Grouper Users - Open Discussion List

[Jeffrey Williams <>]

I'll take a stab with:

${group.eValue("mail", false).replace(":","-")}

I do something similar in our Google Groups connector in dev, so that it'll replace our @uncg.edu's with @uncg.net's

-Jeff

On Thu, Jun 7, 2018 at 1:42 PM, Coleman, Erik C <> wrote:

I am progressing with PSPNG running pretty smoothly now, so I’m moving on to prettying up the data, but encountered another snag… we are pushing most groups to a single flat OU, using the ${group.name} the group as the CN (i.e., “stem1:mygroup”). And by default, if you don’t specify samAccountName in groupCreationLDIFTemplate, that ends up getting assigned a random value by AD, which is rather ugly and unusable in some interfaces.

 

I’d like to set the samAccountName to something equally unique, but of course I cannot use “:” colon characters in AD group names so ${group.name} fails. Setting samAccountName to ${group.extension} is potentially not unique if I have two groups with the same extension (i.e., “stem1:mygroup” and “stem2:mygroup”). 

 

So is there some clever JEXL trick that I can do to replace “:” with a hyphen “-“ in the ${group.name}?  Or can I do something like “${group.parentStem}-${group.extension}”?  Does anyone have some LDIF templates they’d be willing to share? It is so hard to test JEXL!

 

Thanks!

 

-Erik

 

 

--

Erik Coleman <>

Identity and Acccess Management

Technology Services

University of Illinois at Urbana-Champaign

 

 

--

Jeffrey Williams, Identity Management Specialist
Identity Architecture, ITS
University of North Carolina at Greensboro
256-TECH (256-8324)