Article

(View Disclaimer)

Problem

We have two connected systems, with eDirectory and Notes 6.5 with IDM 3.5.1. We are synching from eDirectory to Notes. There are existing users in Notes that need to be matched by the driver.

During initial migration, renames in Notes could occur due to slightly different names in eDirectory (first name, last name). This, however, requires the driver to know which Notes Certifier was used last time the user was certified in Notes for the operation to complete.

Is there any way of reading/querying for this information (Last Certifier ID) in an IDM policy, so the operation will succeed?

Solution

I found a way to do this. I created a Command rule that reads the user's FullName value in Notes. This attribute value also contains the OU information, so I can parse the last certifier ID.

The DestDN and DestName are empty, and I was not able to use them as I normally would expect.

The query is based on a match with 'workforceID' = Notes 'employeeID', but it could be modified to do a match on any unique attribute:

<do-set-local-variable name="varFullName" scope="policy">
  <arg-string>
    <token-query class-name="User" max-result-count="1" scope="subtree">
      <arg-match-attr name="workforceID">
        <arg-value type="string">
          <token-src-attr name="workforceID"/>
        </arg-value>
      </arg-match-attr>
      <arg-string>
        <token-text xml:space="preserve">Full Name</token-text>
      </arg-string>
    </token-query>
  </arg-string>
</do-set-local-variable>

Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).

It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.