Blog Post

Core Infrastructure and Security Blog
3 MIN READ

(WAL) - Workflow Example - Generate Unique Value

AMARSIGLIA's avatar
AMARSIGLIA
Icon for Microsoft rankMicrosoft
Nov 01, 2019

First published on MSDN on Feb 19, 2016
Using the latest WAL (Workflow Activity Library) which can be located from a link on the following Blog Post - The MIMWAL (Custom Workflow Activity Library)
Generate Unique Value: This workflow can be used to create is used to create a Unique Value to be set for almost any attribute within the FIM Portal (FIMService Database) that you wish to be unique to the environment, additionally it is possible to add LDAP Queries perform a look up against an LDAP Directory such as Active Directory and verify that the value being generated is also unique to that source as well. I would recommend using this activity to generate attributes such as:

    • Account Name

 

    • Mail Nickname

 

    • Mail

 

    • CN



Technically you would not need to create a workflow for each of the above attributes and in a lot of scenarios 1 of the attribute values would be used for the others as well.
In this example we will use this activity to generate an Account Name for a new user that is created, this type of activity is recommended not only to verify Uniqueness but to verify a specific standard is met as well. For example the company policy may state that the account name is to be generated using the following format.
Option 1

    • Lower Case

 

    • First 2 letters of First Name

 

    • Followed by a “.”

 

    • Last Name



Option 2 If not Unique and if Middle Name Exist

    • Lower Case

 

    • First 2 letters of First Name

 

    • Followed By a “.”

 

    • First Initial of Middle Name

 

    • Followed by a “.”

 

    • Last Name



Option 3 If Not Unique and If No Middle Name Exist

    • Lower Case

 

    • First 2 letters of First Name

 

    • Followed by a “.”

 

    • Last Name

 

    • Next sequential seed Number



Option 4 If Not Unique and Middle Name Exist

    • Lower Case

 

    • First 2 letters of First Name

 

    • Followed By a “.”

 

    • First Initial of Middle Name

 

    • Followed by a “.”

 

    • Last Name

 

    • Next sequential seed Number



In the FIM / MIM Portal navigate to the Workflow page

 

 


Click on New

 

 


For Workflow Name type in something that reflects the purpose of the overall workflow that you are creating and keep in mind that some workflows that you build will require multiple activities so the name of the Workflow should represent the workflow as a whole.
I generally Start the name of all my workflows with an underscore so it looks like “_WorkflowNameExample” This pushes all my custom workflows to the top of the list of all my workflows and separates my custom workflows from my default workflows and provides a level of understanding for the next person who has to take over your awesome environment that you are building
For Description it may be helpful to type in a detail of what the Workflow is for, this may help prevent others from creating duplicate workflows.
For Workflow Type select Action for additional information about the other Workflow Actions check out the following Blog Post Understanding Workflows

For Run on Policy Update, well leave this unchecked



Click on Next
You are now presented with a list of activities to choose from, to generate a Unique Value

 

 


Click on WAL: Generate Unique Value

 

 


Click on Select
You are now presented with the Generate Unique Value Activity Template

 

 



    • Activity Display Name Type something that represents the purpose of this activity. In this Example I used Generate Unique Account Name. Notice I did not add an Underscore or other characters because the name of the workflow already uses that to identify as custom.



Note: The Following Statements are Case Sensitive

    • Activity Execution Condition – For this example we will leave this blank

 

    • Target for Generated Value – [//Target/AccountName]

 

    • /Person[AccountName'[//Value]']

 

    • Conflict Filter - /Person[AccountName = '[//Value]']

 

    • Query LDAP for Conflicts – Checked

 

    • LDAP Queries

        • Directory Entry Path – LDAP://DC=Contoso,DC=com

        • LDAP Filter - (&(Objectclass=user)(ObjectCategory=Person)(sAMAccountName=[//Value]))






    • Uniqueness Key Seed – Enter a number I usually start with 2

 

    • Value Expressions –

        • LowerCase(Left([//Target/FirstName],2)+"."+[//Target/LastName])

        • LowerCase(Left([//Target/FirstName],2) + "." + IIF(IsPresent([//Target/MiddleName]), Left([//Target/MiddleName],1), "") + IIF(IsPresent([//Target/MiddleName]), ".", "") + [//Target/LastName])

        • LowerCase(Left([//Target/FirstName],2) + "." + IIF(IsPresent([//Target/MiddleName]), Left([//Target/MiddleName],1), "")+ IIF(IsPresent([//Target/MiddleName]), ".", "") + [//Target/LastName])+[//UniquenessKey]




 


Click on Save


Click on Finish

 

 


Now create the MPR that will trigger this workflow when a new user is created.

Updated Feb 20, 2020
Version 3.0
No CommentsBe the first to comment