Article
Problem
A Forum reader recently asked:
"I am creating users from a vault to eDirectory (IDM 3.5), and I am building up the destination DN based on information stored in the vault. The problem I have is that some of the destination DNs do not exist. I want to do a check for the existence of a DN before trying to create the user - and if it does not exist, create the OU.
I have seen some XML code to do this but I would really prefer to this with Policy Builder and stay away from XML if possible."
And here's the response from Father Ramon ...
Solution
Assuming you only need one level created at a time, try this:
<policy>
<rule>
<description>Check if destination container already exists</description>
<conditions>
<and>
<if-operation op="equal">add</if-operation>
</and>
</conditions>
<actions>
<do-set-local-variable name="target-container">
<arg-string>
<token-dest-dn length="-2"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="does-target-exist">
<arg-string>
<token-dest-attr name="Object Class">
<arg-dn>
<token-local-variable name="target-container"/>
</arg-dn>
</token-dest-attr>
</arg-string>
</do-set-local-variable>
</actions>
</rule>
<rule>
<description>Create the target container if necessary</description>
<conditions>
<and>
<if-local-variable name="does-target-exist" op="available"/>
<if-local-variable name="does-target-exist" op="equal"/>
</and>
</conditions>
<actions>
<do-add-dest-object class-name="Organizational Unit" direct="true">
<arg-dn>
<token-local-variable name="target-container"/>
</arg-dn>
</do-add-dest-object>
</actions>
</rule>
</policy> Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
User Comments
- Be the first to comment! To leave a comment you need to Login or Register
- 3913 reads


0