On Thu, 17 Sep 2009 12:22:46 +0000, Rob.S wrote:

> I got my group Member synching across two e-directory systems. I
> noticed that when I add a user to an associated group, and I set the
> Member attribute, the "Group Membership" and "Security Equals"
> attributes are automatically set on the User object.


What IDM version are you using? This sounds like you're on one that
supports the reciporical attribute mappings. If so, you should just be
able to add the requisite mappings to your driver configuration and it
should work.

If not, you can always write a rule to do it.


> However, when I do a MERGE, nothing gets added to the User object, only
> the Group information is maintained.


Trace?


> Given the following input, can I build a similar rule to put Group
> Membership and Security Equals on the user object?


Sure. Get the op-attr Member in to a nodeset, loop through it, and add
the Group Membership and Security Equals for each current-node (member)
to the Group (@dest-dn).


--
---------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Novell Knowledge Partner http://forums.novell.com

Please post questions in the newsgroups. No support provided via email.