AnsweredAssumed Answered

Delete AD Group Form

Question asked by Andrea Saldamarco on May 10, 2016
Latest reply on May 17, 2016 by Boris Lekumovich

Hi,

I want to delete a group on AD server. The AD connector capability “Delete Group on AD server” is enabled and it has only “GroupName” input parameter, as follow:

"GroupName" parameter must contain a DN of interested group. I mapped the groupDN within “External ID” attribute, in Active Directory Account Collector, as follow:

To remove an AD group I created a form, setting with the following fields:

  • GroupPicker control type named "adgroupname" and setted on "Name" value

  • ProvisioningCommand control type, setted to “Active Directory” Business Source and “Delete a Group on AD Server” capability command. I mapped the only one capability parameter GroupName (above mentioned) with group-name, in particular ${avform.adgroupname}

When I launch the debug form to delete a group test (i.e. TESTGROUP), I select the group within the GroupPicker filed. After I have only the CN (CN=TESTGROUP) within provisioningCommand parameter.

This behavior is not correct, because to delete an AD group I must collect whole the DN (CN=TESTGROUP,OU=xxx,DC=COMPANY,DC=LOCAL).

In my configuration, DN is contained within “External ID” attribute and if possible, I don’t want remap it in other attribute.

 

How I can map the “External ID” attribute into the provisioningCommand parameter (i.e. ${xxx.ExternalID})?

 

Thanks in advance

Andrea Saldamarco

Outcomes