from the lastname. Add a digit to the end of the user name if it’s already in use.
Expected result = ‘pewism’
If ‘pewism’ is taken, next generated username will be ‘pewism1’ and so on.
Used settings:
Parameter | Value |
LDAP Data Source | My LDAP Data Source |
LDAP Search Base DN | ou=users,… |
Session Attribute for the First Part of the User ID | twoCharFromGivenname |
Session Attribute for the Second Part of the User ID | twoCharFromMiddlename |
Session Attribute for the Third Part of the User ID | twoCharFromLastname |
Session Attribute for User ID | samaccountname |
User ID Composition | 1,2,3 |
User ID Fill up Character | x |
Always Add Incremental Character | true |
Example 4
User ID without given name, middle name and last name.
User ID composition: A prefix (or suffix) and a counter. The initial counter value is set to 80001 in this example.
Result: [userPrefix]0080001, [userPrefix]0080002 or 0080001[userSuffix],0080002[userSuffix] and so on.
Used settings:
Parameter | Value |
LDAP Data Source | My LDAP Data Source |
LDAP Search Base DN | ou=users,… |
Session Attribute for User ID | samaccountname |
User ID Composition | 4 |
Prefix for User ID | userPrefix |
User ID Counter | ou=users,… |
User ID Counter Attribute | businessCategory (value set to ‘80001’) |
User ID Counter Length | 7 |
Exclude Blacklisted Words
Configure the setting Textfile Containing Excluded User IDs with the name and path to the file for excluded user ID words.
Parameter | Value |
Textfile Containing Excluded User IDs | c:\\blacklists\\excludelist.txt |
Example of file content. The words in the text file should be separated by carriage return (line feed).
adrian
pete
evil
satan
Character Replacement
Before a user ID is returned, illegal characters are replaced. The characters and it’s substitutes are found in the setting Character Substitution.
The character to be replaced is delimited with a pipe from the substitute character: [char to be replaced]|[char substitute]. Comma (,) is used as delimiter before the character pair.
NOTE that ‘space’ always is removed.
Dash (-) is not removed from generated name, but can be replaced with the setting Character Substitution.
Example: ‘gün -äsk’ returns ‘gunask’
DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.
PhenixID - support.phenixid.se