When creating new groups in the IDVault, IDM puts them in the same OU as
the users. I've created a rule in the placement policy that I thought
would create groups in the 'groups' OU. But it doesn't seem to work.

Is this the right spot for this sort of rule/operation ?


Here's the rule :

<rule>
<description>Placement - Publisher Flat</description>
<conditions>
<or>
<if-class-name mode="nocase" op="equal">Group</if-class-name>
</or>
</conditions>
<actions>
<do-set-op-dest-dn>
<arg-dn>
<token-text
xml:space="preserve">dn("root\groups"+"\"+SourceNa me())</token-text>
</arg-dn>
</do-set-op-dest-dn>
</actions>
</rule>



TIA
Geoff