This article describes how to manage the option to add or remove a uniqueness check in the use cases Create user or Edit user in Smart ID Identity Manager, Users package. Read more here: Smart ID Workforce use cases
A script in Identity Manager Admin is used to manage the option. The unique identifier is by default the email address. Read more in the "Change the unique identifier" section below.
Read more about the use cases here: Users - Use cases for the operator and here Users - Use cases for the self-service user
See a list of all available options in the Smart ID use cases here: Users - Options
Step-by-step instruction for the administrator
Log in to Identity Manager Admin
- Log in to Identity Manager Admin as Administrator.
Manage the option to add a uniqueness check for "Create user"
This section shows how to enable the uniqueness check for the Create user use case. See the next section for the Edit user use case.
- In Identity Manager Admin, go to Home > Script.
- Select the script UsersScriptOptions.
In the section Uniqueness check in the script, go to the UsersCreateUserUniquenessCheck variable, see the example. By default it is set to true, that is, there is a uniqueness check done when you create a user.
- If you do not want to have a uniqueness check when you create a user, set UsersCreateUserUniquenessCheck to false.
- Click Save in the upper left corner to save the updated script (or exit without saving if there are no updates).
Manage the option to add a uniqueness check for "Edit user"
This section shows how to enable the uniqueness check for the Edit user use case. See the previous section for the Create user use case.
- In Identity Manager Admin, go to Home > Script.
- Select the script UsersScriptOptions.
In the section Uniqueness check in the script, go to the UsersEditUserUniquenessCheck variable, see the example. By default it is set to true, that is, there is a uniqueness check done when you edit a user.
- If you do not want to have a uniqueness check when you edit a user, set UsersEditUserUniquenessCheck to false.
- Click Save in the upper left corner to save the updated script (or exit without saving if there are no updates).
Change the unique identifier
You can change the unique identifier if you want to use something else than email.
To see the unique identifier:
- In Identity Manager Admin, go to Home > Process Import.
- Select the process Create user.
- Click the row Check uniqueness.
- Click Edit task on the Check uniqueness row (the pen to the right on the row).
- In the list of Parameters, you see the parameter name
UsersDp_Email and the value EQUALS:${UsersDp_Email} which means that the email is used for the uniqueness check.
The service task that controls this is called Process: Execute Search Task, read more about it here: Process - Standard service tasks in Identity Manager. Normally, the email is what you use for the uniqueness check. But if you, for example, use the Users add-on LDAP, see Create user add-on LDAP, to create users, the uniqueness check is done on a parameter called UsersAddonLDAPDp_ObjectGUID and the value is EQUALS:{UsersAddonLDAPDp_ObjectGUID}.
Technical details
Default value and outcome
| Value | Outcome |
|---|
| True (default) | - There will be a uniqueness check when creating or editing a user
- The unique identifier is email
- If the uniqueness check fails, information is shown that there is already a user with this email. Possibility is given to go back and change the email.
|
| False | There will not be a uniqueness check when creating or editing a user |
The manage options for Users script
Click
here to see the whole manage options script.
