Transform Map script to insert new user to proper Group

Scott B1
Kilo Contributor

We have AD/SSO user provisioning enabled in our system and want to auto-assign users to groups based on their Department.  This is to set enrollment rules for password reset.

I have this functioning in a business rule if the user is created manually or imported.  But, when user is created via SSO, the business rule does not run and no group assignment record is added.

Where within the transformation map should script be invoked (main script, at a field map, or in a Before/After transform script), and should the function be contained within the transformation or should it call a script-include?

Here's my functioning Business Rule:

BUSINESS RULE to add users to Groups AFTER checking value
Name:	Add ISD Group - New Users
Table:	sys_user
When to run:	After insert
Script:
(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	var gr = new GlideRecord('sys_user_grmember');
	gr.initiate();
	gr.user = current.sys_id;
	//  gr.group = 'sys_id of the group you want to add the user to';
	
	if (current.department == "28ad60ecdbd96700f4563892399619ad") {  
                // Use the following Group sys_id values...
		// Information Services Department == '37468e1edb52e7c0f4563892399619da'
		//               Non ISD Personnel == '6ee6c29edb52e7c0f456389239961990'
		gr.group = '37468e1edb52e7c0f4563892399619da';
		gr.insert();
	}
	else	{
		gr.group = '6ee6c29edb52e7c0f456389239961990';
		gr.insert();
	
	}
	
})(current, previous);
1 REPLY 1

Tony Chatfield1
Kilo Patron

Hi, I use an after transform script to update roles for my users and think this is appropriate place to carry out such actions as you would want you user record to exist before you tried to map them to any groups - just like the BR.
If you converted the body of your BR to a script include, you could utilize the same function\code via the BR and transform script.