Jump to content

Option to allow Regex matching in Data Import Configuration for "Organization"

samwoo
 Share

Recommended Posts

samwoo Grand Master

samwoo

Posted
Posted

Hello,

The Data Import Configuration along with the later versions of the LDAP Import are amazing tools.

I would like to request a feature where we can specify whether or not there is going to be Regex Matching for the Organisations.

For example... in AD we have a structure similar to the following: 

OU = Directors
|
OU = Relationship Managers
|
OU = Specialists
    |
    |______ OU = HR
    |
    |______ OU = IT
    |
    |______ OU = Planning

 

I have a Data Import Configuration that will import the whole subtree of users under the Specialists OU. I then want to pull out the Sub OU's which will effectively match the Organization name in Hornbill.

The DSN would look something like: 

CN=First Name,OU=Housing,OU=Specialists,OU=<###>,OU=<####>,DC=<########>,DC=gov,DC=uk


The Regex would look like: 

CN=.*?,OU=(.*?)(?:,[A-Z]+=|$)

It would clearly pick up the text within the first OU and use this to populate the user against the matching Organization.
https://regex101.com/r/CfavcA/1

Can this be done?

Many thanks,

Samuel

 

 

Link to comment
Share on other sites
TrevorKillick Experienced

TrevorKillick

Posted
Posted

Hi @samwoo

Should be an easy enough addition, we already have something similar against the manager field,  might be a couple of weeks before I get some time to add this so feel free to bump the thread in 3 - 4 times if you do not hear anything. 

Kind Regards

Trevor Killick

Link to comment
Share on other sites
  • 2 weeks later...
TrevorKillick Experienced

TrevorKillick

Posted
Posted

@samwoo

Sorry about that, been a crazy few weeks here. Its still at the top of the list, in fact, another customer asked for something more generic which is likely to replace this.

What I am looking at providing is a list of custom fields that can either be from static data or LDAP Attributes which we can then run specific functions on for now it will be regex and they will be saved in a field available to be used in any of the configuration params, so where we currently have [ldapAttribute] we will have something like {customAttribute1}. 

We then might add additional functionality and processing to these custom fields. It's not to much more work and hopefully fits your use case as well as a few other customers and is not too complicated for everyone to get on with.

I will update you when I have some more movement on this, hopefully towards the end of this week.

Kind Regards

Trevor killick

Link to comment
Share on other sites
TrevorKillick Experienced

TrevorKillick

Posted
Posted

@samwoo

The functionality is in Version 3.1.0 of the LDAP User Import tool, but to configure the import with the Pre Import Actions a new build of the Admin tool needs to go out with some new UI. 

This should hopefully go out on Monday.

Kind Regards

Trevor Killick

Link to comment
Share on other sites
TrevorKillick Experienced

TrevorKillick

Posted
Posted
5 minutes ago, samwoo said:

thank @TrevorKillick - will you have the documentation handy by then or should it be relatively simple to pick up? (it sounds like it should be)

Hrmmm Yeah documentation... ill add the example I used for testing but its pretty noddy a new tab in the import configuration called Pre Import actions and you can create actions for replacing and regex matching. 

I will update the wiki page on Monday when the Admin Release goes out. 

  • Like 1
Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted

Hi @TrevorKillick,. 

Using the pre-import actions, I am not having any luck extracting the first OU name from the DSN. The closest I got was by using positive lookaheads and lookbehinds... until I realised i was using PCRE Regex and not GoLang Regex... which doesn't support it. I've been racking my brains on this and cannot seem to get anywhere.

Could you offer any insight? Can replace commands from GoLang be used in the Regex field?

Here is a sample DSN i've been trying to test it with

CN=First Name,OU=Housing,OU=Specialists,OU=Group,OU=Parent,DC=company,DC=gov,DC=uk

All I want to do is extract the part that is bold and ignore everything else.

Thanks,

Samuel

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted

Hi @TrevorKillick,

Thanks i've been attempting to do that, but the Departments in Hornbill do not start with OU= and this is the bit i'm struggling with... I am trying to find a way to ignore the OU= in the string and return the rest of it.

 

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted

@TrevorKillick,

Thanks i'm attempting to work out this logic... as I forgot that I also need to remove the CN=Name as well lol.

It's great these can be chained together for sure!

Thanks,

Samuel

edit:

I think i might have got it

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted

I have gotten it to work with a single sub-OU... but i've discovered a sub-OU with another sub-OU within it so now causing problems for the users in that one. I was hoping it would be really simple to capture the string between the first

"OU=" and the first "comma" after it and ignore everything else :'(

 

 

Link to comment
Share on other sites
TrevorKillick Experienced

TrevorKillick

Posted
Posted

@samwoo

So when it does a regex match at the moment it returns the Last match which I think is wrong so I am going to change this to return the first match that has a value, which means you can use the regex
  

\bOU=(.*?),


Which will return OU=Housing, that can then have OU= and the last , replaced.

If this makes sense ill do a quick build now for you to test.

Kind Regards

Trevor Killick

 

 

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted
Just now, TrevorKillick said:

@samwoo

So when it does a regex match at the moment it returns the Last match which I think is wrong so I am going to change this to return the first match that has a value, which means you can use the regex
  


\bOU=(.*?),


Which will return OU=Housing, that can then have OU= and the last , replaced.

If this makes sense ill do a quick build now for you to test.

Kind Regards

Trevor Killick

 

 

If that can be done, that will be brilliant! Thanks @TrevorKillick

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted

What a start @TrevorKillick,

This is now working as I hoped! Thank you very much!

If anyone is interested, this is all I had to do in the end - thanks the the changes that Trevor made:
1338136503_2018-07-2715_03_05-Administration_WBCSpecialists.thumb.png.53c96b2c260f6ba90e0b3ad84b19e8fd.png

Thanks! :D

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted
2 minutes ago, TrevorKillick said:

@samwoo

Awesome, glad its all working as expected now.

Kind Regards 

Trevor Killick

Thanks @TrevorKillick.

I have one more question I think - where you have the Actions - No Action, Create & Update, Create Only, Update Only... if I was to set it to Create & Update for the roles, will it replace the Roles for the "Full Users" with what's defined in the list I specify? Or will it only add to what they already have if they dont have it already?

What I need is for there to be standard roles that new "Full" Hornbill users will get, but if they require any additional access we can do so manually in the Admin Tool, and the LDAP_Import won't affect their existing roles overnight.

Please advise

Thanks,

Samuel

Link to comment
Share on other sites
TrevorKillick Experienced

TrevorKillick

Posted
Posted

@samwoo

The Actions refer to if the account is being created or updated if Create Only is only applied to new users, Update only is applied to users that already exist, From what I remember Roles are not destructive, the only destructive import property we have is around organisation when you have only one assignment enabled then any other organisations of that type are removed. 

Kind Regards

Trevor Killick

Link to comment
Share on other sites
samwoo Grand Master

samwoo

Posted
  • Author
Posted
9 minutes ago, TrevorKillick said:

@samwoo

The Actions refer to if the account is being created or updated if Create Only is only applied to new users, Update only is applied to users that already exist, From what I remember Roles are not destructive, the only destructive import property we have is around organisation when you have only one assignment enabled then any other organisations of that type are removed. 

Kind Regards

Trevor Killick

As we want the information to be updated in Hornbill from AD for the "Full" users we really need the basic stuff to come over first and updated (if different) but the data already existing in Hornbill (roles and organisations) should forever remain untouched.

Thank you for clarifying that the Organisations  also won't be affected if i don't turn on Only One Group Assignment - this was going to be another question to raise as well.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...