Hello!
I need to make outbound sync rule for users.
I have HR system with all employee data and Microsoft AD.
Main rures are:
1. If employeeStatus in MV=0 this is normal, not blocked account.
2. If employeeStatus in MV=1,2,3 this is locked account.
This can be done with flow like this:
Source Tab
Function
Function name
IIF
condition:Boolean
customExpression
Eq(employeeStatus,”0”)
ValueTrue:Object
customExpression
BitAnd(-3,userAccountControl)
valueFalse:Object
CustomExpression
BitOr(2,userAccountControl)
Destination Tab
userAccountControl
But, what will happens with system accounts (they are defined in AD, but not defined in HR system).
They will be locked?
I'm a little bit confused with statuses 1,2,3. Maybe it would be better to make a rule extension to handle this case?
Thanks!
1