Add support for renaming resources in Microsoft Entra ID
T
Tom Isbouts
In the target connector for Microsoft Active Directory we have the option to rename resources based on their code (e.g. titleCode, departmentCode). It would be useful for the Microsoft Entra ID connector to have the same functionality for example when the titleCode is stored in the description (or another custom field).
This prevents HelloID from creating resources when a department or title gets its name changed.
R
Rick van den Dijssel
Hey Tom Isbouts, thanks for your feedback! I have a few more questions for you:
- What specific scenarios or use cases do you envision where renaming resources in Microsoft Entra ID would be beneficial?
- Are there any specific fields in Microsoft Entra ID, other than the description, where the titleCode might be stored and should be considered for renaming?
- How frequently do you anticipate needing to rename resources, and what impact would this have on your current workflows?
T
Tom Isbouts
Hi Rick van den Dijssel!
- Many of our customers change their names of their business units/titles/departments regalarly. HelloID would create new groups for those new names since they are correlated on their names and leave the old groups empty and unused.
- I would suggest to use the description but any extension/Custom Attribute would do the trick I think.
- Renaming is not a proces that would happen on a daily basis. But as organizations change and rely heavily on dynamic group memberships it would be very use to be able to.
Rick Jongbloed
Hi Tom Isbouts, thanks for the clarification — that makes a lot of sense.
Based on what you describe, this is indeed a common challenge when correlating purely on display names, especially in environments where business unit, department or title names change over time. Using a stable correlation key (such as a code stored in the description or a custom/extension attribute) is exactly the right approach to prevent unnecessary group recreation.
From a technical perspective, this is already possible today:
The dynamic permission script supports correlating on a dedicated correlation key instead of the display name.
Renaming logic can be implemented in the resource creation script of the Microsoft Entra ID & Exchange Online connector:
https://github.com/Tools4everBV/HelloID-Conn-Prov-Target-Microsoft-Entra-ID-Exchange-Online/blob/main/resources/groups/resources.ps1
As a reference, the Active Directory target connector already implements this pattern:
https://github.com/Tools4everBV/HelloID-Conn-Prov-Target-ActiveDirectory/blob/main/resources/groups/resources.ps1
So while this isn’t available as a built-in feature out of the box for the Entra ID connector, you can implement this behavior yourself using the existing scripting framework.
If you need any assistance while implementing this, you can log a ticket with our support team.
Hopefully this helps clarify the available options.
Ender Kulan
Good idea!