Highlighted
Absent Member.
Absent Member.
163 views

Creating eDir User record Named by uniqueID instead of CN


I'm trying to migrate like for like an existing Sun Directory instance
across to eDir, they have a IDM Interface that points to Sun IDM that I
am going to replace like for like with Novell IDM 4.5 Standard. But I
have run into an odd issue on the named by "uid" in the ldap namespace,
which then maps to "uniqueID" in the eDir namespace. When I create a new
user it always has CN as it's naming attribute not "uniqueID" even
though I specify it in the qualified-dest-dn

I can query my record I created via a LDIF file I imported via ICE using
IDM:

[07/26/16 07:23:35.649]:CSR Driver PT:
<nds>
<input>
<query class-name="User" dest-dn="internet" scope="subtree">
<search-attr attr-name="uniqueID">
<value>plambrechtsen</value>
</search-attr>
</query>
</input>
</nds>
[07/26/16 07:23:35.651]:CSR Driver PT: Pumping XDS to eDirectory.

[07/26/16 07:23:35.669]:CSR Driver PT:
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Standard" version="4.5.0.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<instance class-name="User" event-id="0"
qualified-src-dn="O=internet\OU=people\uniqueID=plambrechtsen"
src-dn="\DEV\internet\people\plambrechtsen" src-entry-id="110169">
<attr attr-name="ACL">

And that's fine... But when I do a create with a stylesheet I wrote:

[07/26/16 10:09:44.242]:CSR Driver PT:
<nds dtdversion="3.5" ndsversion="8.x">
<input>
<add class-name="User" dest-dn="internet\people\plambrechtsen"
qualified-dest-dn="O=internet\OU=people\uniqueID=plambrechtsen">
<add-attr attr-name="uniqueID">
<value>plambrechtsen</value>
</add-attr>
<add-attr attr-name="Surname">
<value>Slater</value>
</add-attr>
<add-attr attr-name="nspmDistributionPassword"><!-- content
suppressed --></add-attr>
<operation-data CN="plambrechtsen"/>
</add>
</input>
</nds>

When I query for the record in LDAP or iManager the naming of the record
was created as CN not uniqueID.

cn=plambrechtsen,ou=people,o=internet

Any ideas what I am doing wrong as this one has me stumped?


--
peter_lambrechtsen
------------------------------------------------------------------------
peter_lambrechtsen's Profile: https://forums.netiq.com/member.php?userid=495
View this thread: https://forums.netiq.com/showthread.php?t=56330

Labels (1)
0 Likes
4 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Creating eDir User record Named by uniqueID instead of CN

I think you can set an XML property of 'naming="true"' on the attribute of
your choice to indicate that it should be the naming attribute; see an
example here:

https://forums.novell.com/showthread.php/484482-Tranform-UniqueID-to-UID-for-LDAP-Directory-Placement-Policy

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Creating eDir User record Named by uniqueID instead of CN


I just found this thread too: http://tinyurl.com/h2v83wm

Having a fully qualified dn in the "dest-dn" also seems to work. Not
sure why I didn't try that first.

<add class-name="User"
dest-dn="O=internet\OU=people\uniqueID=plambrechtsen">
<add-attr attr-name="uniqueID">
<value>plambrechtsen</value>
</add-attr>

I didn't know I could have dest-dn fully qualified. But that has sorted
it.


--
peter_lambrechtsen
------------------------------------------------------------------------
peter_lambrechtsen's Profile: https://forums.netiq.com/member.php?userid=495
View this thread: https://forums.netiq.com/showthread.php?t=56330

0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Creating eDir User record Named by uniqueID instead of CN


ab;270001 Wrote:
> I think you can set an XML property of 'naming="true"' on the attribute
> of
> your choice to indicate that it should be the naming attribute; see an
> example here:
>
> http://tinyurl.com/zfkyyuu


Tried with naming=true in the add-attr and going back to the
non-qualified dest-dn, and it doesn't work the naming for the record is
back to CN.

<add class-name="User" dest-dn="internet\people\plambrechtsen">
<add-attr attr-name="uniqueID" naming="true">
<value>plambrechtsen</value>
</add-attr>

So the dest-dn as a fully qualified value is the way to do it.


--
peter_lambrechtsen
------------------------------------------------------------------------
peter_lambrechtsen's Profile: https://forums.netiq.com/member.php?userid=495
View this thread: https://forums.netiq.com/showthread.php?t=56330

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Creating eDir User record Named by uniqueID instead of CN

peter lambrechtsen <peter_lambrechtsen@no-mx.forums.microfocus.com> wrote:
>

ab;270001 Wrote:
> I think you can set an XML property of 'naming="true"' on the attribute
> of
>> your choice to indicate that it should be the naming attribute; see an
>> example here:
>>
>> http://tinyurl.com/zfkyyuu

>
> Tried with naming=true in the add-attr and going back to the

non-qualified dest-dn, and it doesn't work the naming for the record is
back to CN.
>
> <add class-name="User" dest-dn="internet\people\plambrechtsen">
> <add-attr attr-name="uniqueID" naming="true">
> <value>plambrechtsen</value>
> </add-attr>
>
> So the dest-dn as a fully qualified value is the way to do it.


I recall I had this issue many years back and came to same conclusion as
you.

--
If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.