0 votes

I'm customizing a New User Creation web form that exposes the samAccountName field (User Logon Name Pre-2000) which is auto-generated according to a user property pattern (%lastname:lower%%firstname:lower,1%) but remains uneditable.

In other words, what I'd like is for folks to know what the auto-generated username will be as they type out the First Name/Last Name field but not allow them to make changes to it.

Is this possible?

by (610 points)

1 Answer

0 votes
by (216k points)

Hello,

Doing what you exactly want is, unfortunately, impossible, but we suggest the following workaround: you may create a Business Rule that would write the samAccountName property of the newly created user to the Execution Log of the Create User operation. This Execution Log is displayed in the Web Interface when the Create User operation completes, so the user who creates a new user account will be able to see the samAccountName property in the log.

To do this:

  1. Create a new Business Rule.

  2. On the 2nd page of the Business Rule creation wizard, select User and After Creating a User.

  3. On the 3rd page of the wizard, add the Run a program or PowerShell script action and paste the following script:

     $accountMessage = "The logon name of this user account is "
     $accountMessage += $Context.GetModifiedPropertyValue("samAccountName")
     $Context.LogMessage("$accountMessage", "Information")
    
  4. Optionally, you may add the If the operation succeeds condition for the Business Rule. Without this condition, the log message will appear independently of whether the operation succeeds or fails (for reasons why the operation may fail, see below). To add such a condition:

    • Click Always in the set of actions and conditions of the Business Rule.
    • Choose the If operation <result> condition and select If the main operation succeeded.
    • Click OK.

  5. Save the Business Rule.

  6. Hide the User Logon Name field from the user creation form (see step 5 of the Customize Forms for User Creation and Editing Tutorial).

Note, however, that this workaround has a significant drawback. Not allowing users to edit the samAccountName property directly may result in the Create User operation to fail as 2 different users may have the same surname and first initial (that is, they will have the same logon name generated by the User Property Pattern). To workaround this issue, we also suggest you to use the script that automatically adds a digit to the username if it is not unique (see the Validate/Modify User Input Using a Script Tutorial, the actual script is in Example 2 of step 5).

0

Thank you for the detailed response!

We do in fact use a script that ensures the uniqueness of the username and if a duplicate is found then another username is auto-generated (using a script we obtained from you :)

I believe the solution you provided might work for us. Is there any way to display this message as HTML so it could be in bold, or larger font?

0

Is there any way to display this message as HTML so it could be in bold, or larger font?

No, unfortunately, this is impossible.

Related questions

0 votes
1 answer

Is it possible to script having users added (or removed) from a Security Group based on another AD Attribute? I have found ways to do this in Powershell (something like): ... just utilize the PS script and just run it through Adaxes on a timed fashion? Thanks!

asked Oct 7, 2014 by PunkinDonuts (360 points)
0 votes
0 answers

Here is an example: In Azure the manager shows populated: In Adaxes it shows a blank:

asked Dec 2, 2022 by adaxes_user2 (40 points)
0 votes
1 answer

I was just wondering what property the %username% alias is for and is there a list somewhere of the alias' included and what they are aliases to Thanks!

asked Apr 12, 2013 by bemho (520 points)
0 votes
1 answer

If we switch to SSL is the portal considered secure enough to be exposed to the internet on 443?

asked Jan 12, 2015 by auser42 (340 points)
0 votes
1 answer

Is it possible to create a business unit and have it auto populate with group owners in a specific OU. I've tried a few scripts to get propertie adm-managedbylist but none have worked so far.

asked 5 days ago by C27 (20 points)
3,548 questions
3,239 answers
8,232 comments
547,814 users