LDAPUtils setManager

Giri6 · ‎08-31-2020

I am trying to understand setManager method of LDAPUtils class. It is using GlideLDAPUserUpdate class. Is there any documenation on it? I tried to search in studio in all scopes.

What does getManagerValue() does here?Is it receiving canonical form of manager and returing reference to corresponding manager in sys_user tabe?

I also would like to know what is the processManager() doing here. I think this need to be called in "oncomplete". Is there any reason?

Is there anyway to test this functionality on PDI either using any test ldap server in ldap or simulating using data?

I also find onBefore has the following code. what is it doing?

var ctrl = parseInt(source.u_useraccountcontrol, 10);
ctrl = ctrl.toString(16);

//The relevant digit is the final one
//A final hex digit value of '2' in 'ctrl' means disabled
if (ctrl.substr(-1) == "2") {
   target.active = false;
   target.locked_out = true;
   if (action == 'insert')
      ignore = true;
} else {
   //Optional: Reactivate and unlock the user account
   target.active = true;
   target.locked_out = ctrl.substr(-2, 1) == "1";
}

...................................

Appreciate it. Here is the code I am referring to

-----------

setManager: function(source, target) {
       var ge = source.getElement(this.manager);
       if (!ge || ge.isNil())
          return;

       this._getLdapUserUpdate();
       var ldap = new GlideLDAPUserUpdate();
       var mid = this.ldapUserUpdate.getManagerValue(target, ge.toString());
       if (mid == null)
          return;

       target.manager = mid;
    },

    processManagers: function() {
       if (this.ldapUserUpdate == null)
          return;

       this.ldapUserUpdate.processManagers();
    },

    _getLdapUserUpdate : function() {
       if (this.ldapUserUpdate != null)
          return;

       this.ldapUserUpdate = new GlideLDAPUserUpdate();
    },

Anusha Reddy1 · ‎09-04-2020

LDAPUserUpdate is a Java class that is being accessed by JavaScript. It has the utilities necessary to map the manager based on the LDAP source's manager entry. It's mapping the DN of the manager to an actual user on the ServiceNow user table.No much documentation on it.

getManagerValue():

This code takes the value from the manager attribute (DN) for a user and queries for the manager user record by matching the DN to the source field on sys_user. I would start by looking at the existing users to make sure the source field values are correct, then checking the import table to make sure the DN and manager DN values are correct.

var mid = this.ldapUserUpdate.getManagerValue(target, ge.toString()); -- This line returns sysid of the Manager by passing the DN in ge.toString() from sys_user record.

example DN value: "CN=Cook\, Dave..."

SetManager - Locates the manager that matches the DN value and set it into the target record (sys_user table Manager value).This runs while transform starts.

Process managers - There might be some scenarios where the manager for a user doesn't exist in user table (When getManagerValue code tries to locate with manager DN value).The processManagers call will find all those records for which a manager could not be found and attempt to locate the manager again. This happens at the end of the import (so it is onComplete)and therefore all users should have been created and should be able to locate the manager at this point.

onBefore tranform script:

userAccountControl - is one of the attribute that comes from LDAP which specifies a value that determines if the user account is active/deactivated etc..

The code first converts the useraccountcontreol value to a hexadecimal value and if that value is "2" the user account will be made inactive and locked out.If the same user is made active after some time period the same script runs the else part and makes it active.

View solution in original post

Anusha Reddy1 · ‎09-04-2020