I'm trying to update affiliations when a person is added/removed from PersonInOrg. The update is working correctly using a process with an Insert event. However, the delete event does not work - I believe it is firing the delete event, but it seems to update affiliations using the data before the deletion occurs. So now I'm trying to use an OnDiscarded table script in the PersonInOrg table, but it doesn't seem to be working either. I'm wondering if the user info is already gone by the time the OnDiscarded script runs?
Below is the script I'm using. Any suggestions?
Dim affiliation As String = "" Dim scopedAffiliation As String = "" Dim f As ISqlFormatter = Session.SqlFormatter Dim eLDAPAccountEnt As IEntity
affiliation = VI_Build_Affiliations( $UID_Person$, "CCC_scopedAffiliation", "0") scopedAffiliation = VI_Build_Affiliations( $UID_Person$, "CCC_scopedAffiliation", "1") If Not String.IsNullOrEmpty($UID_Person$) Then Dim qPerson = Query.From ("LDAPAccount") _ .Where(f.AndRelation(f.UidComparison("UID_Person", $UID_Person$), _ "UID_TSBAccountDef In (SELECT UID_TSBAccountDef FROM LDAPAccount INNER JOIN TSBAccountDef ON LDAPAccount.UID_TSBAccountDef = TSBAccountDef.UID_TSBAccountDef WHERE TSBAccountDef.Ident_TSBAccountDef = N'Enterprise Directory Account')")) _ .Select ("UID_LDAPAccount", "CCC_affiliation", "CCC_scopedAffiliation") eLDAPAccountEnt = Session.Source.GetCollection(qPerson).FirstOrDefault If Not eLDAPAccountEnt Is Nothing Then If Not affiliation = eLDAPAccountEnt.GetValue("CCC_affiliation").String Then eLDAPAccountEnt.PutValue("CCC_affiliation", affiliation) If Not scopedAffiliation = eLDAPAccountEnt.GetValue("CCC_scopedAffiliation").String Then eLDAPAccountEnt.PutValue("CCC_scopedAffiliation", scopedAffiliation) eLDAPAccountEnt.Save(Session) End If End If
In reply to Markus Weiss-Ehlers:
In reply to ellen:
Please take a look at the following community thread.
The events that will be fired for M:N tables are Assigned and Removed.
As described here in the documentation https://support.oneidentity.com/technical-documents/identity-manager/8.0/configuration-guide#TOPIC-860836 the mentioned events will be fired.
If you cannot see the events in Object Browser, you do not have a process assigned listening to those events.
Thanks for the help Markus. I added a new 'Remove' event to the process but it isn't triggering on a deletion. It will trigger on Insert, and it was triggering on Delete, but nothing with Remove. Any idea what I could be doing wrong here? Here's a shot of the events, if that helps at all.