I want to realize the following:
I have a special OU (OU=Portal.OU=GRUPPEN.O=PKR.T=ROOT) in my private tree
which contains some user groups. These groups are distributed correctly into
my second NDS. Each user in the entire path of the organization
(O=PKR.T=ROOT) which is member any group in this special OU should be
created in my second NDS. All other users must not exist in the second NDS,
so when a user is not a member of any group in this special OU anymore it
must be deleted in the second NDS.
I have tried to do it in this way:
I have placed an event transformation policy:
If Classname equal User
and if source attribute group membership not equal (source-DN)
Unfortunately this does not work because the rule does every time a veto.
How do I have to do it?
Thank you much for you help,