8.12 Matching - Subscriber Mirrored - LDAP Format

This rule matches for objects in the data store by using the mirrored structure in the Identity Vault from a specified point. Implement the rule on the Matching policy in the driver. You can implement the rule only on the Subscriber channel.

There are two steps involved in using the predefined rules: creating a policy in the Matching policy set and importing the predefined rule. If you already have a Matching policy that you want to add this rule to, skip to Importing the Predefined Rule.

8.12.1 Creating a Policy

  1. From the Outline view or the Policy Flow view, select the Subscriber channel.

  2. Select the Matching policy set in the Policy Set view, then click Create or add a new policy to the Policy Set icon Create or Add a New Policy icon to create a new policy.

  3. Click Create a new policy, then click Next.

  4. Name the policy.

  5. Use the default location or browse and select another location to place the policy in the driver.

    Create Policy Wizard
  6. Select Open Editor after creating policy, then click Next.

  7. Select DirXML Script for the type of policy, then click Finish.

  8. A file conflict window appears with the message “ Before editing this item you need to save. Do you wish to save the editor’s changes and continue?” Click Yes. The Policy Builder is launched and the new Matching policy is saved.

  9. Continue with Section 8.12.2, Importing the Predefined Rule.

8.12.2 Importing the Predefined Rule

  1. Right-click in the Policy Builder, then click New > Predefined Rule > Insert Predefined Rule Before or Insert Predefined Rule After.

  2. Select Matching - Subscriber Mirrored - LDAP format, then click OK.

    Matching - Subscriber Mirrored - LDAP format
  3. Edit the condition by double-clicking the Conditions tab.

  4. Delete [Enter base of source hierarchy] from the Value field.

  5. Browse to and select the container in the source hierarchy where you want the matching to start, then click OK.

  6. Click OK.

  7. Edit the action by double-clicking the Actions tab.

  8. Delete [Enter base of destination hierarchy] from the Enter String field.

  9. Click the Edit Arguments icon Edit Arguments icon to launch the Argument Builder.

  10. Select Text in the Noun list.

  11. Double-click Text to add it to the argument.

  12. In the Editor, click the browse icon, browse to and select the container in the destination hierarchy where you want the source structure to be matched, then click OK.

  13. Click OK.

  14. Save the rule by clicking File > Save.

8.12.3 How the Rule Works

This rule matches for objects in the data store by using the mirrored structure in the Identity Vault from a specified point. When an Add event occurs and the driver checks to see if the object exists, it starts checking at the specific DN in the Identity Vault. The driver then sets a local variable of dest-base to be the starting point in the data store that the structure is mirrored to in the Identity Vault. The driver then creates the context it is searching by adding the source DN of the object and a local variable of dest-base. It creates the path it is looking for in LDAP format.