I have a new AD driver replacing an old AD driver. All my thousands and
thousands of users are associated w/ the old AD driver. My new driver
is just about ready to deploy.

I was hoping to avoid a sync of my system and sort of let users get
associated when they pass thru either of the channels. This of course
does not work when a eDir VAULT user gets deleted. The unassociated
(but identical user) in AD does not get deleted because the objects have
not yet become associated.

I know this is not best practise, but is it possible to associate the
objects just before a DELETE for the purposes of actually having the
object in the AD system deleted when the same user object in the eDir
system gets deleted.

I'm guessing the logic from the Event Transformation would look
something like
(and no scolding for paraphrasing guys)
if operation = "delete" and association is "unassociated"

find matching object
===
from here we just let it drop back into the regular driver routines to
perform the delete


--
johnehurst
------------------------------------------------------------------------
johnehurst's Profile: http://forums.novell.com/member.php?userid=1973
View this thread: http://forums.novell.com/showthread.php?t=408782