Thanks you for answer, I solved my issue to create AD group
Now I want to delete a group on AD server. The AD connector capability “Delete Group on AD server” is enabled and it has only “GroupName” input parameter, as follow:
"GroupName" parameter must contain a DN of interested group. I mapped the groupDN within “External ID” attribute, in Active Directory Account Collector, as follow:
To remove an AD group I created a form, setting with the following fields:
1. GroupPicker control type named "adgroupname" and setted on "Name" value
2. ProvisioningCommand control type, setted to “Active Directory” Business Source and “Delete a Group on AD Server” capability command. I mapped the only one capability parameter GroupName (above mentioned) with group-name, in particular ${avform.adgroupname}
When I launch the debug form to delete a group test (i.e. TESTGROUP), I select the group within the GroupPicker filed. After I have only the CN (CN=TESTGROUP) within provisioningCommand parameter. This behavior is not correct, because to delete an AD group I must collect whole the DN (CN=TESTGROUP,OU=xxx,DC=COMPANY,DC=LOCAL).
In my configuration, DN is contained within “External ID” attribute and if possible, I don’t want remap it in other attribute.
How I can map the “External ID” attribute into the provisioningCommand parameter?
Thanks in advance
Are you collecting the DN name of the group?
Normally you should during your collection process, collect the group DN and store it in an atribute. Then use that attribute when you need to delete it.