Resolving the Full Name Attribute for AD
Novell Cool Solutions: Tip
By Geoffrey Carman
|
Digg This -
Slashdot This
Posted: 12 Aug 2004 |
Here's a tip on solving the Full Name attribute issue with Microsoft Active Directory. It was sent in by on e of our readers, Geoffrey Carman. Remember, we give T-shirts for tips, so keep those contributions rolling in!
 |
The Problem |
 |
|
eDirectory's mandatory attributes on a user object are CN and Surname. Active Directory, however, requires a Full Name attribute in order to create an object. So if you create a user in eDirectory, it will not seem to sync with AD.
|
The Solution |
|
|
Here are the steps to follow:
- Create a Creation Policy rule on the Subscriber channel to concatenate the eDirectory Given Name and Surname attributes.
- Use a space between the names.
- Send them out to the destination as Full Name.
I've included a sample XML rule to demonstrate this. You can load it into Policy Builder to see the choices I made.
|
Sample XML Rule |
|
|
<policy>
<rule>
<description>Create Full Name from Given Name and Surname</description>
<conditions>
<and>
<if-attr name="Full Name" op="not-available"/>
</and>
</conditions>
<actions>
<do-add-dest-attr-value class-name="User" name="Full Name">
<arg-value type="string">
<token-attr name="Given Name"/>
<token-text xml:space="preserve" xmlns:xml="http://www.w3.org/XML/1998/namespace"> </token-text>
<token-attr name="Surname"/>
</arg-value>
</do-add-dest-attr-value>
</actions>
</rule>
</policy>
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com