Rules Extensions – MapAttributesForJoin


Update 6/24/2016

There are times when setting up Join Rules up either on the MA

 

or by using Sync Rules

 

Are fine for basic Direct Join logic, like in the 2 examples above the Join Logic is set to look at the value for the samAccountName and match it to the value for accountName that is set for an object in the Metaverse.

The difficulty comes when trying to “massage the data” at the source before trying to join to an object in the metaverse.

by modifying the following section you can build a more advance Join Logic, the below code is referenced from the following post Rules Extension -MAExtension

 

void IMASynchronization.MapAttributesForJoin (string FlowRuleName, CSEntry csentry, ref ValueCollection values)
        {
            //
            // TODO: write join mapping code
            //
            throw new EntryPointNotImplementedException();
        }

 

If you would like to join objects from a Source Directory that has samAccountNames with the format that includes “SP_” added to the accountName from other directories.

in a Disaster Recovery Scenario where you have to rebuild the Metaverse and join objects back up.

the following piece of code would remove “SP_” from the samAccountName of the source object and than attempt to join to an object in the metaverse with the accountName that matches the sAMAccountName of the source object minus the “SP_”

Example A

void IMASynchronization.MapAttributesForJoin (string FlowRuleName, CSEntry csentry, ref ValueCollection values)
        {
            //
            // TODO: write join mapping code
            //
            values.Add(csentry[“samAccountName”].StringValue.Replace(“SP_”, “”));
            //throw new EntryPointNotImplementedException();
        }

 

The problem with the above code is, I left no room for addition Join logic. If I wanted to use the Same extension across several Management Agents each with their own unique Join Statement I would need to modify the code like the following example

Example B

void IMASynchronization.MapAttributesForJoin(string FlowRuleName, CSEntry csentry, ref ValueCollection values)

{

switch (FlowRuleName)

{

case “SPAccountName”:

values.Add(csentry[“samAccountName”].StringValue.Replace(“SP_”, “”));

break;

case “BuildAccountName”:

if (csentry[“accountName”].IsPresent)

{

values.Add(csentry[“accountName”].StringValue);

}

else if (csentry[“firstName”].IsPresent && csentry[“lastName”].IsPresent)

{

values.Add(csentry[“firstName”].StringValue + “.” + csentry[“lastName”].StringValue);

}

break;

}

}

Example A would require the MA Join Logic to be configured like

 

joinLogicEXA

Example B would use the FlowRuleName making it easier to manage

joinLogicEXB

 

Once the code has been compiled See Rules Extensions – Build and Compile

Right Click on the Management Agent that the extension is for and click on Properties

in this example we wrote an extension for Join Logic so we will click on Configure Join and Projection Rules

Select the object type you wish to configure the Join Rule for, in this example we chose group.

now Select New Join Rule,

In the Data Source attribute: section we selected sAMAccountName

for Mapping Type we selected Rules Extension

For Metaverse object type: select the object type that you wish to join to in the metaverse do not leave as ANY, unless that is what you really need.

and for Metaverse Object type: we selected accountName

 

Once you have that selected click on Add Condition, you may get the following message about joining non-indexed

Click on OK

Now in the next window you need to define context or function in which will be called in the rules extension that will perform the action you desire.

If you dont know what it is open up the extension again in Visual Studios

In this example we will use IMASynchronization.MapAttributesForJoin

Remove the value in the window

now add the function name in this example we will use “IMASynchronization.MapAttributesForJoin” it should look like the following

Click on OK

At this point if you click on OK you will probably receive the following message unless you have the rules extension selected under Configure Extensions

When you click on OK from this window you should be directed to the Configure Extensions Window

Click on Select next to the Rules Extension at the top

This will open up a window which will display all .dll files within the default extensions directory “C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Extensions\*.dll”

Locate the Extension you just Compiled and select and highlight it, click on OK

It should now be listed in the Rules Extension Name section.

Click on OK to complete and save the configuration.

If there are multiple functions that are using rules extensions you need to add all the functions to a single .dll.

 ## Additional information on “IMASynchronization.MapAttributesForJoin Method”  can be located here

 

Comments (0)