Hi all,

I am fairly new to identity manager, and I'm having trouble wrapping my
head around a few of the concepts. I'm hoping someone will be able to
help me out with a few of my questions!

Basically what we want to do is handle add/modify/delete and sync
requests from the IDM only, locate the corresponding record and process
the request on the SOAP server and then send back the recordID to be
stored in the idenetity vault (for adds only) so "matching" on the SOAP
server end is simpler going forward. The subscriber side works how I
expect, but the publisher side is causing me some grief.

1. Completely ignoring my attempt to write data back to the vault, what
is IDM expecting as a response from the SOAP server? I'm not sure how
to reformat the soap response to be what IDM is expecting.

I had originally thought I could accept the response and treat it as a
modify request on the publisher channel, and process it that way, but
the processing dies at the schema mapping:
DSML ST:Applying schema mapping policies to input.
DSML ST:Applying policy: smp-DSMLSchemaMapping.
DSML ST: Mapping class-name 'soapUser' to 'User'.
DSML ST: Mapping attr-name 'lastName' to 'Surname'.
DSML ST: Mapping attr-name 'firstName' to 'Given Name'.
DSML ST: Mapping attr-name 'userType' to 'OU'.
DSML ST: Mapping attr-name 'username' to 'CN'.
DSML ST: Mapping attr-name 'userPassword' to
DSML ST: Mapping attr-name 'recordID' to 'SystemRecordID'.
DSML ST:Resolving association references.
DSML ST:Processing returned document.
DSML ST:Processing operation <modify> for .
DSML ST:End transaction.-

Which led me to notice that the response doesn't seem to go through the
publisher side processing at all, it is handled differently after the
schema mapping, correct? I am at a loss to figure out how to format the
response so IDM will accept it!

2. What's the best way / is it possible to modify a value in the
identity vault from a response?

3. I found this thread
which seems to be what I am looking for, but I am a little confused
about what to do with this piece:

-<do-set-local-variable name="favoriteBeverage">
<token-dest-attr name="favoriteBeverage">
... some token that builds identifier for user ...

what sort of token should/could replace -... some token that builds
identifier for user ...-?

4. Is it possible to force IDM to treat the response as a modify
request (long shot, I know!)? Because I understand how to handle do
what I want if it could be a modify

Any help would be greatly appreciated!


reabuj's Profile: http://forums.novell.com/member.php?userid=77515
View this thread: http://forums.novell.com/showthread.php?t=403822