cancel
Showing results for 
Search instead for 
Did you mean: 

Need Help with Sample Code to map third party user groups to enterprise groups using JAVA SDK?

0 Kudos

Hello Team,

can some one help me with a sample code to import a windows AD user group and add it to an enterprise user group.

Accepted Solutions (0)

Answers (2)

Answers (2)

DellSC
Active Contributor
0 Kudos

I think I figured out how to add an AD group. You need to have both the full AD name for the group, such as:

CN=Consultants,OU=Contacts,DC=blah,DC=local

and the AD group's identifier. In the data I'm looking at from our demo system, it looks like:

S-1-5-21-2262072359-528161489-823924486-1253

Then, to create the group, you'll create the group and add an alias to it. The code might look like this:

public boolean addGroup(final String name, final String description,
                    final String adName, final String adId) {
    boolean bAddGroup = false;
    try {
        if (!groupExists(name)) {
            //Retrieve the "plugin" for the object, add it to an IInfoObjects,
            //and then edit the resulting IInfoObject's properties.
            final IPluginInfo GroupPlugin = boe.getPluginInfo("CrystalEnterprise.UserGroup");
            final IInfoObjects groupList = qh.newInfoObjectsCollection();
            if (GroupPlugin != null) {
                final IUserGroup Group = (IUserGroup) groupList.add(GroupPlugin);

                //Title does NOT need to match the full AD name and can be anything.  Recommend
                // using the "CN" value from the AD name. 
                Group.setTitle(name);
                Group.setDescription(description);
                //add the AD alias
                Group.getAliases().addExisting("secWinAD:" + adName, "secWinAD:" + adId, false);
                boeInfoStore().commit(groupList);
                _msg = "Success";
                bAddGroup = true;
            }
        }
    } catch (final Exception ex) {
        _msg = "Unable to add User Group \"" + name + "\": " + ex.getMessage();
        bAddGroup = false;
    }
    return bAddGroup;
}

Then, to make one user group a member of another group, you can do something like this:

public boolean makeMember(final IUserGroup parentGroup, final IUserGroup childGroup) {
    boolean bMakeMember = false;
    _msg = "";
    IInfoObjects iGroupObjects;

    final String sGroupQuery = "query://{SELECT SI_ID, SI_NAME FROM CI_SYSTEMOBJECTS WHERE SI_KIND = 'UserGroup'"
            + " AND DESCENDANTS(\"SI_NAME='UserGroup-User'\",\"SI_NAME='%s'\")};";
    try {
        if ((parentGroup != null) && (childGroup != null)) {
            final String sQuery = String.format(sGroupQuery, parentGroup.getTitle());
            boolean bMemberExists = false;

            //Query for existing membership of ParentGroup
            final IInfoObjects iObjects = qh.executeQuery(sQuery, 100);

            //Itterate over membership to determine if Child Group to add is already
            //a member
            for (final Object obj : iObjects) {
                final IInfoObject iObject = (IInfoObject) obj;
                if (iObject.getID() == childGroup.getID()) {
                    bMemberExists = true;
                    break;
                }
            }

            //If the Child group is not currently a member, add it as a new child object
            if (!bMemberExists) {
                iGroupObjects = boe.getInfoStore().newInfoObjectCollection();
                if (iGroupObjects != null) {
                    parentGroup.getSubGroups().add(childGroup.getID());
                    iGroupObjects.add(parentGroup);
                    boe.getInfoStore().commit(iGroupObjects);
                    _msg = "Success";
                    bMakeMember = true;
                }
            }
        }
    } catch (final Exception ex) {
        _msg = String.format("Unable to make %s a member of '%s'. Err=%s", childGroup.getTitle(), parentGroup.getTitle(), ex.getMessage());
        bMakeMember = false;
    }
    return bMakeMember;
}


I hope this helps!

-Dell

0 Kudos

Thanks for your quick response, i will try this in my code and let you know if this is working

DellSC
Active Contributor
0 Kudos

I'm not sure there's a way to add AD groups to BOBJ through code, but I'll dig into my code in the next day or so to determine whether that's possible. Setting a group as a member of another group is fairly easy. Which SDK are you using (.NET, Java, RESTful)? With that info I can either provide or point you to the appropriate sample.

-Dell

0 Kudos

Thanks for your response, i am trying to use JAVA SDK and looking for a way to see if i can map windows AD groups and add them as a member of existing enterprise groups. I have a repetitive task something like this where i am doing this manually, but i am looking for options to automate it.

SAP BO 4.2 JAVA API reference mentions something about Mapping third party groups using IsecWinAD interface, but even though the information in there sounds nice, i was really hoping if this is something already done in the community so that i can easily incorporate using a sample.