Chat now with support
Chat mit Support

Power365 Current - Power365 Directory Sync Advanced Mappings Guide

GetDN

These functions are used to gather or set values based on settings within the selected template and the Stage Data step of a workflow. Some functions will simply return a value and others will return a computed value based on which setting was selected. For example, Profile.TargetDomain returns a computed value which is a domain in the format of redfishhotels.com where getdn(CN) returns a complete value adding the source CN to the Target OU within the Stage Data setting. These functions all begin with uppercase letters to differentiate them from other functions.

Profile.TargetDomain

  • Purpose: This profile setting will return the domain selected in the UI below during the configuration of the Stage Data step in a workflow. It will apply to the mapping template selected within the Stage Data Step.

  • Syntax:  Profile.TargetDomain or P.TargetDomain

  • Location: The Stage Data Step of a workflow for Local and Cloud Environments

  • Based on the above the use of Profile.TargetDomain or P.TargetDomain will result in a value of "TwoFishHotels.com"

Profile.DefaultPassword

  • Purpose: This profile setting refers to the Default password set in the template used within a Stage Data step of a workflow and is used to encode a password so that it can be applied to newly created objects in AD

  • Syntax:  Profile.DefaultPassword or P.DefaultPassword

  • Location: The Template Settings for Local and Cloud environments

  • Based on the above the use of Profile.DefaultPassword or P.DefaultPassword would return the value entered and masked by the *’s.  It will not be encoded, but rather be in plain text.

AllowTargetAddress

  • Purpose: This function works like a profile setting where it returns the behavior defined within the template. Further details of this function can be found in the function section of this document.

  • Syntax: AllowTargetAddress()

  • Location: This profile setting refers to the setting selected by the user for targetAddress within the template.

  • The allow target address function is used as a condition and should ONLY be used on the targetAddress attribute.  The product will determine the correct course of action based on the selection in the settings.  This setting can be ignored if you remove AllowTargetAddress() from the condition on the default mapping of the targetAddress.

GetGroupType

  • Purpose: Calculate target group type based on profile settings and the source or target object's group type

  • Syntax:  GetGroupType()

  • Location: In the template under Objects – Groups.  The possible setting values vary based on the target environment type.

  • GetGroupType() will look at the setting to determine what group type to create in the target. If the target environment is a local Active Directory, it will determine if it should convert the group to another type, skip it, or create it as-is. If the target environment is Azure AD, it will look at the options allowed to determine how you would like the group created.

GetDN

  • Purpose: Calculate the target DN value using the given cn value and the value of the target DN

  • Syntax:  GetDN(cn)

  • Location:  The default domain

  • Based on the above selection and a user with the source CN of john.smith, the DN of the user would be calculated as CN=john.smith,OU=CW-Test,DC=redfishhotels,DC=com

GetUserAccountControl

  • Purpose: Calculates UserAccountControl value based on profile settings. Applies to Local AD target only.  If the source is a Cloud object, it will read the AccountDisabled Flag and set the object in AD to match the value.

  • Syntax: GetUserAccountControl()

  • Location:  This setting can be in the template under Objects-Users

  • When using this function only 3 settings from about apply.  Enabled, Disabled, and As-Is. The value of UserAccountControl will be set to 512, or 514 based on the values for enabled/disabled, or as it is existing in the source.

GetUserAccountControl

These functions are used to gather or set values based on settings within the selected template and the Stage Data step of a workflow. Some functions will simply return a value and others will return a computed value based on which setting was selected. For example, Profile.TargetDomain returns a computed value which is a domain in the format of redfishhotels.com where getdn(CN) returns a complete value adding the source CN to the Target OU within the Stage Data setting. These functions all begin with uppercase letters to differentiate them from other functions.

Profile.TargetDomain

  • Purpose: This profile setting will return the domain selected in the UI below during the configuration of the Stage Data step in a workflow. It will apply to the mapping template selected within the Stage Data Step.

