Microsoft Identity Integration Server 2003 Developer Reference

Example: Resolving Join Conflicts

One common conflict in joining attributes from different management agents into one metaverse object is that occasionally the attribute on which they are joined is incorrect. This results in the connector space object being joined to the wrong metaverse object. This section describes a technique to detect such a conflict and correct an incorrect join based on incorrect attributes.

For example, suppose the user accounts in Active Directory have an employeeID attribute set. Accounts are joined using the employeeID attribute. Sometimes a mistake is made and the account has an incorrect employeeID, which results in it being joined with the wrong metaverse object. The following example illustrates how to solve this problem.

The following example shows how to use a management agent rules extension to determine whether the employeeID attribute differs between the connector space object and the metaverse object. If they differ, an incorrect join might have happened. You can correct an incorrect join by disconnecting the connector space object, therefore making it available again for joining the next time the management agent runs.

[Visual Basic .NET]
Public Sub MapAttributesForImport( _
		ByVal FlowRuleName As String, _
		ByVal csentry As CSEntry, _
		ByVal mventry As MVEntry) _
		Implements IMASynchronization.MapAttributesForImport

		Select Case FlowRuleName
			Case "cd.user:employeeID->mv.person:comment"
				If mventry("employeeID").IsPresent Then
					If Not csentry("employeeID").Value.Equals(mventry("employeeID").Value) Then
						Utils.TransactionProperties.Add("ma-employeeID-changed", _
						csentry.MA.Name)
					End If
				End If

			Case Else
				Throw New EntryPointNotImplementedException
		End Select
	End Sub
[C#]
void IMASynchronization.MapAttributesForImport( 
	string FlowRuleName, CSEntry csentry, MVEntry mventry)
{
	switch(FlowRuleName)
	{
		case "cd.person:employeeID->mv.person:employeeID":
		{
			if(mventry["employeeID"].IsPresent)
			{
				if(!csentry["employeeID"].Value.Equals(mventry["employeeID"].Value))
				{
					Utils.TransactionProperties.Add("ma-employeeID-changed",
					csentry.MA.Name);
			}
		}
			break;
	}

		default:
		{
			throw new EntryPointNotImplementedException();
	}
}
}

The following example shows how to use a metaverse rules extension to deprovision any metaverse object with an incorrect join:

[Visual Basic .NET]
Public Sub Provision(ByVal mventry As MVEntry) Implements IMVSynchronization.Provision
		Dim changedMA As String
		changedMA = Utils.TransactionProperties("ma-employeeID-changed")

		If Not changedMA Is Nothing Then
			mventry.ConnectedMAs(changedMA).Connectors.DeprovisionAll()
		End If
	End Sub
[C#]
void IMVSynchronization.Provision(MVEntry mventry)
{
	string changedMA = (string)Utils.TransactionProperties["ma-employeeID-changed"];

	if(null != changedMA)
	{
		mventry.ConnectedMAs[changedMA].Connectors.DeprovisionAll();
}

}