PhenixID

Compose and Generate User ID

Version: 3.0

Category: Process

Extended Category: LDAP

Action Package: Standard Actions

Description

This action generates user ID’s in purpose to create unique user accounts.

It generates user ID’s based on a given number of characters via provided information from for instance: session attributes, incrementing numbers and static string values.

There are a number of settings in Compose and Generate User ID that makes it possible to generate a user id from the naming rules that apply to the current directory and/or database.

Parameter Description Example
LDAP Data Source[Optional]
The LDAP directory where to perform a search in order to ensure that the generated user ID is unique.
My Active Directory
LDAP Search Base DN[Optional]
The LDAP base DN. The search of user object starts here to determine if the generated user ID is unique.
Supports SESSION() and GLOBAL().
ou=users,o=company,dc=local
LDAP Search Filter for User ID Lookup[Optional]
The search criteria to avoid user ID conflicts. Use ##UID## to insert the new user ID value.
Default value is (&(objectclass=user)(samaccountname=##UID##))
Second LDAP Data Source[Optional]
The second LDAP directory where to perform a search in order to ensure that the generated user ID is unique.
My Active Directory
Second LDAP Search Base DN[Optional]
The LDAP base DN for the second LDAP directory. The search of user object starts here to determine if the generated user ID is unique.
Supports SESSION() and GLOBAL().
ou=users,o=company,dc=local
Second LDAP Search Filter for User ID Lookup[Optional]
The search criteria to avoid user ID conflicts (in the second LDAP directory). Use ##UID## to insert the new user ID value.
Default value is (&(objectclass=user)(samaccountname=##UID##))
SQL Data Source[Optional]
The SQL database where to perform a search in order to ensure that the generated user ID is unique.
My SQL Data Source
SQL SELECT Statement for User ID Lookup[Optional]
The search criteria to avoid user ID conflicts. Use ##UID## to insert the new user ID value.
SELECT * FROM users WHERE userid=’##UID##’
Result attributes[Mandatory]
The name of the session attribute(s) where the result of the generated user ID will be stored. Multiple names separated by comma (,).
Default value is empty.
userid
User ID Character Min Length[Optional]
User ID minimum length. If the minimum length is not reached, padding will be used if included in the parts. Use 0 to not check the minimum length.
Default is 0.
6
User ID Character Max Length[Optional]
User ID maximum length. If the maximum length has been exceeded, the value from any session attributes in the parts will be reduced. Use 0 to not check the maximum length.
Default is 0.
12
Character Substitution[Optional]
Characters to be replaced if they are found in the generated user ID. [char to be replaced]|[char substitute]. Comma (,) is used as delimiter.
Example: ‘günäsk’ will be converted to ‘gunask’.
Default value is å|a,ä|a,ą|a,â|a,á|a,à|a,ã|a,è|e,
é|e,ê|e,ë|e,ę|e,ç|c,ć|c,ł|l,ü|u,ñ|n,û|u,ú|u,ù|u,í|i,
ì|i,î|i,õ|o,ò|o,ö|o,ø|o,ó|o,ô|O,æ|ae,ś|s,ß|ss,ź|z,
ż|z,Å|A,Ä|A,Â|A,Á|A,À|A,Ã|A,È|E,É|E,Ê|E,Ë|E,
Ç|C,ł|l,Ü|U,Ñ|N,Û|U,Ú|U,Ù|U,Í|I,Ì|I,Í|I,Õ|O,Ò|O,
Ö|O,Ø|O,Ó|O,Ô|O,Æ|AE
Textfile Containing Excluded User IDs[Optional]
The name and path to the file for excluded, blacklisted user ID’s. The words (names) in the file shall be separated by carriage return (line feed).
Default value is empty.
c:\blacklist\excludedUserIDslist.txt
Blacklist Replacement Chars[Optional]
Characters to be replaced if User ID is on the blacklist. [char to be replaced]|[char substitute]. Comma (,) is used as delimiter.
Example: ‘DEVIL’ will be converted to ‘DDVIL’.
Default value is a|z,e|d,i|h,o|n,u|t,y|x,å|x,ä|å,
ö|ä,A|Z,E|D,I|H,O|N,U|T,Y|X,Å|X,Ä|Å,Ö|Ä
Allow Special characters (true/false)[Optional]
Allow special characters, like -., and space (true) or only letters and digits (false) in session attribute values. If false, the special characters will be removed.
Default value is false
true
Part 1 in User ID[Optional]
Part 1 in the User ID. See description below.
Part 2 in User ID[Optional]
Part 2 in the User ID. See description below.
Part 3 in User ID[Optional]
Part 3 in the User ID. See description below.
Part 4 in User ID[Optional]
Part 4 in the User ID. See description below.
Part 5 in User ID[Optional]
Part 5 in the User ID. See description below.
Part 6 in User ID[Optional]
Part 6 in the User ID. See description below.
Part 7 in User ID[Optional]
Part 7 in the User ID. See description below.
Part 8 in User ID[Optional]
Part 8 in the User ID. See description below.
Part 9 in User ID[Optional]
Part 9 in the User ID. See description below.
Part 10 in User ID[Optional]
Part 10 in the User ID. See description below.

User ID Parts

A part can be any of the following types: session attribute, static text string, counter from the directory, padding or incremental digit or alpha. The types can be mixed as desired, to create the user id you want.

Every part starts with the type name, and then the rest of the configuration for that part follows, separated with pipes (|). Note that the right amount of separators must be entered, even if you use the default values for some parameters.

Session attribute value

Used to add a value from a session attribute to the user ID.

Attribute|AttributeName|CharacterCase|Length|UseNextCharForIncrement|PaddingRules

ParameterDescriptionExample
AttributeThe type used for a session attribute value.Attribute
AttributeNameThe name of the session attribute.givenname
CharacterCaseTo change the case of the letters, enter ‘upper’ for upper case, ‘lower’ for lower case or leave empty to leave the case as it is.
Default is empty, the case will not be changed.
upper
LengthThe number of characters to use from the attribute value.
If the value is longer, it will be cut at the end to match the length.
If the value is shorter, padding can be configured to fill out to the length. If no padding is configured, the length will be shorter than configured.
Default value is 0, meaning that the length of the attribute value is not changed.
4
UseNextCharForIncrementWhen the composed user ID is not unique, some kind of change is made to the user ID to find a unique value. If this parameter is set to true, and a length is configured to use a length shorter than the attribute value, the last letter in the value will be changed to the letter after that one.
(true/false)
Default value is false.

Example: The attribute value is ‘Simon’ and the length is set to 3, which gives the value ‘Sim’. If the composed user ID is not unique, the action will then change the ending ‘m’ to the next character in ‘Simon, which is ‘o’. The value that will be used in the user ID is therefor ‘Sio’.
true
PaddingRulesThe rules for adding padding if the value in the session attribute is shorter than the configured length for this value.
The rules are separated with colon (:).

First rule, useLatestCharForPadding, can be set to true or false. If set to true, the last character in the value will be repeated until the length is reached. If set to false, the character after the colon is used instead.
false:X

String

Used to add a static string value to the user ID.

String|Value

ParameterDescriptionExample
StringThe type used for a string valueString
ValueThe text value. Supports GLOBAL()USER

Counter

Used to read a digital counter from an object in the directory.

Counter|DN|AttributeName|Length

ParameterDescriptionExample
CounterThe type used for a counterCounter
DNThe distinguishedName for the object in ‘LDAP Data Source’ that holds the counter.ou=consultants,o=company,dc=local
AttributeNameThe name of the attribute at the above object, that holds the counter.adminDescription
LengthThe desired length of the value. If the counter value is shorter, zeros will be added to reach the desired length.
If length is set to 0, the actual length of the counter value will be used.
Example: The length is set to ‘4’ and the value in the counter is ’34’. The used value will be ‘0034’.
3

Padding

Add characters to reach the minimun length.

Padding|Character

ParameterDescriptionExample
PaddingThe type used for paddingPadding
CharacterThe character to use for the padding.X

Incremental Alpha

Used to add an incremental alpha. The character can be added always, or only when the first tested user ID is not unique. The characters used are A-Z, and if the user ID is still not unique, two characters will be added like AA, AB, AC up to ZZ.

IncrementalAlpha|AlwaysAdd|IncludeInMaxLength|UpperCase|StartCharacter

ParameterDescriptionExample
IncrementalAlphaThe type used for an incremental alphaIncrementalAlpha
AlwaysAddSet to true to always add the alpha, or set to false to only add the alpha if the tested user ID is not unique.
Default is false.
true
IncludeInMaxLengthIf set to false, the character(s) in this part will not be counted when checking the maximum length of the user ID.
If set to true, this part will be counted, so if the character(s) are only added when the tested user ID is not unique, the rest of the user ID will be shortened to give room for this character(s) in the maximum length.
Default is false.
true
UpperCaseIf set to true, the character(s) added will be in upper case. If set to false, the character(s) added will be in lower case.
Default is true.
false
StartCharacterThe character to start with, if other than A.
Default is A.
X

Incremental Digit

Used to add an incremental digit. The character can be added always, or only when the first tested user ID is not unique.

