• No replies
9855 Posts

Pinned topic ITIM 4.5.1. Person creation and duplicate userid problem

‏2008-07-03T11:56:15Z |

We are using the Tivoli Identity Manager 4.5.1. running in WebSphere cluster in Linux.

The person creation operation has several attributes eg. Last, first and fullname, userid, phone and aliases. The userid is an optional parameter, which is generated automatically unless it has been given by the administrator. The userid parameter is defined as 'description' parameter in the LDAP.

The userid can be given by the administrator and then the Tivoli verifies the given userid. If it exists, then it is modified by adding an index value at the end of the given userid.

Eg. Admin creates person with userid 'tteste'. The userid 'tteste' exists, so Tivoli modifies the userid by changing it to 'tteste1'. I guess that most of the Tivoli implementations work like this.

Now, the problem is that in the above case all the accounts associated with the person creation get the new userid 'tteste1', but the person creation attributes get the old value 'tteste'. I would like to know, how Tivoli can be configurated to add this new uid value to the person attributes 'description' and 'aliases'?

I have tried to modify our identity policy javascript, which generates and validates the userid, by replacing the 'description' attribute with the new value.

function createIdentity()
var baseidentity = subject.getProperty("description");
// identity = verify and modify the uid, if neeeded
subject.setProperty("description", identity);

But this does not seem to work. According to the Tivoli documentation, subject.setProperty does not update the data repository.

I would be very happy, if someone could give me instructions how to implement above requirement to our Tivoli software?