How to remove values in eTADSPayload (Extended Attributes)

Document ID : KB000015835
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

In a termination/offboarding use case, Active Directory accounts must be closed off but not deleted for future rehire. One of the actions in the process is to remove values of the extended attributes in payload.

An existing AD account contains those above values:

pic1.PNG

 

The eTADSPayload would look like this in Provisioning Directory:

msExchPoliciesExcluded:01:0038={26491CFC-9E50-4857-861B-0CB8DF22B5D7};msExchRemoteRecipientType:01:0001=1;msExchUsageLocation:01:0002=AU;

Question:

How to remove those values?

Environment:
IM R12.6 SPx.Information in this techdoc is tested on R12.6 SP2.
Answer:

Those attributes cannot be removed but can be reset to a blank value using Policy Xpress (PX). Here is the story:

1. Create a PX that is triggered in a certain condition. In this techdoc, disabling a corporate user will fire the PX to re-set their account's payload

Select an appropriate event to trigger the PX, for example:

pic2.PNG

 

Create relevant data elements to use in Action Rules, for example:

pic3.PNG

Set appropriate conditions to invoke action rules, for example, userID contains "test" string and has disable status (=1).

 

pic6.PNG

 

Add an Action Rule to reset the payload with blank values:

msExchPoliciesExcluded:01:0000=;msExchRemoteRecipientType:01:0000=;msExchUsageLocation:01:0000=; 

Put the above data in the Value field of the payload:

 

pic5.PNG

Save the PX.

2. Run a task to trigger the condition for the PX to fire. Verify that the attributes msExchPoliciesExcluded, msExchRemoteRecipientType, and msExchUsageLocation are set to <not set> in AD.