Hello,

a few days ago I have ask how I can only sync the users password, if he
is a member of a group in the IDM.

I want to sync only the Active Directory Password to the IDM if the
user is a member of the group "SyncPWfromAD" in the IDM.

So I had the idear that I can use the policy I have created to sync
only user passwords to the eDirecotroy if he is a member of the sync
group in the IDM.
I have changened the locale variable from "Source Attribute" to
"Destination Attribute"

But it is not working. The IDM is still synchronising all passwords.

I think I have a big or little mistake in my policy.
What I can do, that only AD passwords will by synchronised if the user
is a member of the ADPassword group in the IDM?


Code:
--------------------
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC "policy-builder-dtd" "C:\Programme\Novell\Designer\plugins\com.novell.i dm.policybuilder_3.5.0.201003011501\DTD\dirxmlscri pt3.6.1.dtd"><policy>
<rule>
<description>CheckGroup</description>
<comment xml:space="preserve">CheckGroup</comment>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
<if-op-attr name="nspmDistributionPassword" op="changing"/>
</and>
</conditions>
<actions>
<do-set-local-variable name="SyncPWfromAD" scope="policy">
<arg-node-set>
<token-dest-attr name="Group Membership"/>
</arg-node-set>
</do-set-local-variable>
</actions>
</rule>
<rule>
<description>Only Sync User From Group </description>
<comment xml:space="preserve">Only Sync User From Group </comment>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
<if-op-attr name="nspmDistributionPassword" op="changing"/>
<if-xpath op="not-true">$SyncPWfromAD[contains(.,'company\SyncPWfromAD')]</if-xpath>
</and>
</conditions>
<actions>
<do-veto/>
</actions>
</rule>
</policy>
--------------------



Sincerely
Dominic


--
dominicdavid
------------------------------------------------------------------------
dominicdavid's Profile: http://forums.novell.com/member.php?userid=33244
View this thread: http://forums.novell.com/showthread.php?t=412667