Is there a way to retrieve a user's DN without needing the Administrator role?
I have an AW 23.4 enviornment. I have a Lifecycle that has a Human Activity that is assigned to an "Indvidual" using a property that stores the user's DN value. This value is retrieved by a BPM that runs before the human task, in the BPM there is an AW LDAP web service endpoint that is called and the BPM works IF the user has the "Administrator" role assigned. I confirmed with OpenText engineering that the "GetAuthenticatedUsers" web service call requires the Administrator role to execute. This is a problem because these users will not have the Administrator role set. Is there another AW web service that can be called to get the user's DN by providing the user's username value from the "ReadIdentity" or their First Name and Last Name without having to have administrator role to execute the web service?
This is the format that the Human Activity in the lifecycle is expecting:
cn=SVC_AppWorksTest@domain.com,cn=organizational users,o=AccountsPayable,cn=cordys,cn=defaultInst,o=domain.com
Answers
-
Hi minman0615,
If you have a username and if you want to get a DN from this, you do not need any services.
The following message map solves the purpose
concat("cn=",bpm:Message/bpm:Element/text(), substring(instance:instanceProperties/instance:startedBy/text(),pos(instance:instanceProperties/instance:startedBy/text(), ',')))
Explanation
- instance:instanceProperties/instance:startedBy/text() contains the user DN with which BPM is executed. The value will be like this 'cn=sysadmin,cn=organizational users,o=system,cn=cordys,cn=defaultInst,o=opentext.net'.
- Here if we can able to replace cn=system with cn=desiredusername, I believe it addresses your requirement.
- So, first we find the position of ',' (that is after user name) :
Expression: pos(instance:instanceProperties/instance:startedBy/text(), ',')
result: '12' (the index of comma) - Next we make get the substring after ',' including ',' using
Expression: substring(instance:instanceProperties/instance:startedBy/text(),pos(instance:instanceProperties/instance:startedBy/text(), ','))
result: ',cn=organizational users,o=system,cn=cordys,cn=defaultInst,o=opentext.net' - Now we prefix "cn=" and dynamicUserName using
Expression: concat("cn=",bpm:Message/bpm:Element/text(), substring(instance:instanceProperties/instance:startedBy/text(),pos(instance:instanceProperties/instance:startedBy/text(), ','))) - So this will be evaluated as concat("cn=","DesiredUserName",substring("cn=sysadmin,cn=organizational users,o=system,cn=cordys,cn=defaultInst,o=opentext.net,12)) resulting into
"cn=DesiredUserName,cn=organizational users,o=system,cn=cordys,cn=defaultInst,o=opentext.net" - Where bpm:Message/bpm:Element/text() in this example contains username. This expression can be replaced with the desired expression from Identity or any other webservice where user name will be present
Let us know the if you could achieve this
0 -
You can call the "GetUserDetails" LDAP service; when you remove the DN input element you get the current user details including the DN for the current user.
Read this post at "AppWorks Tips" where I use "FindUserByName" to conquer a similar struggle in a BPM.
//Antal
0
Categories
- All Categories
- 123 Developer Announcements
- 54 Articles
- 150 General Questions
- 148 Thrust Services
- 57 OpenText Hackathon
- 37 Developer Tools
- 20.6K Analytics
- 4.2K AppWorks
- 9K Extended ECM
- 918 Core Messaging
- 84 Digital Asset Management
- 9.4K Documentum
- 32 eDOCS
- 186 Exstream
- 39.8K TeamSite
- 1.7K Web Experience Management
- 8 XM Fax
- Follow Categories
