Question about AD provisioning and adding users to groups dynamically
581939Mar 23 2009 — edited Jul 14 2009Hey All,
So I"m finally getting the hang of OIM and I know there are 100 ways to do something but here is what I want to do, but not sure if it will work.
Basically, when a new user gets created in OIM from a trusted source reconciliation, I have auto group memberships rule, groups and access policies to auto add them to the AD User resource. Based on which organization the user is in, I have a prepopulate adapter to create them in a specific OU. ADCS create user work flow kicks off and all is good.
Here's an example:
Trusted Source > OIM > Auto Group membership > AD user Group > access policy > AD user.
I'm now taking this a step further and also adding the user to certain AD groups, depending on which OU they are placed in. Can I create another group, let's call it AD Sales User Group, create an access policy around this group and then prepopulate the group membership after a user is created automatically? So
SO:
Trusted Source > OIM > Auto Group membership (sales) > AD Sales User Group > access policy > AD Sales Resourcer > add membership to the form.
So I want the auto provision a user, as well as dump them into an AD Group.
Thanks, hope this made sense.
Tony