I'm hoping someone can help me with a failed veto as an event transform
policy on the sub channel of my AD driver:
this is what I'm trying to do...
I want to veto everything if an attribute of a user is not a certain value.
My policy so far is this:
if class name equal case insensitive "user"
if source attribute "NetAccountType" not equal to case insensitive "TREE"
trace message ("NO TREE value, so veto")
Should this work? Am I missing something?
If I disable the first condition and only use the source attribute test then
it works perfectly. The NetAccountType attrib only applies to a user class
so would I even need the class test?
As always, any and all help is appreciated.