Article
Suchen
Shameless Plugs
Most Popular
Who's online
User login
3939
Finding the User DN with the Delimited Driver
Problem
We have a non-standard HR software (long story). I've finally gotten them to send me a comma-delimited file with the userid's of the user and the "id" of their supervisor. However, I notice that in eDirectory, the "manager" attribute is in the "dn" format (cn=blah,ou=blah,ou=blah,o=blah)
Any advice on getting the delimited driver to somehow take the userid and "find" the user's DN and then import/modify it that way?
And here's the reply from Lothar Haeger ...
Solution
You can try something like this:
<do-set-local-variable name="PersNr"> <arg-string> <token-op-attr name="userid"/> </arg-string> </do-set-local-variable> <do-for-each> <arg-node-set> <token-xpath expression='query:search($destQueryProcessor, "subtree", "", "~UserBaseDN~", "User", "workforceID", $PersNr, "")'/> </arg-node-set> <arg-actions> <do-add-dest-attr-value name="manager"> <arg-value type="dn"> <token-xpath expression="$current-node/@src-dn"/> </arg-value> </do-add-dest-attr-value> </arg-actions> </do-for-each>
where UserBaseDN is GCV pointing to the user container; replace with clear text if you like.
If you define a GCV "UserBaseDN" of type "DN" in driver properties, you can browse the ID Vault for the base path. ~UserBaseDN~ is the syntax to access that GCV (similar to "$variable" for a local variable). Or, you can also hardcode the path (in backslash syntax) into the policy, only making it a bit harder for others to follow the code and to maintain the driver in the future.
The query:search function returns a nodeset of all entries where "workforceID" is equal to the value of $PersNr. <do-for-each> walks through the nodes one by one, and $current-node/@src-dn returns the DN of each entry, which shows as <instance ... src-dn="\TREE\container\objectname" ...> in a Level 3 trace.
If I get your situation right, the following should work for you:
<do-set-local-variable name="manID"> <arg-string> <token-op-attr name="manager"/> </arg-string> </do-set-local-variable> <do-strip-op-attr name="manager"/> <do-for-each> <arg-node-set> <token-xpath expression='query:search($destQueryProcessor, "subtree", "", "\TREE\myorg\myou\users", "User", "CN", $manID, "")'/> </arg-node-set> <arg-actions> <do-add-dest-attr-value name="manager"> <arg-value type="dn"> <token-xpath expression="$current-node/@src-dn"/> </arg-value> </do-add-dest-attr-value> </arg-actions> </do-for-each>
Please note the <do-strip-op-attr> - that removes the supervisor's ID (which is not a DN, thus causing an error otherwise). Details regarding the query function can be found here: http://developer.novell.com/documentation/dirxml/dirxmlbk/api/com/novell/nds/dirxml/driver/XdsQueryProcessor.html
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
User Comments
- Be the first to comment! To leave a comment you need to Login or Register
- 3939 reads
0