Page Comparison

To create a Default Attribute Values policy

1. In the Navigation Sidebar of the EmpowerID Web interface, expand Admin, then Policies, and click Default Attribute Values.
2. On the Attribute Values management page, click the Add button.
   
   
   
   
3. In the Policy Details form that appears, type a name and display name for the policy in the Name and Display Name fields, respectively.

4. From the Person Attribute drop-down, select the attribute for the Person that you want to set using the policy.
   
   

   Note

   The values shown in this drop-down list include every type of attribute that could be associated with an EmpowerID Person, however, not all EmpowerID Person attributes correspond to attributes in Active Directory. Here is a list of the attributes and what attribute each corresponds to in Active Directory (if any): Section HTML Comment BusinessPhone (otherTelephone) (broken in AD) DateOfBirth <<    broken in EID, also SILLY (If we want it, we need a calendar control–can't convert date from character string) Email (mail)                            <<    broken in AD, also SILLY ExpectedHireDate    << broken in EID (If we want it, we need a calendar control–can't convert date from character string) Location (location)        << there is no location attribute in AD (but it says there is in the AttributeFlowRules) ManagerPersonID (manager)                 << BROKEN in EID Invalid column name 'ManagerPersonID'. Nationality    << BROKEN IN EID – should be NationalIdentificationNumber (there is no Nationality) OriginalHireDate      << broken in EID (If we want it, we need a calendar control–can't convert date from character string) ProfileURL       << broken in EID [Incorrect syntax near ')'.]  TerminationDate     << broken in EID (If we want it, we need a calendar control–can't convert date from character string) Timezone              << broken in EID there is no Timezone, only GlobalTimeZone, openxml_GlobalTimeZone, xml_TimeZone, etc. URLBusiness                                             << ??? URLOWA                                                   << ??? URLPersonal                                             << ??? UserName                                                 << broken in EID there is no UserName in the db for person. just USER and USER_NAME ValidFrom                                                  << broken in EID (If we want it, we need a calendar control–can't convert date from character string) ValidUntil (accountExpires)                       << broken in EID (If we want it, we need a calendar control–can't convert date from character string) Column AboutMe BirthName CarLicense (carlicense)  City (l) Company (company) Country (co) CustomAttribute1 through 9 CustomAttribute27 (thumbnailPhoto) Department (department) DepartmentNumber (departmentNumber) Description (description)  Division (division) EmailAlias (mailNickname) EmployeeID (employeeID) EmployeeIDOther EmployeeType (employeeType) ExtensionAttribute1 - 27 (extensionAttribute1-15 and 20) Fax (facsimileTelephoneNumber) FirstName (givenName) FriendlyName (displayName) Gender  GenerationalSuffix (generationQualifier) HomeTelephone (homePhone) IMAddress Column Initials (initials) LastName (sn) Login (samAccountName) MiddleName (middleName) MobilePhone (mobile) Notes (info)                                            Office (physicalDeliveryOfficeName) POBox Pager (pager) PersonalTitle (personalTitle) PhotoURL PositionCode PostalCode (postalCode) PreferredFirstName PreferredLastName Province SIPAddress  SecondLastName State (st) Status StreetAddress (streetAddress) StreetAddress2 Telephone (telephoneNumber) Title

   
   

5. In the Default Value field, type the default value for the selected attribute.
6. Select or clear Always Overwrite as appropriate for the policy. If selected (the default), EmpowerID reverts any changes made to the attribute value on an affected person back to the value specified by the policy.
7. Click Save.
   
   
   
   EmpowerID creates the policy and opens the Edit page for it. From this page, you can assign the policy to any EmpowerID Actor, such as a Group or Business Role and Location.
   
   

To assign the Default Attribute Policy

1. On the Edit page of the policy you just created, in the Policy Assigned To section, scroll to the Actor type to which you want to assign the policy and click the Add (+) button on its grid. In our example, we assign the policy to a group, so we click the Add (+) button on the Groups grid.
   
   
   
   
2. In the Group (or other Actor Type) field, type the name of the specific actor to which you want to assign the policy and then click the tile for that actor. In our example, we assign the policy to the Contractors group.

3. Type a numeric value from 1 to 100 for the policy in the Priority field. 
   
   

   Info
   The priority value determines how EmpowerID treats the users affected by the policy if those users have other Default Attribute Values policies. The lower the number, the higher the priority.

   
   

4. Click Save.
   
   
   
   
5. Repeat for each additional Actor type you want to add to the policy. For example, if you wanted to add a Business Role and Location to the policy, you click the Add (+) button on the Business Role and Location grid, select the specific Business Role and Location and assign a priority for the policy.

To verify the attribute value in Active Directory

1. On a server with the Active Directory module for PowerShell installed, run the following PowerShell cmdlet, substituting the attribute with that specified by your policy.

   Code Block
   language powershell
   Get-ADUser -Filter {Title -eq "Contractor"}

   
   

2. A record is returned for each user account affected by the policy.