Novell Home

Modifying Custom Attributes with the IDM Null Driver

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 12 Dec 2007
 

Problem

A Forum reader recently asked:

"I have IDM 3.5 with a Identity Vault and other drivers, such as AD, JDBC, and Notes. Can I modify a custom attribute on users in a OU in my IDV? This operation is captured by a loopback driver that create a user on another OU of my driver, with some attributes populated."

And here's the response from Father Ramon ...

Solution

Here's what you need to do:

1. Use the null driver rather than the loopback driver.

2. Add a User to the subscriber filter.

3. Set it to synchronize on the subscriber channel and ignore on the publisher channel.

4. Add the Description attribute to the User class in the filter

5. Set it to notify on the subscriber channel and ignore on the publisher channel.

6. Add a subscriber channel event transformation - something like this:

<policy>
  <rule>
   <description>create portal user</description>
   <conditions>
    <and>
     <if-class-name mode="nocase" op="equal">User</if-class-name>
     <if-src-dn op="in-container">users</if-src-dn>
     <if-op-attr mode="nocase" name="Description" 
op="changing-to">pippo</if-op-attr>
    </and>
   </conditions>
   <actions>
    <do-set-local-variable name="portalDN" scope="policy">
     <arg-string>
      <token-text xml:space="preserve">portal\</token-text>
      <token-src-name/>
     </arg-string>
    </do-set-local-variable>
    <do-add-src-object class-name="User">
     <arg-dn>
      <token-local-variable name="portalDN"/>
     </arg-dn>
    </do-add-src-object>
    <do-add-src-attr-value class-name="User" name="Surname">
     <arg-dn>
      <token-local-variable name="portalDN"/>
     </arg-dn>
     <arg-value>
      <token-src-attr name="Surname"/>
     </arg-value>
    </do-add-src-attr-value>
   </actions>
  </rule>
  <rule>
   <description>Veto further processing</description>
   <conditions/>
   <actions>
    <do-veto/>
   </actions>
  </rule>
</policy>

7. Duplicate the last action in the first rule for each attribute you want to copy from the original object to the new object.

For information on the difference between a loopback driver and a null driver, see:

http://www.novell.com/documentation/idm35/admin/data/b9132yx.html


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell