I'm working with the SSPR activation process, trying to insert a form in
the Activate User Agreement Message.


Basically, you specify some HTML and SSPR displays it during the
activation process. In my case, I want the user to agree to some terms
and enter their initials. I'm trying to write whatever they put in the
form back to the IDV when they agree and continue. I've got 75% of the
back end stuff worked out but I ran into a big road block because I
can't tell what user is being activated and so I can't pass any
identifying information (like a DN) to the LDAP process that writes to
the IDV.

The big question is, Is there any way to find out what user is being
activated within the "Activate User Agreement Message" context?

I've looked through the HTML and I see what looks like a unique
identifier that may be used to identify the user later in the process
called "pwmFormID". This value appears to be a random string that I'm
guessing might map back to the user later in the activation process. I
suspect there is a relationship in the database. If this is the case,
the only thing I can think of is to query the db using this ID and
pulling back a DN or other info I can use to build the DN.

Seems like this is way outside-the-box, but hey, that's my style. :-)

rhettplace's Profile: https://forums.netiq.com/member.php?userid=876
View this thread: https://forums.netiq.com/showthread.php?t=57463