When configuring Provisioning for use by your new users you will want to ensure that they provide all the details that your directory requires for a valid user account. Here we'll detail a configuration and provide some tips for how you can set these options.
Each Primary Directory will have a preconfigured Department named Default, each department can be used to create a simple area for user creation, or a template of a user account that can be used as a guide. If you are likely to require different configurations for users then you can create these as multiple different departments. For example, if you using an Active Directory connector and wish to create users in different locations of the AD you can create a new department for each one and set the creation target to each of the locations. You can use the Create New Department option to create a department with the default settings, or you can select the Copy Department option to create a copy of a selected department.
Changing the default value of an attribute
When creating a new account with a default department the system will request a notification address (Email or Mobile based on the department configuration), the user's first and last names, their initials, and a password to assign. The first and last names will be used to create the username, to begin let's change how the username is constructed.
The Expression field here shows that the username is made by taking the values in the “givenName” and “sn” fields and adding a period between them. If we were to check these two attributes field we would find that by default these are filled from the details provided at user creation. In this case let's change the username to use the first letter from the user's firstname and then add the full surname. The expression required would be:
givenName.slice(0, 1) + sn
The .slice(0, 1) entry forces the attribute to only pull the first letter of the value is is accessing. You can use these digits to change the number and location of characters used, for example (0, 5) would use the first five characters.
Setting an Attribute Value with another Attributes
In some cases you may want the user account email address to be the same as the one used for the approval notifications.
This can be achieved by providing the attribute "notificationEmail" as the Expression value. The email address that the user enters will now be set as the user email as well.
There are a number of attributes that can be used to access the contact details provided and use them in other attributes, these are:
- notificationMedia: When you create or edit a department you can set how notifications are sent, either by Email or SMS. This attribute will pull the setting that is active for the selected department.
- notificationAddress: This attribute will pull whatever value is currently in the notification field.
- notificationEmail: This will only pull notification addresses that are email addresses.
- notificationMobile: This will only pull notification addresses that are phone numbers.
Setting values for Hidden Attributes
Some attributes may need to be set but use the same value for all users in the department, or directory, you can keep these hidden and instead provide the values directly through department.
For example if you set the address attributes these will mostly be the same for all users so you can set these to use the same values automatically.
Setting Optional Attributes
There are some occasions where you will simply want the users to add their details from an attribute manually.
Here the Job Title attribute will be provided empty; however as the Provision Visibility is set to Required the user MUST provide an entry during the approval creation.
