What is the best way to enable/disable user account in a target system?

This topic has 0 replies, 1 voice, and was last updated 6 years, 4 months ago by Anonymous.

  • Author
    Posts
  • #3088
     Anonymous
    Inactive

    Hi,

    What is the best way to enable/disable user account in a target system?
    I found the next way – I have created 2 roles like this one:

    {
      "_id": "AD_Account_Disabled",
      "assignments": 
      {
        "AD": 
        {
          "attributes": 
          [
            {
              "name": "__ENABLE__",
              "value": "false"
            } 
          ]
        }
      }
    }

    Second role has “value” : “true”.
    And I have written the next code in a mapping IDM –> AD in the sync.json:

                "assignmentsToMap" : [
                    "AD"
                ],
    

    Now if I will assign “AD_Account_Disabled” role and will unassign “AD_Account_Enabled” role at the same time an user account in AD will be disabled and vice versa.
    Maybe anyone have better idea?

    p.s. I have tried to modify value of the attribute __ENABLE__ inside “effectiveAssignments” tag inside a managed user object, but this doesn’t work (nothing was happened).

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?