I need to query eDir for the leaf object name (or equivalent DN fragment)so
that I can writeback a rename operation from AD, using the leafname as the
AD object name. The problem is all I have from an AD rename event is the
association value. It does not give me an 'old-name' value.

Any ideas on how to do this?

Here is what I have that brings back a src-dn in the trace:


<rule disabled="true">
<description>Writeback Rename</description>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-operation op="equal">rename</if-operation>
</and>
</conditions>
<actions>
<do-set-local-variable name="leafname">
<arg-string>
<token-dest-attr class-name="User" name="dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message>
<arg-string>
<token-text xml:space="preserve">leafname complete</token-text>
</arg-string>
</do-trace-message>
</actions>
</rule>

Unfortunately for me, this does not return a DN, and I do not know how to
extract the src-dn value that is included as part of the Insance returned....

-Thanks for looking at this!