  • Syntax:  Profile.TargetDomain or P.TargetDomain

  • Location: The Stage Data Step of a workflow for Local and Cloud Environments

  • Based on the above the use of Profile.TargetDomain or P.TargetDomain will result in a value of "TwoFishHotels.com"

Profile.DefaultPassword

  • Purpose: This profile setting refers to the Default password set in the template used within a Stage Data step of a workflow and is used to encode a password so that it can be applied to newly created objects in AD

  • Syntax:  Profile.DefaultPassword or P.DefaultPassword

  • Location: The Template Settings for Local and Cloud environments

  • Based on the above the use of Profile.DefaultPassword or P.DefaultPassword would return the value entered and masked by the *’s.  It will not be encoded, but rather be in plain text.

AllowTargetAddress

  • Purpose: This function works like a profile setting where it returns the behavior defined within the template. Further details of this function can be found in the function section of this document.

  • Syntax: AllowTargetAddress()

  • Location: This profile setting refers to the setting selected by the user for targetAddress within the template.

  • The allow target address function is used as a condition and should ONLY be used on the targetAddress attribute.  The product will determine the correct course of action based on the selection in the settings.  This setting can be ignored if you remove AllowTargetAddress() from the condition on the default mapping of the targetAddress.

GetGroupType

  • Purpose: Calculate target group type based on profile settings and the source or target object's group type

  • Syntax:  GetGroupType()

  • Location: In the template under Objects – Groups.  The possible setting values vary based on the target environment type.

  • GetGroupType() will look at the setting to determine what group type to create in the target. If the target environment is a local Active Directory, it will determine if it should convert the group to another type, skip it, or create it as-is. If the target environment is Azure AD, it will look at the options allowed to determine how you would like the group created.

GetDN

  • Purpose: Calculate the target DN value using the given cn value and the value of the target DN

  • Syntax:  GetDN(cn)

  • Location:  The default domain

  • Based on the above selection and a user with the source CN of john.smith, the DN of the user would be calculated as CN=john.smith,OU=CW-Test,DC=redfishhotels,DC=com

GetUserAccountControl

  • Purpose: Calculates UserAccountControl value based on profile settings. Applies to Local AD target only.  If the source is a Cloud object, it will read the AccountDisabled Flag and set the object in AD to match the value.

  • Syntax: GetUserAccountControl()

  • Location:  This setting can be in the template under Objects-Users

  • When using this function only 3 settings from about apply.  Enabled, Disabled, and As-Is. The value of UserAccountControl will be set to 512, or 514 based on the values for enabled/disabled, or as it is existing in the source.

General Functions

These functions are used to gather or set values based on other attributes. Some functions will simply return a value and others will return a computed value based on data found within the parameters or complex attribute data.

Lookupvalue

  • Purpose:  Allow you to lookup a value and replace value with returned value leveraging Data Sets

  • Example:

  • lookupvalue("TFH-OUS",S.Department,getdn(cn))

encodePWD

  • Purpose: Used to encode a string password so that it can be applied to newly created objects in Local AD.  This method should not be used to set the password on a cloud object.

  • Syntax:  EncodePwd(password)

  • Example:

    Target Attribute    : unicodePwd

    Value        : EncodePwd(Profile.DefaultPassword)

    Condition    : Action = "create"

GetAccountDisabled

  • Purpose: Calculates whether to create a target cloud object as enabled or disabled. This does not apply to local AD environments. If the source is a local AD object, the function will read the UserAccountControl and determine if the object should be enabled or disabled.

  • Syntax: GetAccountDisabled()

  • Example:  This example is also a default mapping for cloud environments. It will set the account as enabled or disabled if we create the object, or update an object that was created by Power365 Directory Sync. The limit of only updating objects created by Power365 Directory Sync can be removed by removing everything in the condition field.

    Target Attribute    : AccountDisabled

    Value        : GetAccountDisabled()

    Condition    : Action = "create" or (Action = "update" and Target.HasCreateStamp)    

ReplaceDomain

  • Purpose: Replaces the domain part of the given attribute with the value specified.

