Documentum user creation using Active Directory

2.7k views Asked by At

Is there any way that we can programatically create a Documentum user by using Active Directory information? (I have very little knowledge on ADT and know that it stores user info thats all.)

3

There are 3 answers

15
Max On BEST ANSWER

In Documentum Administrator you can sync the ActiveDirectory Users by running the Job dm_LDAPSynchronization. This should do.

Hope this helps, Max


edit: You can also create a User using DFC-Methods:

IDfUser newUser = (IDfUser) session.newObject("dm_user");

newUser.setUserName("New User");
newUser.setUserLoginName("newuser");

newUser.setString("user_source","inline password");
newUser.setString("user_password","new_password");

newUser.setDefaultFolder("/newuser",true);

newUser.save();

Instead of putting inline_password as the user_source, you probably can choose LDAP and remove the user_password. This most probably needs more information, but I don't have the DFC Documentation with me at the moment. I could look it up in the evening, but for now this should give you a good point to start.

You could also make a Server Method out of it and assign it to a custom Job.

BUT: I don't think that you can CREATE new LDAP-Users from Documentum...they need to be present in the ActiveDirectory when you import them into Documentum!

Cheers, Max

0
Siavash Renani On

The LDAP synchronization is quite limited and shortsighted. You can concatenate two LDAP attributes for a user like this : ${sn}_${givenname}@company.com. You can also substring, starting from left to a given number. Thats it. No more. I wonder why they bothered.

A proper solution would have been standarsing on a expression language - all from XQuery to RegEx. There are lots to choose from.

0
Kulveer Singh On

You can configure LDAP through DA and set all the connection info, user id password and than configure the ldapsync job to do this ,whenever a new user is added into ldap,it will be imported into documentum by that job and deactivated if user is removed from ldap.

Thats the best way to avoid any programming .