Setting group owner in FIM via Workflow

I just had to create a workflow to set the group owner in FIM and details were a little scarce on the Internet on how to do this.

I’m new to FIM, so this may not be the by-the-book approach (since I haven’t FOUND a book yet), but here’s what I did.

1. Started with the Ensynch sample project on Codeplex. (http://www.codeplex.com/ILM2WFActivity/Release/ProjectReleases.aspx?Rele…)
2. Read the PDF from the same site.
3. In addition to the currentRequestActivity, I added a codeActivity and followed that with an updateResourceActivity.
4. In the code view of the Activity designer page, I added a new function “setGroupOwner”. (See code at bottom of post. I’ve left a couple of commented out lines that were used before I had the ResourceId as a parameter in the UI.)
5. Back in the design view, on the codeActivity, set the “ExecuteCode” property to “setGroupOwner”.
6. On the updateResourceActivity, bind the ResourceId property to “TargetId” and bind the UpdateParameters field to “MyUpdateParameters”. (Thanks to the CShark post for this instruction. http://c–shark.blogspot.com/2009/02/generate-accountname-in-ilm-2-custo…) If you have trouble, check out this other post: http://c–shark.blogspot.com/2009/03/caution-binding-multi-valued-activi…
7. I created a parameter in the UI for the ResourceId by basically finding all instances of “txtActivityName” and “logActivityName” and using those as a template for a new one called “txtResourceId” and “logResourceId”.
8. Used the Ensynch PDF guide to follow the rest of the instructions on deploying the workflow. (Note: I got an access denied error when trying to create the Activity Information Configuration. Going to “Search Requests” showed me which MPR was blocking the request. On the Targeted Resourced of the MPR, you can browse and filter on Activity Information Configuration and see the attributes you might need to add.)
9. When it came time to create the workflow, I already had one that was calling an inbound sync rule for groups and I added the GroupOwnerActivity as another action on that existing workflow.

Short and quick post because I am in deadline crunch mode, but I hope it saves someone else some time and research. Would love to know if it helps you or if anyone sees any problems with this approach.

//SET GROUP OWNER
private void setGroupOwner(object sender, EventArgs e)
{
try
{
ReadOnlyCollection requestParameters = this.currentRequest.ParseParameters();
//— Tell the UpdateResourceActivity to update the Target object.
TargetId = currentRequest.Target.GetGuid();
//— Add the account name to the update parameters.
updateResourceActivity1.UpdateParameters = new UpdateRequestParameter[]
{
new UpdateRequestParameter(“Owner”, UpdateMode.Modify, new Guid(this.LogResourceId)),
//new UpdateRequestParameter(“Owner”, UpdateMode.Modify, new Guid(“fb89aefa-5ea1-47f1-8890-abe7797d6497”))

new UpdateRequestParameter(“DisplayedOwner”, UpdateMode.Modify, new Guid(this.LogResourceId))
//new UpdateRequestParameter(“DisplayedOwner”, UpdateMode.Modify, new Guid(“fb89aefa-5ea1-47f1-8890-abe7797d6497”))
};

}
catch (Exception ex)
{
this.SimpleLogFunction(ex.ToString(), “”, EventLogEntryType.Information, 10002, 100);
}
}
public Guid TargetId;
public UpdateRequestParameter[] MyUpdateParameters;

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s