hi,

i am trying to figure out a matching policy on my publisher channel
from a notes server to edir. the users are already in the identity
vault.
i wanted to map surname and givenname and create an association, if two
users exist with the same attribute-values i thought of evaluating
another criteria (for the second attribute is not always filled due to
our edirectory-structured mandator-wisely organized and not all
costumers enforcing the standard of attribs that have to be filled -
otherwise i could in the first place take the second attrib).
this way i intend to minimize potentially false associations.

notes has a field fullname, which is multivalued and is mapped to a
single-valued arznotesfullname attribute on the edir side. i could not
figure out how to manipulate the results to test all values against the
value in my edirectory.

maybe one of you has the time and motivation to look over my code or
give me a hint, if i could solve that association problem more
elegantly?



here´s what policy-builder built for me:

<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC
"policy-builder-dtd"
"C:\Programme\Novell\Designer\eclipse\plugins\com. novell.designer.idm.policybuilder_2.0.0.2007102612 47\DTD\dirxmlscript.dtd"><policy>
<description>Default publisher matching policy</description>
<rule>
<description>mycompany_pub_cmd_define_local_var</description>
<comment xml:space="preserve">definition von lokalen variablen, die
waehrend der gesamten laufzeit des ereignisses von allen policies
referenziert werden koennen</comment>
<conditions>
<or>
<if-class-name mode="nocase" op="equal">User</if-class-name>
</or>
</conditions>
<actions>
<do-set-local-variable name="drv_user_surname" scope="driver">
<arg-string>
<token-src-attr class-name="User" name="Surname"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="drv_user_givenname" scope="driver">
<arg-string>
<token-src-attr class-name="User" name="Given Name"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="drv_mycompany_department"
scope="driver">
<arg-string>
<token-src-attr class-name="User" name="mycompany_department"/>
</arg-string>
</do-set-local-variable>
</actions>
</rule>
<rule>
<description>mycompany_pub_cmd_User Match</description>
<conditions>
<or>
<if-class-name mode="nocase" op="equal">User</if-class-name>
</or>
</conditions>
<actions>
<do-find-matching-object scope="subtree">
<arg-dn>
<token-text
xml:space="preserve">mycompany_department</token-text>
<token-local-variable name="drv_mycompany_department"/>
</arg-dn>
<arg-match-attr name="Surname">
<arg-value type="string">
<token-local-variable name="drv_user_surname"/>
</arg-value>
</arg-match-attr>
<arg-match-attr name="Given Name">
<arg-value type="string">
<token-local-variable name="drv_user_givenname"/>
</arg-value>
</arg-match-attr>
</do-find-matching-object>
<do-status level="error">
<arg-string>
<token-text xml:space="preserve">-9062</token-text>
</arg-string>
</do-status>
<do-status level="error">
<arg-string>
<token-text xml:space="preserve">-9062</token-text>
</arg-string>
</do-status>
<do-trace-message level="2">
<arg-string>
<token-text xml:space="preserve">error -9062 ---- next
rule</token-text>
</arg-string>
</do-trace-message>
<do-for-each>
<arg-node-set>
<token-src-attr class-name="User" name="mycompanyNotesFullname"/>
</arg-node-set>
<arg-actions>
<do-find-matching-object scope="subtree">
<arg-dn>
<token-text
xml:space="preserve">mycompany\_department</token-text>
<token-local-variable name="drv_mycompany_department"/>
</arg-dn>
<arg-match-attr name="mycompanyNotesFullname"/>
</do-find-matching-object>
</arg-actions>
</do-for-each>
<do-break/>
</actions>
</rule>
</policy>


--
Florian Zimmermann
------------------------------------------------------------------------
Florian Zimmermann's Profile: http://forums.novell.com/member.php?userid=210
View this thread: http://forums.novell.com/showthread.php?t=307256