Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
pgold Absent Member.
Absent Member.

Re: Error syncing objects from edir to AD


So I pasted that into the placement policy and got the following xml
error:

An exception occurred processing the XML
(com.novell.emframe.dev.PageException: '': (2): element after document
element).

Does the number indicate the line with the error? If so then it is
having a problem with the description I think.


--
pgold
------------------------------------------------------------------------
pgold's Profile: http://forums.novell.com/member.php?userid=114234
View this thread: http://forums.novell.com/showthread.php?t=453618

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Error syncing objects from edir to AD

Are you using iMangler or Designer?
Sounds like iMangler.

If you open the placement policy and ctrl-a copy it out and paste it here we can insert the block
here and show you.

There were some comments in the post that don't fit in the rules that might have been the issue.
I cleaned them and reposted below as valid XML:

<rule>
<description>[CIS] Testing placement by mapping table</description>
<comment name="author" xml:space="preserve">Geoffrey Carman</comment>
<comment name="version" xml:space="preserve">1</comment>
<comment name="lastchanged" xml:space="preserve">Mar 21, 2012</comment>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
</and>
</conditions>
<actions>
<do-set-local-variable name="SRC-DN" scope="policy">
<arg-string>
<token-src-dn length="-2"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="DEST-DN" scope="policy">
<arg-string>
<token-map default-value="XXYY" dest="dest-dn" src="src-dn" table="*Test.Active
Directory.AD-TEST.fdny* ">
<token-local-variable name="SRC-DN"/>
</token-map>
</arg-string>
</do-set-local-variable>
<do-if>
<arg-conditions>
<and>
<if-local-variable mode="nocase" name="DEST-DN" op="equal">XXYY</if-local-variable>
</and>
</arg-conditions>
<arg-actions>
<do-trace-message disabled="true">
<arg-string>
<token-text xml:space="preserve">If we get XXYY back then the DN
was not found, either error, or place in a default location. Use a
GCV so you can change it later easily, but I want a simple rule to
demonstrate so I hard code a string value.</token-text>
</arg-string>
</do-trace-message>
<do-set-op-dest-dn>
<arg-dn>
<token-text
xml:space="preserve">cn=some,ou=default,ou=placement,dc=container,dc=local</token-text>
</arg-dn>
</do-set-op-dest-dn>
</arg-actions>
<arg-actions>
<do-set-op-dest-dn>
<arg-dn>
<token-local-variable name="DEST-DN"/>
</arg-dn>
</do-set-op-dest-dn>
</arg-actions>
</do-if>
</actions>
</rule>

<rule>
<description>[CIS] Testing placement by mapping table</description>
<comment xml:space="preserve">Now all in one line, which is more
confusing.</comment>
<comment name="author" xml:space="preserve">Geoffrey Carman</comment>
<comment name="version" xml:space="preserve">1</comment>
<comment name="lastchanged" xml:space="preserve">Mar 21,
2012</comment>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
</and>
</conditions>
<actions>
<do-set-op-dest-dn>
<arg-dn>
<token-map default-value="cn=some,ou=default,ou=placement,dc=container,dc=local" dest="dest-dn"
src="src-dn" table="SomeTableDN ">
<token-src-dn length="-2"/>
</token-map>
</arg-dn>
</do-set-op-dest-dn>
</actions>
</rule>

On 3/21/2012 10:56 AM, pgold wrote:
>
> So I pasted that into the placement policy and got the following xml
> error:
>
> An exception occurred processing the XML
> (com.novell.emframe.dev.PageException: '': (2): element after document
> element).
>
> Does the number indicate the line with the error? If so then it is
> having a problem with the description I think.
>
>


0 Likes
pgold Absent Member.
Absent Member.

Re: Error syncing objects from edir to AD


Clearly it does not matter which placement policy, as I tried to paste
it into both and both times the driver would not start. Here is the xml
from the placement policy on the subscriber channel.

<?xml version="1.0" encoding="UTF-8"?><policy>
<rule>
<description>placement for all objects</description>
<comment>All objects are placed in the subtree rooted in the given
container. By default the Active Directory scoping container and the
subscriber placement container are the same. You can change this value
if you want to place objects in a different hierarchy than the one used
for scoping. Note especially that if you add multiple scoping containers
to the matching rule, you will likely need to consider multiple base
containers in this rule. If you change the scoping rules in the matching
rules of either the publisher or subscriber channel, you should also
review and change this rule as needed.</comment>
<conditions>
<and/>
</conditions>
<actions>
<do-if>
<arg-conditions>
<and>
<if-global-variable mode="nocase" name="drv.subPlacementType"
op="equal">flat</if-global-variable>
</and>
</arg-conditions>
<arg-actions>
<do-set-op-dest-dn>
<arg-dn>
<token-src-dn convert="true" length="1" start="-1"/>
<token-text xml:space="preserve">,</token-text>
<token-global-variable name="drv.user.container"/>
</arg-dn>
</do-set-op-dest-dn>
</arg-actions>
<arg-actions>
<do-set-op-dest-dn>
<arg-dn>
<token-op-property name="unmatched-src-dn"/>
<token-text xml:space="preserve">,</token-text>
<token-global-variable name="drv.user.container"/>
</arg-dn>
</do-set-op-dest-dn>
</arg-actions>
</do-if>
</actions>
</rule>
<rule>
<description>Use Full Name for naming user objects</description>
<comment>When User Full Name mapping is enabled, the destination
object name is changed to the user's Full Name</comment>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-global-variable mode="case" name="FullNameMap"
op="equal">true</if-global-variable>
</and>
</conditions>
<actions>
<do-set-op-dest-dn>
<arg-dn>
<token-text xml:space="preserve">CN=</token-text>
<token-escape-for-dest-dn>
<token-attr name="Full Name"/>
</token-escape-for-dest-dn>
<token-text xml:space="preserve">,</token-text>
<token-dest-dn length="-2"/>
</arg-dn>
</do-set-op-dest-dn>
</actions>
</rule>
</policy>


--
pgold
------------------------------------------------------------------------
pgold's Profile: http://forums.novell.com/member.php?userid=114234
View this thread: http://forums.novell.com/showthread.php?t=453618

0 Likes
pgold Absent Member.
Absent Member.

Re: Error syncing objects from edir to AD


Does it go in the Subscriber Channel placment policy or the publisher
channel. I assume the subscriber, and I pasted it in there (I figured
it out), but then the driver would not start. Should it have been in
the Publisher Channel?


--
pgold
------------------------------------------------------------------------
pgold's Profile: http://forums.novell.com/member.php?userid=114234
View this thread: http://forums.novell.com/showthread.php?t=453618

0 Likes
Knowledge Partner
Knowledge Partner

Re: Error syncing objects from edir to AD

On 3/21/2012 1:26 PM, pgold wrote:
>
> Does it go in the Subscriber Channel placment policy or the publisher
> channel. I assume the subscriber, and I pasted it in there (I figured
> it out), but then the driver would not start. Should it have been in
> the Publisher Channel?


Sub Placement right now. If you wanted users in a OU in AD to create a
user in a container in eDir you could reverse the logic in the Pub channel.

Reason the driver won't start is that the Map Token needs a valid DN for
the mapping rule.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.