Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Anonymous_User Absent Member.
Absent Member.
310 views

GW - Handling of parent OU renames - Any ideas?

Hello,

Maybe someone have an idea about what I could do?

In edirectory, when an OU is being renamed, (by a workflow, in any case
not by console one with gw snapins).
The gw accounts of the users in the OU now have another location than the
gw database thinks.

Which attribute should I sync to reflect the new location of the objects
to groupwise?
(I thought about looping through the users and tell gw about the new
locations)
Or perhaps someone have an even better approach?
Labels (1)
0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: GW - Handling of parent OU renames - Any ideas?

Nicolai,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://forums.novell.com/

0 Likes
Knowledge Partner
Knowledge Partner

Re: GW - Handling of parent OU renames - Any ideas?

On Fri, 23 Mar 2012 14:59:46 +0000, Nicolai Jensen wrote:

> Maybe someone have an idea about what I could do?


No good ones, really, as I haven't tried this myself.


> In edirectory, when an OU is being renamed, (by a workflow, in any case
> not by console one with gw snapins).
> The gw accounts of the users in the OU now have another location than
> the gw database thinks.


Yes, that seems like it could be a problem. It's somewhat equivalent to a
<move>, really. You might be able to watch for the <rename> on the OU,
then query for and loop through all User objects under that OU,
synthesizing <move> events for each one, to be sent down the Subscriber
to GroupWise.


> Which attribute should I sync to reflect the new location of the objects
> to groupwise?


I'm not sure, but I don't think there is one. But walk through the driver
and see how it handles <move> events. That should provide some clues as
to what you need to do.

Be sure to let us know how it turns out. It's an interesting problem.


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.novell.com

Please post questions in the forums. No support provided via email.

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: GW - Handling of parent OU renames - Any ideas?

On Wed, 28 Mar 2012 21:30:02 +0000, David Gersic wrote:

> On Fri, 23 Mar 2012 14:59:46 +0000, Nicolai Jensen wrote:
>


>
> I'm not sure, but I don't think there is one. But walk through the
> driver and see how it handles <move> events. That should provide some
> clues as to what you need to do.
>
> Be sure to let us know how it turns out. It's an interesting problem.


Seems the shim is doing stuff. I base this assumption on the trace snippet
below:

processMoveEvent>attrs = {58004=58004: gifax.Fagsekretariat Social og
Arbejdsmarked.afdeling.rh.xyz.dk, 50094=50094: gifax.Fagsekretariat Social
og Arbejdsmarked.afdeling.rh.xyz.dk}

That leads me to believe that the gw attributes in question is both 58004
and 50094

Anyway, when I get to it, it will post the result here for reference.
0 Likes
6525036 Super Contributor.
Super Contributor.

Re: GW - Handling of parent OU renames - Any ideas?


Nicolai Jensen;2186018 Wrote:
> On Wed, 28 Mar 2012 21:30:02 +0000, David Gersic wrote:
>
>
> Anyway, when I get to it, it will post the result here for reference.


Ok, perhaps I should use "clone xpath" or a stylesheet, but exactly
this seems to work. Nice-ification must come later.
As the first rule on the event on st I did this (not completely
verified yet, but it seems to work). Quite a lot of xpath in dirxml
script.

