The userID for each system is held against 'ACCOUNT<repositoryName>'. It doesn't have to be the same as IDM (although this can make admin easier).
You can create the account for AD at that time if necessary, rather than when coming in from HCM.
Realistically, try not to overthink the problem.
accnames = Select MSKEYVALUE where MSKEYVALUE like 'accountname%'
if(accnames.indexof("!ERROR") > -1) {return accountname;}
accnames = "!!" + accnames + "!!";
for i=1 to 1000
if(accnames.indexOf("!!" + accnames + i + "!!") == -1) {return accnames + i;}
next
This will just loop through any account like your first initial, last name, appending a number and checking to see if it already exists. You'll need to fit in the proper sql query and debug etc.
Peter
