This content has been marked as final. Show 2 replies
I assume that here you are talking about AD TRUSTED RECONCILIATION and you don't have any other TRUSTED Reconciliation and this is the only way to bring users into OIM, then you can create a role and attach a membership rule say "Organization doesn't contain ZZZZ". It will satisfy all the users
CONS: Here you won't be able to distinguish between users which are creating through Admin Console or from AD Trusted or from some other Trusted Recon.
Now if you want only those users who are coming from AD then Add a task on Reconciliation Insert/Update Received and add user into Role using APIs.
thanks for helping
The first solution, to create a rule and adding to a role membership works. But if you said, i cannot distinguish if the user come from AD Trusted recon or from Admin console.
I prefer the second solution. What do you mean with API? Eventhandler?