Resolving the Full Name Attribute for AD
Novell Cool Solutions: Tip
By Geoffrey Carman
Reader Rating 
from 3 ratings
|
Digg This -
Slashdot This
Posted: 12 Aug 2004 |
Here's a tip on solving the Full Name attribute issue with Microsoft Active Directory. It was sent in by on e of our readers, Geoffrey Carman. Remember, we give T-shirts for tips, so keep those contributions rolling in!
 |
The Problem |
 |
|
eDirectory's mandatory attributes on a user object are CN and Surname. Active Directory, however, requires a Full Name attribute in order to create an object. So if you create a user in eDirectory, it will not seem to sync with AD.
|
The Solution |
|
|
Here are the steps to follow:
- Create a Creation Policy rule on the Subscriber channel to concatenate the eDirectory Given Name and Surname attributes.
- Use a space between the names.
- Send them out to the destination as Full Name.
I've included a sample XML rule to demonstrate this. You can load it into Policy Builder to see the choices I made.
|
Sample XML Rule |
|
|
<policy>
<rule>
<description>Create Full Name from Given Name and Surname</description>
<conditions>
<and>
<if-attr name="Full Name" op="not-available"/>
</and>
</conditions>
<actions>
<do-add-dest-attr-value class-name="User" name="Full Name">
<arg-value type="string">
<token-attr name="Given Name"/>
<token-text xml:space="preserve" xmlns:xml="http://www.w3.org/XML/1998/namespace"> </token-text>
<token-attr name="Surname"/>
</arg-value>
</do-add-dest-attr-value>
</actions>
</rule>
</policy>
Reader Comments
- Try a little testing first,
will be veto'd by matching policy before it gets to creation! - This works as long as you disregard the policy builder bug in 2.0 that appends
instead of to the end of the XML making it invalid. Cheers, it worked for me using Nsure 2.0 no patches and also on the NT driver! Yippee!
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com