<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC
"policy-builder-dtd"
"/home/nj/designer/plugins/com.novell.idm.policybuilder_4.0.0.201112021135/DTD/dirxmlscript3.6.1.dtd"><policy>
<rule>
<description>OUs only</description>
<conditions>
<and>
<if-class-name mode="nocase" op="not-equal">Organizational
Unit</if-class-name>
</and>
</conditions>
<actions>
<do-break/>
</actions>
</rule>
<rule>
<description>Renames Only</description>
<conditions>
<and>
<if-operation mode="case" op="not-equal">rename</if-operation>
</and>
</conditions>
<actions>
<do-veto/>
</actions>
</rule>
<rule>
<description>Get Old Names</description>
<conditions>
<and/>
</conditions>
<actions>
<do-set-local-variable name="lOldSrc" scope="policy">
<arg-string>
<token-xpath expression="@old-src-dn"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lQOldSrc" scope="policy">
<arg-string>
<token-xpath expression="@qualified-old-src-dn"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lQSrcDN" scope="policy">
<arg-string>
<token-xpath expression="@qualified-src-dn"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lSrcDN" scope="policy">
<arg-string>
<token-xpath expression="@qualified-src-dn"/>
</arg-string>
</do-set-local-variable>
</actions>
</rule>
<rule>
<description>User List</description>
<conditions>
<and/>
</conditions>
<actions>
<do-set-local-variable name="lUserList" scope="policy">
<arg-node-set>
<token-query datastore="src" scope="subordinates">
<arg-dn>
<token-src-dn/>
</arg-dn>
<arg-match-attr name="NGW: Object ID">
<arg-value type="string">
<token-text xml:space="preserve">*</token-text>
</arg-value>
</arg-match-attr>
</token-query>
</arg-node-set>
</do-set-local-variable>
</actions>
</rule>
<rule>
<description>Process Users</description>
<conditions>
<and/>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-local-variable name="lUserList"/>
</arg-node-set>
<arg-actions>
<do-append-xml-element expression=".." name="sync"/>
<do-set-xml-attr expression="../sync[last()]" name="class-name">
<arg-string>
<token-text xml:space="preserve">User</token-text>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../sync[last()]" name="src-dn">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../sync[last()]"
name="qualified-src-dn">
<arg-string>
<token-xpath expression="$current-node/@qualified-src-dn"/>
</arg-string>
</do-set-xml-attr>
<do-append-xml-element expression="../sync[last()]"
name="association"/>
<do-append-xml-text
expression="../sync[last()]/association[last()]">
<arg-string>
<token-xpath expression="$current-node/association"/>
</arg-string>
</do-append-xml-text>
<do-set-xml-attr expression="../sync[last()]/association[last()]"
name="state">
<arg-string>
<token-text xml:space="preserve">associated</token-text>
</arg-string>
</do-set-xml-attr>
<do-append-xml-element expression="../sync[last()]"
name="operation-data"/>
<do-append-xml-element
expression="../sync[last()]/operation-data[last()]" name="from-sync"/>
<do-append-xml-text
expression="../sync[last()]/operation-data[last()]/from-sync[last()]">
<arg-string>
<token-text xml:space="preserve">true</token-text>
</arg-string>
</do-append-xml-text>
<do-append-xml-element expression=".." name="move"/>
<do-set-xml-attr expression="../move[last()]" name="class-name">
<arg-string>
<token-text xml:space="preserve">User</token-text>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../move[last()]" name="src-dn">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr disabled="true" expression="../sync[last()]"
name="from-move" notrace="true">
<arg-string>
<token-text xml:space="preserve">true</token-text>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../move[last()]"
name="qualified-src-dn">
<arg-string>
<token-xpath expression="$current-node/@qualified-src-dn"/>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../move[last()]" name="old-src-dn">
<arg-string>
<token-local-variable name="lOldSrc"/>
<token-text xml:space="preserve">\</token-text>
<token-src-attr name="CN">
<arg-dn>
<token-xpath expression="$current-node/@src-dn"/>
</arg-dn>
</token-src-attr>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../move[last()]"
name="qualified-old-src-dn">
<arg-string>
<token-parse-dn dest-dn-format="qualified-slash">
<token-local-variable name="lOldSrc"/>
<token-text xml:space="preserve">\</token-text>
<token-src-attr name="CN">
<arg-dn>
<token-xpath expression="$current-node/@src-dn"/>
</arg-dn>
</token-src-attr>
</token-parse-dn>
</arg-string>
</do-set-xml-attr>
<do-append-xml-element expression="../move[last()]"
name="association"/>
<do-set-xml-attr expression="../move[last()]/association[last()]"
name="state">
<arg-string>
<token-text xml:space="preserve">associated</token-text>
</arg-string>
</do-set-xml-attr>
<do-append-xml-text
expression="../move[last()]/association[last()]">
<arg-string>
<token-xpath expression="$current-node/association"/>
</arg-string>
</do-append-xml-text>
<do-append-xml-element expression="../move[last()]"
name="parent"/>
<do-set-xml-attr expression="../move[last()]/parent[last()]"
name="src-dn">
<arg-string>
<token-local-variable name="lSrcDN"/>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../move[last()]/parent[last()]"
name="qualified-src-dn">
<arg-string>
<token-local-variable name="lQSrcDN"/>
</arg-string>
</do-set-xml-attr>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>Veto OUs</description>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">Organizational
Unit</if-class-name>
</and>
</conditions>
<actions>
<do-veto/>
</actions>
</rule>
</policy>


--
6525036
------------------------------------------------------------------------
6525036's Profile: http://forums.novell.com/member.php?userid=8060
View this thread: http://forums.novell.com/showthread.php?t=453837

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.