Adding Defaults for Users

The Create Rule Transform policy can be edited to provide default values for password, homeDirectory, loginShell, and gidNumber for users as follows:

To edit the Create Rule Transform policy from the Subscriber channel:

  1. In iManager, click DirXML Management > Overview.

  2. Locate the driver in its driver set.

  3. Click the driver to open the Driver Overview Page.

  4. Click the Creation Rule on the Subscriber channel.

  5. Click the Create Rule Transform policy to edit the policy.

  6. To provide a default home directory for user creation, replace /home with the desired home directory prefix for user in the last line of the following section: 

    <do-add-dest-attr-value name="homeDirectory">
      <arg-value>
        <token-text>/home</token-text>

  7. To provide a default value for loginShell for the user:

    Replace /bin/sh with the desired login shell for user in the last line of the following section:

    <do-add-dest-attr-value name="loginShell">
      <arg-value>
        <token-text>/bin/sh</token-text>

  8. To provide a default gidNumber for the user:

    Replace 500 with the desired primary group ID for the user in the last line of the following section:

    <do-add-dest-attr-value name="gidNumber">
      <arg-value>
        <token-text>500</token-text>

  9. To provide default password for user:

    Replace <token-xpath...> to the desired default password in the following line:

    <do-set-dest-password>
      <arg-string>
       <token-text>pass</token-text>

    The clear-text password must be provided in the policy in the <password> tag. The driver will then set this as the initial driver password for the User.

  10. If default password is set to No during configuration, add the default password template by adding the following If clause below the homeDirectory template:

    <rule>
      <description>Adds username as the default password</description> 
      <conditions>
        <and>
          <if-operation op="equal">add</if-operation> 
          <if-class-name op="equal">User</if-class-name> 
          <if-op-attr name="CN" op="available" /> 
          <if-op-attr name="authPassword" op="not-available" /> 
          <if-password op="not-available" /> 
        </and>
      </conditions>
      <actions>
        <do-set-dest-password>
          <arg-string>
            <token-xpath expression="string(./add-attr[@attr-name='CN']/value)" />
          </arg-string>
        </do-set-dest-password>
      </actions>
    </rule>

:  If multiple drivers are running, only one driver should have a default password enabled for users, and only one driver should have ID generation enabled for a particular user or group.