8.18 Placement - Publisher By Dept

This rule places objects from one container in the data store into multiple containers in the Identity Vault. Implement the rule on the Placement policy in the driver. You can implement the rule only on the Publisher channel.

There are two steps involved in using the predefined rules: creating a policy in the Placement policy set and importing the predefined rule. If you already have a Placement policy that you want to add this rule to, skip to Importing the Predefined Rule.

8.18.1 Creating a Policy

  1. From the Outline view or the Policy Flow view, select the Publisher channel.

  2. Select the Placement policy set in the Policy Set view, then click Create or add a new policy to the Policy Set icon Create or Add a New Policy icon to create a new policy.

  3. Click Create a new policy, then click Next.

  4. Name the policy.

  5. Use the default location or browse and select another location to place the policy in the driver.

    Create Policy Wizard

  6. Select Open Editor after creating policy, then click Next.

  7. Select DirXML Script for the type of policy, then click Finish.

  8. A file conflict window appears with the message “ Before editing this item you need to save. Do you wish to save the editor’s changes and continue?” Click Yes. The Policy Builder is launched and the new Placement policy is saved.

  9. Continue with Section 8.18.2, Importing the Predefined Rule.

8.18.2 Importing the Predefined Rule

  1. Right-click in Policy Builder, then click New > Predefined Rule > Insert Predefined Rule Before or Insert Predefined Rule After.

  2. Select Placement - Publisher By Dept, then click OK.

    Placement - Publisher By Dept

  3. Edit the action by double-clicking the Actions tab.

  4. Delete [Enter DN of destination Organization] from the Enter String fields.

  5. Click the Edit Arguments icon Edit Argument icon to launch the Argument Builder.

  6. Select Text in the Noun list.

  7. Double-click Text to add it to the argument.

  8. In the Editor, click the browse button, then browse to and select the parent container in the Identity Vault. Make sure all of the department containers are child containers of this DN, then click OK.

  9. Click OK.

  10. Save the rule by clicking File > Save.

8.18.3 How the Rule Works

This rule places User objects in proper department containers depending upon the value that is stored in the OU attribute. If a User object needs to be placed and has the OU attribute available, then the User object is placed in the dest-base\value of OU attribute\CN attribute.

The dest-base is a local variable. The DN must be the relative root path of the department containers. It can be an organization or an organizational unit. The value stored in the OU attribute must be the name of a child container of the dest-base local variable.

The child containers must be associated for the user objects to be placed. The value of the OU attribute must be the name of the child container. If the OU attribute is not present, this rule is not executed.

The CN attribute of the User object is the first two letters of the Given Name attribute plus the Surname attribute in lowercase. The rule uses slash format.