Hi all,

This is my first post, so please bear with me.

After searching the Internet, I found the names of the LDAP attributes
used in AD regarding profile paths and home folders, as:


I would like to have the AD driver set these attributes when it's
creating users from the Identity Vault.

So far I decided to augment the Creation policy. Specifically I have
added these actions to the Create User objects rule:

set local variable("ou-based-userfolder", scope="policy", Source DN())
set local variable("userprofile", scope="policy",
"\\server1\share1\"+Local Variable("ou-based-userfolder"))
set local variable("userfolder", scope="policy",
"\\server2\share2\"+Local Variable("ou-based-userfolder")+";k:")
set destination attribute value("profilePath", Local
set destination attribute value("homeFolder", Local
set destination attribute value("TSProfilePath", Local
set destination attribute value("TSHomeFolder", Local

A typical user would be placed in eDir as:


The remainding issue is how to transform the Source DN, assuming it is
"username.subou.ou.o", into a string that can be used as part of a UNC
path, say "o\ou\subou\username". The number of components in the Source
DN can be variable and should be taken into account.

I obviously need to split the Source DN and reassemble the components
in the reverse order, using backslashes as the delimiting character. I
don't need the o part, so that particular component should be omitted,
if possible.

Can someone please help me or give me some hints to where I should look
for clues?