I only update rules occasionally, was wondering if someone who uses it
on a more day to day basis can point me in the right direction.

I've written a rule to set/unset an ACL based on a user's company
number. The rule basically gives a service account permission to change
users's password if it has the ACL.

Anyway, I went and created the rule for the specified company they said
they'd need, and it's all good and dandy.

Then we get ready to go live with it, and by the way, we need to add
these 30 other companies to the rule as well.

From what I've seen, there isn't a way to OR the condtions, without
repeating the rule over for each of the 30 companies. There is a
similar rule to remove the attribute value if they move out of one of
the affected companies.

Any recommendations on a way to consolidate this to be scalable? Below
is the basic intention of the current policy.

Condition Group1
if operation equal "modify"
AND
if operation attribute 'employerNumber' changing to "123"

OR

Condition Group2
if operation equal "add"
AND
if operation attribute 'employerNumber' equal "123"

Actions
add source attribute value("ACL", class name="User",
{protectedName=Password
Management",trustee="company\services\apass",privi leges="4"})


--
slongholio
------------------------------------------------------------------------
slongholio's Profile: http://forums.novell.com/member.php?userid=9086
View this thread: http://forums.novell.com/showthread.php?t=440130