  • Syntax: ReplaceDomain(attribute, value)

  • Attribute can be any attribute that contains an @domain…. Value

  • Value specified can be text or anything that represents a domain name.

  • Example 1:

    This example replaces the Domain value of the source userPrincipalName with the domain value selected in the Stage Data step of a workflow

    Target Attribute    : userPrincipalName

    Value        : ReplaceDomain(S.userPrincipalName, Profile.TargetDomain)

    Condition    : Null    

  • Example 2:

    This example replaces the Domain value of the source Target address with the domain value selected in the Stage Data step of a workflow

    Target Attribute    : TargetAddress

    Value        : ReplaceDomain(S.TargetAddress, Profile.TargetDomain)

    Condition    : AllowTargetAddress()

GetProxyAddresses

  • Purpose: Create list of Proxy addresses removing any duplicates that are found.

  • Syntax: GetProxyAddresses(SourceProxyAddresses,TargetProxyaddresses, address1,Address2,address3)

  • Example:   Local to Local environment merge Source and Target Proxyaddresses in Target Object

    Target Attribute    : Proxyaddresses

    Value        :  GetProxyAddresses(S.proxyAddresses, T.proxyAddresses, prefix(Result("mail"), "SMTP:"), prefix(legacyExchangeDN, "x500:"), prefix(Result("legacyExchangeDN"), "x500:"))

    Condition    :

  • Example:   Cloud to Cloud environment.  SourceProxyAddresses is set to Null by default to avoid errors adding domains which are not accepted by Office 365.

    Target Attribute    : Proxyaddresses

    Value        :  GetProxyAddresses(null, T.EmailAddresses, prefix(Result("WindowsEmailAddress"), "SMTP:"), prefix(LegacyExchangeDN, "x500:"))

    Condition    :

GetLegacyExchangeDN

  • Purpose: Generate a legacyExchangeDN value using the given exchange org and cn.

  • Syntax: GetLegacyExchangeDN(exchangeOrg, cn)

  • Example: Set the legacy exchange DN for a user in the target

    Target Attribute    : legacyExchangeDN

    Value        : GetLegacyExchangeDN(Target.ExchangeOrg, ObjectId)

    Condition    : Null

GetObjectClass

  • Purpose: Calculates the objectClass from profile settings and the source or target object's class

  • Syntax: GetObjectClass()

  • Example:  Add (contact) to the end of DisplayName if the target object is a contact, if not a contact set same as the source.

    Target Attribute    : DisplayName

    Value        : if(GetObjectClass()="contact", S.DisplayName+" (Contact)", S.DisplayName)

    Condition    :

GetTargetAddress

  • Purpose: Calculates targetAddress, by using source primary SMTP, mail, or userPrincipalName

  • Syntax: GetTargetAddress()

  • Example:  Set the target address for a user with the following attributes

  • UPN Mail attribute first.m.last@domain.com

  • Primary SMTP address first.last@domain.com

  • UPN first.last@domain.com

    Target Attribute    : targetAddress

    Value        : GetTargetAddress()

    Condition    :

        This will result in the value of SMTP being used.

GetRecipientTypeDetails

  • Purpose: Determines the correct value for RecipientTypeDetails or msExchRecipientTypeDetails

  • Syntax: GetRecipientTypeDetails()

Action

  • Purpose: Action - returns action currently to be taken for this object ("create", "update", or "delete")

  • Syntax: Action = "create"

  • Example: Although action could be used within other functions such as case or if, its typical use will be for a condition. In this case we will set the UPN only on create

    Target Attribute    : userPrincipalName

    Value        : userPrincipalName

    Condition    : action = "Create"

result

  • Purpose: Returns the calculated mapped value of the given attributeName (must be a string)

  • Syntax: result("attributeName")

  • Example: Result is used to gather the value of a mapping which contains a function. This example gathers the results of what the function of the "mail" attribute will be the default value/function for the mail attribute is if(GetObjectClass()="group", ReplaceDomain(WindowsEmailAddress, Profile.TargetDomain), WindowsEmailAddress). The alternative for using result("mail") would be to use the entire function which is present in the mail attribute mapping. The result command allows you to link more complex functions.

