Hello,

after i ran a workflow to remove a role from an user, all attributes
are removed, except for the Entitlement (although it sets a component to
0) and an attribute i created that associates with the entitlement. But
i need to remove both, so i made a policy in the loopback driver to do
it, but im having trouble since they are multivalued.

If i set to clear them, the policy clears everything, even the ones
that i didnt ask to be removed, so i tried to use the remove destination
value, but it doesnt seem to work, can anyone help me, please?

AprovisionaDnPerfil is the entitlement (DirxmlEntitlementRef)


Code:
--------------------

<rule>
<description>Remove DirXML e DnPerfil</description>
<conditions>
<and>
<if-op-attr name="AprovisionaDnPerfil" op="not-available"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-removed-entitlement name="AprovisionaDnPerfil"/>
</arg-node-set>
<arg-actions>
<do-remove-dest-attr-value name="DirXML-EntitlementRef">
<arg-value type="string">
<token-op-attr name="DirXML-EntitlementRef"/>
</arg-value>
</do-remove-dest-attr-value>
<do-remove-dest-attr-value name="dnPerfil">
<arg-value>
<token-removed-entitlement name="AprovisionaDnPerfil"/>
</arg-value>
</do-remove-dest-attr-value>
</arg-actions>
</do-for-each>
</actions>
</rule>

--------------------




In the log file i removed the role
coPerfil=documenta_tramita_mec,coSistema=DOCUMENTA , ou=recursos, o=FNDE
from the user 99999999900

thank you!


+----------------------------------------------------------------------+
|Filename: loopback.zip |
|Download: http://forums.novell.com/attachment....achmentid=4197 |
+----------------------------------------------------------------------+

--
Diogo12
------------------------------------------------------------------------
Diogo12's Profile: http://forums.novell.com/member.php?userid=61044
View this thread: http://forums.novell.com/showthread.php?t=405890