I must be doing something wrong. (obviously)

Anyway, I have a tree structure something like:

Groups
-> APPNAME01
-> Group001
-> Group002
-> APPNAME02
-> Group001

First, I need to find the "container" (APPNAMExx) for the appropriate
"thing".
THAT part seems to be working right.

I then need to get a list of all groups under the aforementioned name.
So I did this in my action set:


Code:
--------------------

<do-set-local-variable name="SecurityGroups" scope="policy">
<arg-node-set>
<token-query class-name="Group" datastore="src" scope="subordinates">
<arg-dn>
<token-global-variable name="idv.dit.data.groups"/>
<token-text xml:space="preserve">\</token-text>
<token-local-variable name="AppName"/>
</arg-dn>
<arg-string>
<token-attr name="CN"/>
</arg-string>
</token-query>
</arg-node-set>
</do-set-local-variable>
--------------------


a) Is this correct? I mean it SHOULD theoretically set the local
variable:
SecurityGroups
to the nodeset that is querying for "cn" attribute of objectclass
Group

so it should set it to like:
Group01,Group02

??

b) If not, then what's the correct way to do this? I saw mention in
the olden days (haha) of having to use XPATH for query expressions but
then Novell let you just use Query natively in the "actions" instead.

c) IF it is correct, then for some strange reason my next rule isn't
seeming to be working correctly. That rule, should then do a: for each
(of the "SecurityGroups" variable) and query for MEMBERS of the two
groups.


Code:
--------------------

<do-for-each>
<arg-node-set>
<token-local-variable name="SecurityGroups"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="SecurityGroupMembers" scope="policy">
<arg-node-set>
<token-query class-name="Group" datastore="src" scope="subordinates">
<arg-dn>
<token-global-variable name="idv.dit.data.groups"/>
<token-text xml:space="preserve">\</token-text>
<token-local-variable name="AppName"/>
<token-text xml:space="preserve">\</token-text>
<token-local-variable name="SecurityGroups"/>
</arg-dn>
<arg-string>
<token-attr name="Member"/>
</arg-string>
</token-query>
</arg-node-set>
</do-set-local-variable>
</arg-actions>
</do-for-each>

--------------------


But it doesn't seem to be working properly

--Kevin


--
The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/no...allation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/no...r-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/no...p2-transfer-id
------------------------------------------------------------------------
kjhurni's Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=449015