Jorge's Quest For Knowledge!

All You Need To Know About Identity And Security On-Premises And In The Cloud. It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2011-01-22) Checking Uniqueness Of An Attribute In FIM 2010 During The EDIT process

Posted by Jorge on 2011-01-22


In this post I explained how to check for uniqueness of an attributevalue that was entered manually in the RCDC during the CREATE process. At that point in time it only worked for the CREATE process and it did not work in the EDIT process. Starting with some FIM build number it also started working for the EDIT process. A colleague (kudos!) of mine needed this, tried it and it surprisingly worked! For my own fun I tested this with FIM build 4.0.3561.2. So I know for sure it works in that build and later, but probably also a few builds earlier.

For the CREATE process the XPATH Validation filter (/Person[AccountName=’%VALUE%’]) looks like:

(when using NOTEPAD)

image

(when using XML NOTEPAD)

image

Although when using the same XPATH validation filter, it might appear to work correctly, except for one scenario. Let’s analyse this.

When creating a new object, that object of course does not exist yet and with that XPATH validation filter you are querying the DB for all PERSON objects that have the value you entered for, in this case, the AccountName attribute. Because the object does not yet exist, it is not important to take the non-existent object into account.

However, using the same XPATH validation filter in the EDIT process would work rather against you then help you. This is why. When editing an existing object and with that XPATH validation filter you querying the DB for all PERSON objects (including the object you are editing at the moment!) that have the value already specified for, in this case, the AccountName attribute. You would not be able to edit the existing object anymore because it would keep telling you another object exists with the same value for the same attribute. Because the object being editted does already exist, it is important to take the object into account.

For the EDIT process the XPATH Validation filter (/Person[(AccountName=’%VALUE%’) and not(ObjectID=’%ObjectID%’)]) should look like:

(when using NOTEPAD)

image

(when using XML NOTEPAD)

image

So, with this XPATH validation filter in the EDIT process you are querying the DB for all PERSON objects, excluding the object you are editing at the moment, that have the value you entered or was already specified for, in this case, the AccountName attribute.

Using this XPATH validation filter in the CREATED process would also work.

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER:
https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
#########
http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: