Create eDirectory user account with Null- or Loopback driver

Is there a way to create an user account in the source eDirectory with the null- oder loopback driver?

Goal:

User gets added to a group named 'Required-Admin-User'.
The membership change should trigger an account creation for 'ADM-[UserAccount].

  • So a user exists in the IDV, and you want to make a second account, as an Admin level account.

    Sure.  do-add-source-object if you are in the Sub channel in your Null/Loopback.  If you let it loop through into the pub channel, then you could use do-add-dest-object in either channel.

    Calculate the new DN and store it in a variable so you can use it again in a moment.

    In the GUI it is called Add Source/Destination Object.

    Do remember you then need to provide all the attributes, one by one, as do-add-src/dest-attr and set the DN of the target object (else it will set the values on the current object).

     

  •  If you let it loop through into the pub channel

    How do I get an event from the sub to pub channel....

     

    I tried 

    <do-add-src-object class-name="user">
    <arg-dn>
    <token-local-variable name="lv-AdminAccount"/>
    </arg-dn>
    </do-add-src-object>

    but this complains about missing required attributes

  • You have to add to the document at least mandatory attributes (CN and Surname) and specify objectDN.

    I can recommend to populate other attributes (optional).

  • <do-add-src-object class-name="User">
    <arg-dn>
    \test-tree\system\users\adm-user
    </arg-dn>
    </do-add-src-object>

    <do-add-src-attr-value name="cn">
    <arg-dn>
    \test-tree\system\users\adm-user
    </arg-dn>
    <arg-value type="string">
    adm-user
    </arg-value>
    </do-add-src-attr-value>

    <do-add-src-attr-value name="Surname">
    <arg-dn>
    \test-tree\system\users\adm-user
    </arg-dn>
    <arg-value type="string">
    Super-user
    </arg-value>
    </do-add-src-attr-value>

  • I did say "Do remember you then need to provide all the attributes, one by one, as do-add-src/dest-attr and set the DN of the target object (else it will set the values on the current object)."

    If you skip the mandatories, then it will fail.

    Key takeaway, is set the DN of the new object in a variable.

    Then use that as the Object DN in the add-source object, and then in all the following add-source attribute calls and it will bundle them into a single event, so long as no other operations to another object occurs in the middle.

    I.e. If you do:

    add source object NewObjectDN

    add source attr NewObjctDN

    add dest attr current obj

    add source attr NwObjectDN

     

    You will get an add with the added attr, a modify of the current object and then a second modify with the one attr of the new object.  So do not split your processing.

  • Good example Alex.  There is another thread from yesterday that I suggested how you could loop over the current add/modify event and then add each attr in it to the new source object.

    And remember not to intersperse some other event between these since it was will cause multiple event docs to be generated instead of one.

  • The whole point of the Loopback driver is that events on the Subscriber get looped back on to the Publisher. So, you'd just add *destination* object (from the Subscriber) and it will show up as an <add> on the Publisher.
  • Try use Loop Service driver ( Publisher and Subscriber ) you can create a events