Netware 6.5 SP6
Password sync turned on
Win 2003 server with remote loader
Mainly 'out of the box' config.
My users are one way syncing to AD from eDir. I have a rule that event
transforms a delete user from AD to remove association.
This got me thinking about what exactly a basic remove association does
to the User object attributes in eDir.
When a user is created in eDir, and the IDM driver is up and running, it
would seem that two auiliary classes are added to that user -
These then manifest two attributes viewable in DSBROWSE and Console One -
I CANNOT see the attributes -
When the User delete in AD is transformed into a remove association the
following happens to the user object in eDir -
DirXML-ApplicationAttrs - remains unchanged
DirXML-PasswordSyncStatusUser - remains unchanged
DirXML-Associations - attribute flag=deleted value
DirXML-PasswordSyncStatus - attribute flag=present
My questions are
1) I expected the DirXML-ADAliasName and DirXML-ADContext attributes to
be viewable in BSBROWSE or C1. I cannot see them. Does this mean they
are not actually present or hidden? How do I check they have been
deleted if the are present and hidden?
2) Should the DirXML-PasswordSyncStatus attribute be deleted on remove
3) What other attributes I might have missed should be removed from the
eDir user object on remove association, and how do I check/facilitate this?