VMware Cloud Community
SeanKohler
Expert
Expert
‎12-27-2016 03:23 PM

VRA 7 - Finding Directory User via "custom" synced user attributes in VRO

Has anybody found a mechanism to find/filter by criteria on custom synced properties for Cafe Users? (or anything other than account name and given name for that matter)

See specifically getPrincipalsByPrincipalSearchCriteria(...).  It does not appear that the string criteria allows for search strings that provide attribute based look-ups. 

We can get user objects based off of account name or givenName, but the criteria object doesn't appear to be able to hold something along the lines of...

MyDirectorySyncedCustomAttribute == "FINDME"

Example...

var principalSearch = new vCACCAFEPrincipalSearchCriteria(tenantName);


principalSearch.setDomain(domain);


principalSearch.setLocalUsersOnly(false);


principalSearch.setCriteria(searchTerm);




var client = cafeHost.createAuthenticationClient();


var service = client.getAuthenticationPrincipalService();


var users = service.getPrincipalsByPrincipalSearchCriteria(principalSearch);

userlookup1.jpg

userlookup2.jpg

0 Kudos
1 Reply
SeanKohler
Expert
Expert
‎12-28-2016 03:15 PM

Went around the vIDM Directory via the AD plugin to do an LDAP search to get the filtered name list I wanted.  Then converted the name list to CafeUsers for addition into the Custom Groups.  Annoying... but workable.

client =[MyAdHost].getLdapClient();


users = client.search("DC=BINDDN,DC=com",LdapSearchScope.SUB,LdapDereferencePolicy.ALWAYS,1000,1000,


  "(&(someAttribute="+someAttributeFilter+")(samAccountName=B*)(userAccountControl=512))",null).getSearchEntries();

Note devs: If we have a directory that syncs our user objects into it... and those user objects maintain attributes... the vRO plugin API should have access to the attributes through a well defined public method.

0 Kudos