Home.... | log in.... | Pub my question! | Sign-up....

Java-index >> Web & Directory Servers >> Directory Servers

Place IDM USer in specific Active directory Container based on Department

<?xml version='1.0' encoding='UTF-8'?>

<!DOCTYPE Configuration PUBLIC 'waveset.dtd' 'waveset.dtd'>

<Configuration wstype='UserForm' name='FlatFile ActiveSync Form'>

<Extension>

<Form>

<Field name='waveset.accountId'>

<Comments> email. </Comments>

<Expansion>

<block name='checkTrace' trace='true'>

<ref>activeSync.accountId</ref>

</block>

</Expansion>

<Disable>

<neq>

<ref>feedOp</ref>

<s>create</s>

</neq>

</Disable>

</Field>

<Field name='global.firstname'>

<Comments> fullname. </Comments>

<Expansion>

<ref>activeSync.firstname</ref>

</Expansion>

<Disable>

<neq>

<ref>feedOp</ref>

<s>create</s>

</neq>

</Disable>

</Field>

<Field name='global.lastname'>

<Comments> firstname. </Comments>

<Expansion>

<ref>activeSync.lastname</ref>

</Expansion>

<Disable>

<neq>

<ref>feedOp</ref>

<s>create</s>

</neq>

</Disable>

</Field>

<Field name='waveset.password'>

<Comments> Make up a password for accounts that are being created. </Comments>

<Expansion>

<cond>

<notnull>

<ref>activeSync.password</ref>

</notnull>

<ref>activeSync.password</ref>

<s>change12345</s>

</cond>

</Expansion>

<Disable>

<neq>

<ref>feedOp</ref>

<s>create</s>

</neq>

</Disable>

</Field>

<Field name='waveset.resources'>

<Expansion>

<list>

<s>AD</s>

</list>

</Expansion>

<Disable>

<neq>

<ref>feedOp</ref>

<s>create</s>

</neq>

</Disable>

</Field>

<Field name='waveset.roles'>

<Expansion>

<list>

<ref>activeSync.roles</ref>

</list>

</Expansion>

<Disable>

<neq>

<ref>feedOp</ref>

<s>create</s>

</neq>

</Disable>

</Field>

<Field name='viewOptions.Process'>

<Expansion>

<s>Create User</s>

</Expansion>

</Field>

</Form>

</Extension>

<MemberObjectGroups>

<ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/>

</MemberObjectGroups>

</Configuration>

[3125 byte] By [rahulsainia] at [2007-11-27 5:18:51]

«« newbie: how to create a dynamic select list of the current date + 5 years
»» Running from other Computers

# 1

Just want to understand that AD container are different AD instances right ?In case yes that you have to configure RA for all of these different instance and that change the resource list via rule base on department.rgds,Suren

Surinder_Singh_Boraa at 2007-7-12 10:42:05 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 2

Thanks suren

See in AD i have diffrent container .This is my AD tree

example.com

ou=Domainuser,dc=example,dc=com

ou=TestUser,dc=example,dc=com

ou=contractor,dc=example,dc=com

CN=Admin,dc=example,dc=com

CN=Security,dc=example,dc=com

So I have some ou and group.

So group will be asign based on role and container will be asign based on department number.

I am not understaning diffrent AD instance means?

Can you send me code for this type of logic and where can i call this rule .

I am fetching data from flatfile through ActiveSync.

I am very new in SUN IDM and I am doing a project.

So I required urgent help.

Awaiting your response.

Thanks in advance

rahulsainia at 2007-7-12 10:42:05 >

top of Java-index,Web & Directory Servers,Directory Servers...

# 3

You can use a variable in your identity template to put things in a different container.

E.g: Add a schema attribute: BaseDN, mapping to IGNORE_ATTR (so it doesn't try to provision it), then set your Identity template to: cn=$accountId$,$BaseDN$

Then in your form, have a field global.BaseDN, and use logic to set it to the tail end of the user account.

(Thats the quick, direct, out of box method, you can also set accounts[ADResource].identity to a full DN).

Cheers,

- Simon

PS: Please actually ask a question in your posts (forum etiquette!). I can only see a dump of a form.

Floccinaucinihilipilificatio at 2007-7-12 10:42:05 >

top of Java-index,Web & Directory Servers,Directory Servers...

Web & Directory Servers Hot Topic