IncrementalDigit|AlwaysAdd(true/false)|IncludeInMaxLength(true/false)|Length|StartNumber

ParameterDescriptionExample
IncrementalDigitThe type used for incremental digitIncrementalDigit
AlwaysAddSet to true to always add the digit, or set to false to only add the digit if the tested user ID is not unique.
Default is false.
true
IncludeInMaxLengthIf set to false, the character(s) in this part will not be counted when checking the maximum length of the user ID.
If set to true, this part will be counted, so if the character(s) are only added when the tested user ID is not unique, the rest of the user ID will be shortened to give room for this character(s) in the maximum length.
Default is false.
true
LengthThe desired length of the value. If the incremental digit value is shorter, zeros will be added to reach the desired length.
If length is set to 0, the actual length of the incremental digit will be used.
Example: The length is set to ‘3’ and the value in the incremental digit is ‘5’. The used value will be ‘005’.
3
StartNumberThe number to start with.
Default is 1.
2

Use Cases

Example 1

An account for ‘Peter Wo’ is ordered.

User ID composition: Use the three first letters from the givenname and the three first letters from the lastname. Add a digit to the end of the user name if it’s already in use. If any of the attribute values are shorten than 3 characters, fill it up with an ‘x’.

Expected result for ‘Peter Wo’ = ‘petwox’

If petwox is taken, next generated username will be ‘petwox1’ and so on.

Used settings:

Parameter Value
Part 1 in User IDAttribute|givenname|lower|3|false|false:x
Part 2 in User IDAttribute|lastname|lower|3|false|false:x
Part 3 in User IDIncrementalDigit|false|false|0|1

Example 2

An account for ‘Peter Wo’ is ordered.

User ID composition: Use the three first letters from the givenname and the three first letters from the lastname. ALWAYS add a digit to the end of the user name. If the total length of the user ID is shorten than 7 characters, fill it up with an ‘x’ before the digit.

Expected result for ‘Peter Wo’ = ‘petwox1’

If petwox1 is taken, next generated username will be ‘petwox2’ and so on.

Used settings:

Parameter Value
User ID Character Min Length7
Part 1 in User IDAttribute|givenname|lower|3|false|false:
Part 2 in User IDAttribute|lastname|lower|3|false|false:
Part 3 in User IDPadding|x
Part 4 in User IDIncrementalDigit|true|true|0|1

Example 3

An account for ‘Peter William’ is ordered.

User ID composition: Use the whole givenname in lower case and lastname in upper case. Add an alpha to the end of the user name if it’s already in use, starting with the letter X. The maximum length of the user ID is 10.

Expected result = ‘peterWILLI’

If ‘peterWILLI’ is taken, next generated username will be ‘peterWILLX’. If that is taken, the next generated username will be ‘peterWILLY’ and so on.

Used settings:

Parameter Value
User ID Character Max Length10
Part 1 in User IDAttribute|givenname|lower|0|false|false:
Part 2 in User IDAttribute|lastname|upper|0|false|false:
Part 3 in User IDPadding|x
Part 4 in User IDIncrementalAlpha|false|true|true|X

Example 4

User ID without any session attribute values.

User ID composition: A prefix and a counter. The counter is stored in the attribute adminDescription at the object ou=consultants. The initial counter value is set to 80001 in this example.

Result: Consult_0080001, Consult_0080002 and so on.

Used settings:

ParameterValue
Part 1 in User IDString|Consult_
Part 2 in User IDCounter|ou=consultants,o=company,dc=local|adminDescription|7

Exclude Blacklisted Words

Configure the setting Textfile Containing Excluded User IDs with the name and path to the file for excluded user ID words.

ParameterValue
Textfile Containing Excluded User IDsc:\blacklists\excludelist.txt

Example of file content. The words in the text file should be separated by carriage return (line feed).

adrian
pete
evil
satan

Character Replacement

Before a user ID is returned, illegal characters are replaced. The characters and it’s substitutes are found in the setting Character Substitution.

The character to be replaced is delimited with a pipe from the substitute character: [char to be replaced]|[char substitute]. Comma (,) is used as delimiter before the character pair.

Example: ‘günäsk’ returns ‘gunask’


DISCLAIMER
Information provided in this document is for your information only. PhenixID makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

The origin of this information may be internal or external to PhenixID. PhenixID makes all reasonable efforts to verify this information.

PhenixID - support.phenixid.se