Hello!

Someone has decided to put custom values in the LDAP store without the
source system knowing about it. That means all those custom values will
be wiped out when I refresh the values from the source system.

So now I am attempting to read in the destination value on any change
and store it in an LV, refresh all the values in the dest-attr, then
iterate through the LV to find any custom values I am not aware of and
rewrite them.

dest-attr RoleMgr with the following values:
RoleMgr: _employee
RoleMgr: employee
RoleMgr: _staff
RoleMgr: staff
RoleMgr: _student
RoleMgr: student
RoleMgr: Debug
RoleMgr: Debug2

This attribute is actually cloned from another in the source system.

So in the following transaction I will be removing "student" which will
refresh this attribute from the source system and rewrite employee and
staff(the _[value] is cloned). However we see that someone has placed
Debug and Debug2 directly in dest system which I need to maintain.

So when I see the attr changing I am going to attempt to store this
attribute in an LV:

<actions>
<do-for-each>
<arg-node-set>
<token-dest-attr name="RoleMgr"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="jeffroles" scope="policy">
<arg-node-set>
<token-local-variable name="current-node"/>
</arg-node-set>
</do-set-local-variable>
</arg-actions>
</do-for-each>
</actions>

Here is a snippet of the trace so I believe this part is working ok:

[02/20/09 11:35:28.272]:LDAP Port2 ST: Token Value: {<value>
@type = "string",<value> @type = "string",<value> @type =
"string",<value> @type = "string",<value> @type = "string",<value> @type
= "string",<value> @type = "string",<value> @type = "string",<value>
@type = "string",<value> @type = "string"}.
[02/20/09 11:35:28.272]:LDAP Port2 ST: Arg Value: {<value>
@type = "string",<value> @type = "string",<value> @type =
"string",<value> @type = "string",<value> @type = "string",<value> @type
= "string",<value> @type = "string",<value> @type = "string",<value>
@type = "string",<value> @type = "string"}.
[02/20/09 11:35:28.278]:LDAP Port2 ST: Performing actions for
local-variable(current-node) = <value> @type = "string".
[02/20/09 11:35:28.278]:LDAP Port2 ST: Action:
do-set-local-variable("jeffroles",scope="policy",arg-node-set(token-local-variable("current-node"))).
[02/20/09 11:35:28.275]:LDAP Port2 ST:
arg-node-set(token-local-variable("current-node"))
[02/20/09 11:35:28.275]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.275]:LDAP Port2 ST: Token Value:
{<value> @type = "string"}.
[02/20/09 11:35:28.276]:LDAP Port2 ST: Arg Value: {<value>
@type = "string"}.
[02/20/09 11:35:28.276]:LDAP Port2 ST: Action:
do-trace-message(token-local-variable("current-node")).
[02/20/09 11:35:28.276]:LDAP Port2 ST:
arg-string(token-local-variable("current-node"))
[02/20/09 11:35:28.277]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.277]:LDAP Port2 ST: Token Value:
"_employee".
[02/20/09 11:35:28.279]:LDAP Port2 ST: Arg Value:
"_employee".
[02/20/09 11:35:28.280]:LDAP Port2 ST:_employee
[02/20/09 11:35:28.281]:LDAP Port2 ST: Performing actions for
local-variable(current-node) = <value> @type = "string".
[02/20/09 11:35:28.281]:LDAP Port2 ST: Action:
do-set-local-variable("jeffroles",scope="policy",arg-node-set(token-local-variable("current-node"))).
[02/20/09 11:35:28.286]:LDAP Port2 ST:
arg-node-set(token-local-variable("current-node"))
[02/20/09 11:35:28.286]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.287]:LDAP Port2 ST: Token Value:
{<value> @type = "string"}.
[02/20/09 11:35:28.283]:LDAP Port2 ST: Arg Value: {<value>
@type = "string"}.
[02/20/09 11:35:28.283]:LDAP Port2 ST: Action:
do-trace-message(token-local-variable("current-node")).
[02/20/09 11:35:28.284]:LDAP Port2 ST:
arg-string(token-local-variable("current-node"))
[02/20/09 11:35:28.284]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.285]:LDAP Port2 ST: Token Value:
"employee".
[02/20/09 11:35:28.285]:LDAP Port2 ST: Arg Value:
"employee".
[02/20/09 11:35:28.285]:LDAP Port2 ST:employee

Now I refresh RoleMgr with a bunch of other rules, and I want to place
back Debug and Debug2. I do not have any checks in yet for dupe
attributes because I am having issues iterating through the LV:
<do-for-each>
<arg-node-set>
<token-local-variable name="jeffroles"/>
<token-local-variable name="current-node"/>
</arg-node-set>
<arg-actions>
<do-add-dest-attr-value name="RoleMgr">
<arg-value>
<token-local-variable name="current-node"/>
</arg-value>
</do-add-dest-attr-value>
</arg-actions>
</do-for-each>

However I am getting some bad data in the nodeset, and I know it is
probably how I am trying to query or perhaps it is stored wrong:

[02/20/09 11:35:28.341]:LDAP Port2 ST: Token Value: {<value>
@timestamp = "1231438053#79" @type = "string",<value> @timestamp =
"1231438053#80" @type = "string",<value> @timestamp = "1231438053#81"
@type = "string"}.
[02/20/09 11:35:28.346]:LDAP Port2 ST: Arg Value: {<value>
@timestamp = "1231438053#79" @type = "string",<value> @timestamp =
"1231438053#80" @type = "string",<value> @timestamp = "1231438053#81"
@type = "string"}.
[02/20/09 11:35:28.343]:LDAP Port2 ST: Performing actions for
local-variable(current-node) = <value> @timestamp = "1231438053#79"
@type = "string".
[02/20/09 11:35:28.343]:LDAP Port2 ST: Action:
do-add-dest-attr-value("RoleMgr",class-name="inetOrgPerson","_"+token-local-variable("current-node")).
[02/20/09 11:35:28.344]:LDAP Port2 ST:
arg-string("_"+token-local-variable("current-node"))
[02/20/09 11:35:28.344]:LDAP Port2 ST: token-text("_")
[02/20/09 11:35:28.345]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.345]:LDAP Port2 ST: Token Value:
"employee".
[02/20/09 11:35:28.349]:LDAP Port2 ST: Arg Value:
"_employee".
[02/20/09 11:35:28.350]:LDAP Port2 ST: Action:
do-add-dest-attr-value("RoleMgr",class-name="inetOrgPerson",token-local-variable("current-node")).
[02/20/09 11:35:28.350]:LDAP Port2 ST:
arg-string(token-local-variable("current-node"))
[02/20/09 11:35:28.347]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.347]:LDAP Port2 ST: Token Value:
"employee".
[02/20/09 11:35:28.348]:LDAP Port2 ST: Arg Value:
"employee".
[02/20/09 11:35:28.353]:LDAP Port2 ST: Performing actions for
local-variable(current-node) = <value> @timestamp = "1231438053#81"
@type = "string".
[02/20/09 11:35:28.358]:LDAP Port2 ST: Action:
do-add-dest-attr-value("RoleMgr",class-name="inetOrgPerson","_"+token-local-variable("current-node")).
[02/20/09 11:35:28.358]:LDAP Port2 ST:
arg-string("_"+token-local-variable("current-node"))
[02/20/09 11:35:28.355]:LDAP Port2 ST: token-text("_")
[02/20/09 11:35:28.355]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.355]:LDAP Port2 ST: Token Value:
"staff".
[02/20/09 11:35:28.356]:LDAP Port2 ST: Arg Value:
"_staff".
[02/20/09 11:35:28.356]:LDAP Port2 ST: Action:
do-add-dest-attr-value("RoleMgr",class-name="inetOrgPerson",token-local-variable("current-node")).
[02/20/09 11:35:28.357]:LDAP Port2 ST:
arg-string(token-local-variable("current-node"))
[02/20/09 11:35:28.357]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.362]:LDAP Port2 ST: Token Value:
"staff".
[02/20/09 11:35:28.362]:LDAP Port2 ST: Arg Value:
"staff".
[02/20/09 11:35:28.362]:LDAP Port2 ST: Action:
do-for-each(arg-node-set(token-local-variable("jeffroles")+token-local-variable("current-node"))).
[02/20/09 11:35:28.359]:LDAP Port2 ST:
arg-node-set(token-local-variable("jeffroles")+token-local-variable("current-node"))
[02/20/09 11:35:28.359]:LDAP Port2 ST:
token-local-variable("jeffroles")
[02/20/09 11:35:28.360]:LDAP Port2 ST: Token Value: {<value>
@type = "string"}.
[02/20/09 11:35:28.360]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.360]:LDAP Port2 ST: Token Value: "".
[02/20/09 11:35:28.361]:LDAP Port2 ST: Arg Value: {<value>
@type = "string",""}.
[02/20/09 11:35:28.366]:LDAP Port2 ST: Performing actions for
local-variable(current-node) = <value> @type = "string".
[02/20/09 11:35:28.366]:LDAP Port2 ST: Action:
do-add-dest-attr-value("RoleMgr",token-local-variable("current-node")).
[02/20/09 11:35:28.363]:LDAP Port2 ST:
arg-string(token-local-variable("current-node"))
[02/20/09 11:35:28.364]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.364]:LDAP Port2 ST: Token Value:
"Debug2".
[02/20/09 11:35:28.364]:LDAP Port2 ST: Arg Value:
"Debug2".
[02/20/09 11:35:28.365]:LDAP Port2 ST: Performing actions for
local-variable(current-node) = "".
[02/20/09 11:35:28.365]:LDAP Port2 ST: Action:
do-add-dest-attr-value("RoleMgr",token-local-variable("current-node")).
[02/20/09 11:35:28.370]:LDAP Port2 ST:
arg-string(token-local-variable("current-node"))
[02/20/09 11:35:28.370]:LDAP Port2 ST:
token-local-variable("current-node")
[02/20/09 11:35:28.371]:LDAP Port2 ST: Token Value: "".
[02/20/09 11:35:28.367]:LDAP Port2 ST: Arg Value: "".

So my question is why is "Debug" not seem to be in the LV? And where
are the blank variables coming from??


--
jeff@linux1:~> glxgears
120308 frames in 5.0 seconds = 24061.553 FPS
------------------------------------------------------------------------
jedijeff's Profile: http://forums.novell.com/member.php?userid=4732
View this thread: http://forums.novell.com/showthread.php?t=361372