Deprecated as of Identity Manager 2.0. Use DirXMLScript <policy> instead.
<create-rules> is the top-level (document) element for object creation rules. Object creation rules are stored in the DirXML-XmlData attribute of a DirXML-Rule object that is pointed to by the DirXML-CreateRule attribute of a DirXML-Subscriber or DirXML-Publisher object.
In the Subscriber channel, the source is eDirectory, and the destination is the application. In the Publisher channel, the source is the application and the destination is eDirectory.
Object creation rules are used to determine whether or not to create a new object in the destination as a result of an <add> event in the source. (Identity Manager automatically converts <modify> into <add> for events from unassociated objects). Object creation rules are applied only after any existing Matching rules are applied and fail to find a matching object in the destination.
<create-rules> contains 0 or more <create-rule> elements. The creation rule processor evaluates each <create-rule> in order until a suitable rule is found. That rule then vetoes or allows the object creation and fills in any default attributes and templates specified. If no suitable <create-rule> is found, then the object creation is allowed.
<create-rules> <!-- For all Users in the Defense organization require Given Name--> <!-- Surname, and Security Clearance. Create using the --> <!-- templates\Secure User template --> <create-rule class-name="User"> <match-attr attr-name="OU"> <value>Defense</value> </match-attr> <required-attr attr-name="Given Name"/> <required-attr attr-name="Surname"/> <required-attr attr-name="Security Clearance"/> <template template-dn="templates\Secure User"/> </create-rule> <!-- For all other Users require Given Name and Surname. --> <!-- Default the value of Security Clearance to None --> <!-- Don't use a template for creation --> <create-rule class-name="User"> <required-attr attr-name="Given Name"/> <required-attr attr-name="Surname"/> <required-attr attr-name="Security Clearance"> <value>None</value> </required-attr> </create-rule></create-rules>
None
( create-rule ) *
None