Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Web & Directory Servers >> Directory Servers

IDM 6 - Use idmManager attribute in user object

We recently upgraded IDM from v5 to v6.1. Hitherto we were maintaining the managers of every user as an attribute in the user object.

But in v6.1, every user object comes with a default idmManager object reference to the manager user object like this:

===========================

<User id='#ID#9590D16C27FA4674:7038B9:10E75AF4A3D:-7FCB' name='user' creator='Configurator' createDate='1161715261143' lastModifier='Configurator' lastModDate='1161715261175' lastMod='45' password='9590D16C27FA4674:DC41C5:10E61FB6804:-7FFB|uwI7AcKDLJU=' lastPasswordUpdate='1161715261109'>

<IdmManager>

<ObjectRef type='User' id='#ID#9590D16C27FA4674:7038B9:10E75AF4A3D:-7FCF' name='managerId'/>

</IdmManager>

<MemberObjectGroups>

<ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/>

</MemberObjectGroups>

</User>

===========================

The IDM 5 version is like this:

===========================

<User id='#ID#9590D16C27FA4674:1B1DEEA:10E5295BA66:15BA' name='user' creator='Configurator' createDate='1161715564031' lastModifier='Configurator' lastModDate='1161715564075' lastMod='35701' password='L5GFCOST5h8=' lastPasswordUpdate='1161715564020'>

<Attribute name='manager' type='string' value='managerId'/>

<MemberObjectGroups>

<ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/>

</MemberObjectGroups>

</User>

===========================

Now my question is - what would be the best way to migrate all these manager id's from 5 to 6.1 (we have about 100,000 users? I see that v6.1 uses an id to refer to the user object - how would I obtain that id?

Thanks,

[1840 byte] By [anokun7] at [2007-11-26 11:01:18]
«« Server Manager - add Server
»» Emailing a program
# 1

I would say stick to your old code if it works. The idmManager that was introduced does not work due to some nasty bugs in the ObjectRef that will break among many things UserMemerRules and certain references dealing with this new attribute...

It suppose to be sorted in the december release of 6.0 SP2 and should also be included in 7.0.

/A

anders@inserve at 2007-7-7 3:15:03 > top of Java-index,Web & Directory Servers,Directory Servers...
# 2

Thank you for the heads-up...

Can you please elaborate on the issues with idmManager or if you have a link that describes these would also be fine.

We almost finished creating a bulk action workflow to delete old manager attribute and insert this new idmManager attribute... We will have to reconsider.

Thanks

anokun7 at 2007-7-7 3:15:03 > top of Java-index,Web & Directory Servers,Directory Servers...
# 3

I believe thebug is outlined in this link below:

http://fiji.central.sun.com/bugzilla/show_bug.cgi?id=13823

Ive noticed a number of issues with the IdmManager attribute, not only bugs but also interesting side-effects and issues. In certain organizations you can for example be you your own manager (?!) - now if you assign yourself as manager you will have a hardtime removing/deprovisioning that user.

Sometimes the manager will show up using it e.g. in the UI as its ID rather than its referenced name.

My recommendation is still to avoid using it for now, the idea is great but it doesnt work and is too limited.

/Anders

anders@inserve at 2007-7-7 3:15:03 > top of Java-index,Web & Directory Servers,Directory Servers...
# 4
Hey Anders,Thank you soo much for taking the time to explain....The link you sent seems to be down for some reason - I will probably try it a bit later again.Thanks again,A
anokun7 at 2007-7-7 3:15:03 > top of Java-index,Web & Directory Servers,Directory Servers...
Web & Directory Servers
Directory Servers

Web & Directory Servers New Topic

Web & Directory Servers Hot Topic

Web & Directory Servers

All Classified