Provisioning in MV Extension

Uplift provides support for declarative Rule based provisioning. Provisioning is described in the App.config file with helper functions implemented in the metaverse extension.

MV Extension Code

The ProvisionEngine class is instantiated much like the RuleEngine class.


ProvisionEngine prov = new ProvisionEngine(typeof(CommonFunctions), typeof(MVFunctions));

public void Provision(MVEntry mventry)
        prov.Provision(mventry, true);
    catch (Exception e)
        LogWriter.writeEntry("FIM", "Provision Error", "MVExtension", LogType.Error,
            "Error: {1}\r\nTrace: {2}", e.Message, e.InnerException == null ? e.StackTrace : e.InnerException.StackTrace);

public void Terminate()

Provision Config

The heart of declarative provisioning is the App.config file.

  • <Provision>: All provisioning configuration goes under the Provision element. The provision element contains one <ma> element per FIM MA, and each ma element can have multiple <rule> elements.
  • <ma name="maName">: The ma element takes a name attribute which must match the name of the MA being provisioned.
  • <rule>: The rule element uses attributes to establish basic control conditions, and the content is one RuleEngine flow per line to establish initial attribute flow or DN rename.
    • name: The name attribute gives a user friendly name to reference the rule in error messages
    • condition: The condition attribute evaluates a RuleEngine condition to true or false to decide whether to further process the current rule
    • exchange: The exchange attribute (true|false) indicates whether to provision to AD using the ExchangeUtils CreateMailbox methods.
    • connector: The connector attribute specifies how many connectors in the MA the rule will apply for. You can use a numerical value such as 0, or a relative value, such as >1.
    • mvObjectType: The name of the metaverse object type to handle
    • csObjectType: The name of the cs object type to create


  <ma name="Active Directory">
    <rule name="New User" condition="And(effectiveDate &lt;= Now(), Not(IsNullOrEmpty(mail)))" 
          exchange="true" connector="0" mvObjectType="user" csObjectType="user">
      // homeMDB
      "CN=Mailbox Database,CN=First Storage Group,CN=InformationStore,CN=FIM2010,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=FIM Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=fabrikam,DC=com"->HomeMDB
    <rule name="maintain DN for location and displayName" connector="1" mvObjectType="user" csObjectType="user">
    <rule name="Too Many Connectors" connector=">1" mvObjectType="user" csObjectType="user">
      UnexpectedDataException("{0}, {1} has too Many Connectors ", displayName, employeeID)
    <rule name="Portal Group" connector="0" mvObjectType="group" csObjectType="group">
      "CN=" + displayName + ",OU=Groups,OU=NetCast,DC=fabrikam,DC=com"->dn
      GetGroupType(scope, type)->groupType

Copyright © SoftwareIDM