This post has been republished via RSS; it originally appeared at: Core Infrastructure and Security Blog articles.
First published on MSDN on Sep 02, 2016In a previous post “ Basic Projection into the Metaverse ” we discussed how to enable and configure basic Projection into the Metaverse.
This post will focus on 2 types of Rules Extensions to be used for Projecting objects in the Metaverse.
Keep in mind that the MVObjectType must be defined with a value that matches the name of an Object Type in the Metaverse and remember “CASE” matters. If you would like to verify what objects are defined in the Metaverse and the spelling an case, navigate to your Synchronization Service and check the Metaverse Designer
Now lets look at the extensions that can be used to determine if an object should be projected.
Standard Projection Rules Extension:
This type of Projection rules is usually focused on 1 single MA and a single object type, with other MA's and Object Types using a different extension to determine if an object is to be projected or the MA uses the basic declared projection set on the MA.
So lets look at what some code might look like to be used for this type of extension.
[csharp]
bool IMASynchronization.ShouldProjectToMV(CSEntry csentry, out string MVObjectType)
{
MVObjectType = "foreignSecurityPrincipal";
bool ShouldProject = false;
if (csentry["whatever"].StringValue.Length >= 30)
{
ShouldProject = true;
}
return ShouldProject;
}
[/csharp]
Now lets take a look at what more a more complex extension might look like, I made the the Projection for ADMA1 and ADMA2 a basic “ShouldProject = true” and for the 3rd MA “ADMA3” I added the more advanced logic which in this example is still not that advanced but should be able to give you an idea of how to build the code. Remember all path's must return a value of either “true” or “false”. In this example I show how to use a switch statement for the MA that is running as well as the object type that is being processed. what the below code is doing during a sync is it looks to see which MA is running by looking at the MA.Name in the switch statement and when a particular MA is running for example the Fabrikam SPMA which is defined for the variable of “ADMA3” and matches the case statement, the next switch statement is hit where it determines what the object type that is being synced is and if the object type matches that case than the code for that case is processed.
Advanced Projection Rules Extension:
Used to determine if an object should be projected from a single or multiple MA’s but for a single MVObject Type and using the same code.
Perhaps you have multiple Management Agents that have specific criteria to when an object should be projected as well as multiple object types to be projected and all Management Agents need to point to the same .DLL.
[csharp]
bool IMASynchronization.ShouldProjectToMV(CSEntry csentry, out string MVObjectType)
{
string fsp = "foreignSecurityPrincipal";
const string FSP = "foreignSecurityPrincipal";
const string ADMA1 = "Contoso ADMA";
const string ADMA2 = "Fabrikam ADMA";
const string ADMA3 = "Fabrikam SPMA";
bool ShouldProject = false;
MVObjectType = null;
switch (csentry.MA.Name)
{
case ADMA1:
{
MVObjectType = "person";
ShouldProject = true;
}
break;
case ADMA2:
{
MVObjectType = "group";
ShouldProject = true;
}
break;
case ADMA3:
switch (csentry.ObjectType)
{
case FSP:
{
MVObjectType = fsp;
if (csentry["cn"].StringValue.Length >= 30)
{
ShouldProject = true;
}
}
break;
default: throw new EntryPointNotImplementedException();
}
break;
}
return ShouldProject;
}
[/csharp]
Questions? Comments? Love FIM so much you can’t even stand it?
>WE WANT TO HEAR FROM YOU<