(WAL) – Workflow Example – Create Admin Accounts

This post has been republished via RSS; it originally appeared at: Core Infrastructure and Security Blog articles.

First published on MSDN on Jan 25, 2016

The following Example is an illustration of how the Create Resource Workflow Activity could be used,

This workflow can be used to create an account based off of an existing account in the FIM / MIM Portal. In this workflow i create an account to be used as an Admin Account with all attributes equal to the "base account" except for the Display Name and the Account Name. For this workflow to work the way i want I have RCDC Controls that only allow Uses in the FIM / MIM Portal that are already listed as "Admins" to be to put in a request for someone to have an "admin account" once the portal request is approved a Boolean attribute is set as "true" and the following workflow is triggered which creates the "admin account for the general user.

  • Click on New

  • Enter the name for your Workflow (I start all my workflows with an "_" which makes it easy to identify all non custom workflows.

  • For Workflow Type Select

    • Action

  • For Run On Policy Update

    • (Leave unchecked)

  • Click on Next

  • For Add Activity Select

    • WAL: Create Resource

  • Click on Select

  • For Activity Display Name type something like "Create Admin Account" or what ever you wish to call this activity.

  • For Resource Type

    • Person

  • For Advanced Features

    • (Leave Unchecked)

  • For Attribute Population add the following

Value Expression Target
[//Target/DisplayName]+"_AD" DisplayName
[//Target/AccountName]+"_AD" AccountName
[//Target/FirstName] FirstName
[//Target/LastName] LastName

Of course the above 4 attributes are just a a display of the format and how to configure the workflow, im sure you would want more attributes set on your new accounts.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.