We have multiple IDM drivers and i have set GCV values to allow me to
put policies that can be adjusted from driver to driver so that i can
use only one driver instead of maintaning multiple drivers.

Now i put a set of policies in place that allow for group sync or not
allow groups sync which works great and if i hit a user and there is no
group sync set then i just deleted the security equals and group member
ship attribute from the user and go on.

The addition to this is that i need a few drivers to do selective group
sync by an attribute, when i set this, the groups that i want to sync
works fine except that when i hit user object that are members of groups
in the source and there is no sync to that group in the destination,
then i get a unable to syncronize reference.

So my end question is, how do i query for the destination group, if its
not there, remove the attribute holding the dn <secuirty equals, group
membership>.

I figured i could loop through the attribute if it exist and query for
the destination group dn. if the destination group dn does not exist
then remove the attribute.

right now things work, its just the annoymance error in the trace


--
Dieseloreo
------------------------------------------------------------------------
Dieseloreo's Profile: http://forums.novell.com/member.php?userid=36110
View this thread: http://forums.novell.com/showthread.php?t=414391