To sum up: in the Command Transform on the Pub side, I want to start a
sync on a Group in the Vault that will push the Vault members back out
to AD to add back the people who just got removed.

Details: I have one group in AD that I want the Vault to be the SOA
for. All other groups sync bi-directionally but this Group has special
req. If I add someone to this Group they can be added to the Group in
the Vault, but if I remove someone from this Group they cannot be
removed, and must be added back to the Group in AD.

Working through this scenario I have found some interesting conditions,
to say the least. If I don't assume that everything will always be in
sync, then I have to account for the fact that there might be multiple
people in the Group in AD who are not in the Group in the Vault, or
maybe multiple people being removed at the same time. Furthermore,
there might be people in the Group in the Vault who don't exist in AD.
I got a Rule to the point that it was querying all over the place trying
to figure out who was where and I figured it would be easier to just
cause the Group to sync from the Vault and let the driver do all this
work for me.

I wait until the Command transform policy on the Publisher channel to
see if anyone is actually being removed from the Group, and then I tried
to tack in a sync tag. I got the message that sync tags are not allowed
in the input doc, so I put it in an output doc, but that got filtered
out. Can someone point me toward correct sync syntax?


nate_spears's Profile:
View this thread: