I need to write a policy to query roles in the directory and call add
role for the user selected in the operation.
The query is already working and returning nrfRole objects to the
$current-node$ variable, but for adding the role, I must pass the DN of
the role to the action.
How can I extract the DN of the role from the $current-node$ object?
All nouns I tryed works over the selected object, and not over the
query response. I am sorry if this is abasic question, but I am a newbie
in policies.
The rule follows:
<description>Atribui Kit Minimo</description>
<comment xml:space="preserve">Atribui o kit mínimo de acesso de acordo
com a lotação do usuário</comment>
<if-attr name="OU" op="available"/>
<do-set-local-variable name="rolesKitBasico" scope="policy">
<token-query class-name="nrfRole" datastore="src">
xml:space="preserve">O=XXXX\OU=XXXXX\CN=Driverset\ CN=UserApplication\CN=AppConfig\CN=RoleConfig\CN=R oleDefs</token-text>
<arg-match-attr name="CN">
<arg-value type="string">
<token-attr name="OU"/>
<token-text xml:space="preserve"> Basico</token-text>
<token-local-variable name="rolesKitBasico"/>
<do-add-role id="CN=XXXXX,OU=contasservico,OU=usuarios,O=XXXX"
role-id="$current-node$" url="">
<token-text xml:space="preserve">XXXXXX</token-text>

jluizberg's Profile: http://forums.novell.com/member.php?userid=82541
View this thread: http://forums.novell.com/showthread.php?t=406862