    Target Attribute    : proxyAddresses

    Value        :
    GetProxyAddresses(result("mail"), LegacyExchangeDN, result("legacyExchangeDN"))

    Condition    : Null

Target.HasCreateStamp

  • Purpose    : This value is an internal value which determines if Power365 Directory Sync created the object being synchronized. This value verifies the "created by Dirsync" text is present on the correct attribute for the target object type.  

  • Syntax    :  Target.HasCreateStamp

  • Example: You want to set the UserAccountControl value for only objects created by Power365 Directory Sync.

    Target Attribute    : userAccountControl

    Value        : GetUserAccountControl()

    Condition    : Action = "create" or (Action = "update" and Target.HasCreateStamp)

ConvertValue("base64STR", objectGUID)

  • Purpose: This was introduced as part of Power365 DS B2B user capability.  You can now take the GUID of a local objects and set it as a ImmutableID on a cloud object

  • Syntax: ConvertValue("stringtype",objectGUID)

  • The only string type currently available is base64STR

  • Example: ConvertValue("base64STR", objectGUID)

Lookupvalue

These functions are used to gather or set values based on other attributes. Some functions will simply return a value and others will return a computed value based on data found within the parameters or complex attribute data.

Lookupvalue

  • Purpose:  Allow you to lookup a value and replace value with returned value leveraging Data Sets

  • Example:

  • lookupvalue("TFH-OUS",S.Department,getdn(cn))

encodePWD

  • Purpose: Used to encode a string password so that it can be applied to newly created objects in Local AD.  This method should not be used to set the password on a cloud object.

  • Syntax:  EncodePwd(password)

  • Example:

    Target Attribute    : unicodePwd

    Value        : EncodePwd(Profile.DefaultPassword)

    Condition    : Action = "create"

GetAccountDisabled

  • Purpose: Calculates whether to create a target cloud object as enabled or disabled. This does not apply to local AD environments. If the source is a local AD object, the function will read the UserAccountControl and determine if the object should be enabled or disabled.

  • Syntax: GetAccountDisabled()

  • Example:  This example is also a default mapping for cloud environments. It will set the account as enabled or disabled if we create the object, or update an object that was created by Power365 Directory Sync. The limit of only updating objects created by Power365 Directory Sync can be removed by removing everything in the condition field.

    Target Attribute    : AccountDisabled

    Value        : GetAccountDisabled()

    Condition    : Action = "create" or (Action = "update" and Target.HasCreateStamp)    

ReplaceDomain

  • Purpose: Replaces the domain part of the given attribute with the value specified.

  • Syntax: ReplaceDomain(attribute, value)

  • Attribute can be any attribute that contains an @domain…. Value

  • Value specified can be text or anything that represents a domain name.

  • Example 1:

    This example replaces the Domain value of the source userPrincipalName with the domain value selected in the Stage Data step of a workflow

    Target Attribute    : userPrincipalName

    Value        : ReplaceDomain(S.userPrincipalName, Profile.TargetDomain)

    Condition    : Null    

  • Example 2:

    This example replaces the Domain value of the source Target address with the domain value selected in the Stage Data step of a workflow

    Target Attribute    : TargetAddress

    Value        : ReplaceDomain(S.TargetAddress, Profile.TargetDomain)

    Condition    : AllowTargetAddress()

GetProxyAddresses

  • Purpose: Create list of Proxy addresses removing any duplicates that are found.

  • Syntax: GetProxyAddresses(SourceProxyAddresses,TargetProxyaddresses, address1,Address2,address3)

  • Example:   Local to Local environment merge Source and Target Proxyaddresses in Target Object

    Target Attribute    : Proxyaddresses

    Value        :  GetProxyAddresses(S.proxyAddresses, T.proxyAddresses, prefix(Result("mail"), "SMTP:"), prefix(legacyExchangeDN, "x500:"), prefix(Result("legacyExchangeDN"), "x500:"))

    Condition    :

  • Example:   Cloud to Cloud environment.  SourceProxyAddresses is set to Null by default to avoid errors adding domains which are not accepted by Office 365.

