Passing Account Attributes
Immediately before each ADS account is created, the command line interface will load the optional file %PSHOME%\bin\ADSExitUsrPreAdd.txt. Each line in the file is inspected and anything that has the form %LDAP_attribute_name% is replaced with the actual attribute value of that attribute. (Where LDAP_attribute_name is the LDAP name of the attribute on the new ADS account object.)
For example, the ADS connector is creating an ADS account with the givenName of YourName and ADSExitUsrPreAdd.txt contains the line:
test.bat “%givenName%.txt”
The command line interface replaces this line with the following and then invokes the batch file:
test.bat “YourName.txt”
Test.bat must not expect user input from the Provisioning Manager since it is running as part of the C++ Connector Server. Test.bat should be placed in the %PSHOME%\bin directory.
Similar to the processing of ADSExitUsrPreAdd.txt, the optional file %PSHOME%\bin\ADSExitUsrPostAdd.txt is processed immediately after an ADS account is created.
If a multi-valued attribute is specified by %LDAP_attribute_name%, the attribute values are appended together with a semicolon (;) as a delimiter between each value. If the actual data contains semicolons (;), the command line interface cannot distinguish between the data and the delimiter.
The command line interface does not support the following:
Note: The command line interface uses the Windows API CreateProcess on each line in the text file.
Copyright © 2013 CA.
All rights reserved.
|
|