- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-11-2017 12:40 AM
Can anyone from SNOW please confirm, that GlideLDAPGroups.setMembers() ignores the setting "Run business rules" of caller transformation map?
We import our SNOW users and groups from LDAP. For that purpose we employ out-of-the-box SNOW solution: stock onAfter transform script on group transformation, that contains the following code:
//
// After a group has been inserted the line of code below will get
// all the users that belong to the group according to LDAP and
// put the users into this group. This is done by getting
// the value from the u_members field from the source record.
// If you do not want to put the users in the group then you
// can comment out or remove the line below. If you are using
// something other than Active Directory and user membership is
// not indicated via the 'member' attribute then you can add the
// following line to indicate what field should be used. This
// line would be added before the the call to addMembers.
//
ldapUtils.setMemberField('u_roleoccupant');
//
ldapUtils.addMembers(source, target);
ldapUtils is initialized in onStart transform script with an instance of LDAPUtils. The latter is located among stock Script Includes, and contains this relevant code snippet:
addMembers : function(source, target) {
var ge = source.getElement(this.members);
var geString = null;
if (ge && !ge.isNil()) {
this._log(ge.toString());
geString = ge.toString();
}
var group = new GlideLDAPGroups(target, geString);
group.setMembers();
},
Now, GlideLDAPGroups.setMembers() inserts records in sys_user_grmember.
We have a business rule deployed on that table, which functions reliably on manual group membership manipulations in SNOW.
Despite flag "Run business rules" is set on our LDAP groups import transformation map, this business rule does not run when group membership records are created by this transformation map calling GlideLDAPGroups.setMembers()
I presume it's a "feature" of GlideLDAPGroups.setMembers()and I ask SNOW insiders for confirmation.
Thanks in advance.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-24-2017 12:48 AM
Hi Oleksiy,
I got an answer in a related case with ServiceNow. Apparently GlideLDAPGroups.setMembers() is NOT triggering any BR on table Group Member [sys_user_grmember] if there are NO roles associated on the group in question. So it will work if memberships to groups with roles are added but not without.
Cheers, Johan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-15-2020 06:58 PM
Incidentally, the sys_user_grmember business rules run as expected if associating users and groups in the UI. The role requirement only seems to affect background imports.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-28-2023 06:36 PM - edited ‎08-28-2023 06:37 PM
I want to have a probelm Do you know After a group has been inserted the line of code below will get
all the users that belong to the group according to LDAP and
put the users into this group. This is done by getting
the value from the u_members field from the source record. I want to ask the all the users that belong to the group
according to LDAP but the userID is differenced how to do work.
as pr.userID and pd.userId
pr.userId is belong to prGroup
pd.userId is belong to pdGroup
Now the script is pr.userId is belong to prGroup and pdGroup and it is wrong.
ldapUtils.addMembers(source, target);