    Target Attribute    : Proxyaddresses

    Value        :  GetProxyAddresses(null, T.EmailAddresses, prefix(Result("WindowsEmailAddress"), "SMTP:"), prefix(LegacyExchangeDN, "x500:"))

    Condition    :

GetLegacyExchangeDN

  • Purpose: Generate a legacyExchangeDN value using the given exchange org and cn.

  • Syntax: GetLegacyExchangeDN(exchangeOrg, cn)

  • Example: Set the legacy exchange DN for a user in the target

    Target Attribute    : legacyExchangeDN

    Value        : GetLegacyExchangeDN(Target.ExchangeOrg, ObjectId)

    Condition    : Null

GetObjectClass

  • Purpose: Calculates the objectClass from profile settings and the source or target object's class

  • Syntax: GetObjectClass()

  • Example:  Add (contact) to the end of DisplayName if the target object is a contact, if not a contact set same as the source.

    Target Attribute    : DisplayName

    Value        : if(GetObjectClass()="contact", S.DisplayName+" (Contact)", S.DisplayName)

    Condition    :

GetTargetAddress

  • Purpose: Calculates targetAddress, by using source primary SMTP, mail, or userPrincipalName

  • Syntax: GetTargetAddress()

  • Example:  Set the target address for a user with the following attributes

  • UPN Mail attribute first.m.last@domain.com

  • Primary SMTP address first.last@domain.com

  • UPN first.last@domain.com

    Target Attribute    : targetAddress

    Value        : GetTargetAddress()

    Condition    :

        This will result in the value of SMTP being used.

GetRecipientTypeDetails

  • Purpose: Determines the correct value for RecipientTypeDetails or msExchRecipientTypeDetails

  • Syntax: GetRecipientTypeDetails()

Action

  • Purpose: Action - returns action currently to be taken for this object ("create", "update", or "delete")

  • Syntax: Action = "create"

  • Example: Although action could be used within other functions such as case or if, its typical use will be for a condition. In this case we will set the UPN only on create

    Target Attribute    : userPrincipalName

    Value        : userPrincipalName

    Condition    : action = "Create"

result

  • Purpose: Returns the calculated mapped value of the given attributeName (must be a string)

  • Syntax: result("attributeName")

  • Example: Result is used to gather the value of a mapping which contains a function. This example gathers the results of what the function of the "mail" attribute will be the default value/function for the mail attribute is if(GetObjectClass()="group", ReplaceDomain(WindowsEmailAddress, Profile.TargetDomain), WindowsEmailAddress). The alternative for using result("mail") would be to use the entire function which is present in the mail attribute mapping. The result command allows you to link more complex functions.

    Target Attribute    : proxyAddresses

    Value        :
    GetProxyAddresses(result("mail"), LegacyExchangeDN, result("legacyExchangeDN"))

    Condition    : Null

Target.HasCreateStamp

  • Purpose    : This value is an internal value which determines if Power365 Directory Sync created the object being synchronized. This value verifies the "created by Dirsync" text is present on the correct attribute for the target object type.  

  • Syntax    :  Target.HasCreateStamp

  • Example: You want to set the UserAccountControl value for only objects created by Power365 Directory Sync.

    Target Attribute    : userAccountControl

    Value        : GetUserAccountControl()

    Condition    : Action = "create" or (Action = "update" and Target.HasCreateStamp)

ConvertValue("base64STR", objectGUID)

  • Purpose: This was introduced as part of Power365 DS B2B user capability.  You can now take the GUID of a local objects and set it as a ImmutableID on a cloud object

  • Syntax: ConvertValue("stringtype",objectGUID)

  • The only string type currently available is base64STR

  • Example: ConvertValue("base64STR", objectGUID)

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen