I want to use Role-Based Entitlement for OU because I want to insert
some intruder setting (attributes) into exited OUs. The result is not
what I expected. I though that entitlement driver should send out the
attribute "DirXML-EntitlementRef" component values to my loopback driver
if I meet the Role-Based Entitlement criteria (object class =
organizational unit). I reevalute but no the dirxml document sent out
to loopback driver.
Then I rewrite a new policy almost the same as previous one, this time
my criteria is User. Then I reevalue again, the dirxml document send to
loopback driver as usual.

Now I am very confused. Is Role-Based Entitlement only works for class
object user and group, but the rest object class can not work? or is
this a bug?

Is there other way to insert back exited OUs intruder setting
attributes?

env: I have been testing IDM361 and IDM351.

Thank You!


--
tichung
------------------------------------------------------------------------
tichung's Profile: http://forums.novell.com/member.php?userid=1737
View this thread: http://forums.novell.com/showthread.php?t=385460