In IDM, the process

event occurs, this triggers an action, which produces a result.

is fundamental.

I have been using dynamic groups successfully to filter objects for the
current action and this works well.

However, I have hundreds, if not a few thousand of these types of
processes.

It occurred to me that it would be nice if I could dynamically update
the dynamic group filter and then run the action.

There are 2 bits of information needed :

The Search Root and the LDAP Filter.

I have thought of updating the Dynamic Group attributes that hold this
information using a policy. However, I discover that there is only one
attribute that holds both of these bits of data memberQuery. This has
syntax 'Octect string'. Does anyone have a way of decoding/ encoding
the data in this attribute. If it was possible it would mean I could
use one Dynamic Group for all these actions. This would result in :

event occurs, this triggers update of Dynamic Group attribute
memberQuery, this then triggers an action, which produces a result.


--
chall
------------------------------------------------------------------------
chall's Profile: http://forums.novell.com/member.php?userid=34675
View this thread: http://forums.novell.com/showthread.php?t=430999