-
Notifications
You must be signed in to change notification settings - Fork 4
Evaluating the business rules
After completing the setup process, you can perform the following tests to validate that the business rules have been executed correctly.
Rule 1: If a user has a first name and surname, then an accountName must be generated in the format of FNNNxxxx, where F is the first letter of the first name, NNN is the first three letters of the surname, and xxxx is a number used to make the username unique.
Execute the following command to ensure person1 has a username that meets the specified rules
$person1.Attributes["accountName"]Expected result
JSmi0001
Rule 2: If a user has only a surname, then an accountName must be generated in the format NNNNxxxx, where N is the first 4 letters of the surname, and xxxx is a number used to make the username unique.
Execute the following command to ensure person4 has a username that meets the specified rules
$person4.Attributes["accountName"]Expected result
Stew0001
Rule 3: All users must be assigned a unique unix UID, starting from the value 20000 and incrementing each time it is issued
Execute the following command to ensure that all users have a unique unix UID
$person1.Attributes["unixUid"]
$person2.Attributes["unixUid"]
$person3.Attributes["unixUid"]
$person4.Attributes["unixUid"]Expected result
20000
20001
20002
20003
Rule 4: Each user must have an email address in the format of [email protected], or [email protected] if the user has no first name
Execute the following command to ensure that person 1 has a mail address of [email protected] and person 4 has an email address of [email protected]
$person1.Attributes["mail"]
$person4.Attributes["mail"]Expected result
Rule 5: If the email address already exists, the format [email protected] should be used, provided a middle name is present.
$person3.Attributes["mail"]Expected result
Rule 6: If that email address already exists or the user has no middle name, then a number can be appended to the name to make it unique.
$person5.Attributes["mail"]Expected result
Rule 7: All users in the IT department must be automatically issued with an admin account alongside their normal user account
John Smith is the only user in the IT department, so we can validate he has an account by checking the hasAdminAccount attribute
$person1.Attributes["hasAdminAccount"];Expected result
True
We can get the admin account object and see its properties
$adminAccount = $person1.Attributes["adminAccount"][[0]];
$adminAccount.ToString();Expected result
Object class: shadowAdminAccount
Deleted: No
Shadow link: adminAccount
Inherited update: No
employeeNumber: 1000
firstName: John
sn: Smith
$person1.Attributes["accountName"];
$adminAccount.Attributes["accountName"];Expected result
Jsmi0001
a-Jsmi0001
Get-ChildItem $env:TEMP\acmausers | fl NameExpected result
Name : JSmi0001
Name : Stew0001
Name : WKey0001
Name : WKey0002
Name : WKey0003
$person2.Attributes["accountName"] = "Will0001";
$person2.Commit();
$person2.Attributes["homeFolderPath"];
Get-ChildItem $env:TEMP\acmausers | fl NameExpected result
%temp%\acmausers\Will0001
Name : JSmi0001
Name : Stew0001
Name : Will0001
Name : WKey0002
Name : WKey0003
Remove-AcmaObject $person5
Get-ChildItem $env:TEMP\acmausers | fl NameExpected result
Name : JSmi0001
Name : Stew0001
Name : Will0001
Name : WKey0002
Rule 13: Each user must have an orgUnitName attribute that corresponds to the displayName of the organizational unit they are assigned to
$orgUnit2.Attributes["displayName"]
$person1.Attributes["orgUnitName"]Expected result
IT
IT
Rule 14: All people who supervise other staff members need to have their directReports attribute populated with the people who report to them
foreach($report in $person1.Attributes["directReports"]) {$report.Attributes["accountName"]}Expected result
Will0001
WKey0002
Stew0001
Previous step: Setting up the lab environment