Anonymous_User Absent Member.
Absent Member.
153 views

edir-edir many to one groups

Looking for ideas to combine many groups in our primary tree to a single
group in the fault.

internet.groups.site1
internet.groups.site2
->
internet.groups.vault

and

vpn.groups.site1
vpn.groups.site2
->
vpn.groups.vault

thanks

Labels (1)
0 Likes
2 Replies
Anonymous_User Absent Member.
Absent Member.

Re: edir-edir many to one groups

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Have you seen this thread from last week?

http://forums.novell.com/showthread.php?t=455074

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPn+vGAAoJEF+XTK08PnB5ZQ0QAMUgmltY23QnoB7R+J4205kz
pAdvlB2wLgY8QWUvzF1u8quq2N20HG6fkpa7+wOJoQPomEratqgux5qkJNKFGHvn
sqnkqwaFRWG7QUr2Rvf5tFc9wifF3BpgNx4cO/8ERTrZZT8GAds5xomEwxVsp8PO
I89NtS5+BfAfPA2J0IVmK6i5w2V1kLOHM35gslkKjEvTadcDbGdS9lEhxw010ofT
yQu0Fwf7x5vLtKRF9Zvy0QpbNZQMJ9En9xPuPp0LJeR5hfhhhhd2hkVaYebvmH5U
7u/zQmQdUPINAEUue2k2bkcgbcAHmt692XOcbZMbSN13ukUIOfmBuxmL6wJ7zXst
o48/ZE+oyp6y5nMGABpmp5/SALSCKcPT36WyZu/nmPqHecESHNrAAa8ONMd4xMc3
A9PWb9XmsYdlbz6k/BLSZb481DEO67chc6KjljDQgiZxu8DTfysTumAdZD2bD2Dn
JQfpVfc4THNgvsShno3EtsdBht1s6ewqU+blYH84nlL7TdfwdztL8CPR2ywZczMS
BgM57f2GLzGV7s8/cPVqa0PRezpX7icKsISaFHwMDtiyFuH2vWfJjQcOdRRtVCIJ
M1QjxCr9Nw5ucR6s5/tmtd8aJ9mmVrT3PIFe+2NPIsbQYfFGnOGQwHZXnPQR8y6m
lVll3rysq+a4MvNe37IO
=RIqd
-----END PGP SIGNATURE-----
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: edir-edir many to one groups


Great. So I was able to follow the lead from the link and came up with
see XML below. Now two groups in the primary tree sync to one group in
the valut. however if i delete one group in the primary tree it deletes
the group in the vault. The vault group needs to stay because other
groups are assocated with it.

How to remove the users from the vault group that were members in the
primary tree group that was deleted and just remove the association
frome the vault object that points to the deleted group on the primary
tree.
any guidance?



<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC "policy-
builder-dtd" "C:\Program Files (x86)\Novell\Designer\plugins
\com.novell.idm.policybuilder_4.0.0.201104051747\DTD
\dirxmlscript4.0.1.dtd"><policy>
<rule>
<description>combine many groups to one</description>
<comment xml:space="preserve">Search to see if only one
group with an association already exists in the vault. if not break and
create it. if so then add an asociation</comment>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">Group
</if-class-name>
<if-src-dn op="in-subtree">la\test\</if-src-
dn>
</and>
</conditions>
<actions>
<do-if>
<arg-conditions>
<and>
<if-dest-dn op="not-
available"/>
</and>
</arg-conditions>
<arg-actions>
<do-find-matching-object
scope="subtree">
<arg-dn>
<token-text
xml:space="preserve">la\vault\groups</token-text>
</arg-dn>
<arg-match-attr name="CN"/>
</do-find-matching-object>
<do-if>
<arg-conditions>
<and>
<if-xml-attr
mode="regex" name="dest-dn" op="equal">\uFFFC</if-xml-attr>
</and>
</arg-conditions>
<arg-actions>
<do-for-each>
<arg-node-set>
<token-
query class-name="Group">

<arg-match-attr name="CN"/>
</token-
query>
</arg-node-set>
<arg-actions>
<do-set-
local-variable name="destgrup" scope="policy">

<arg-string>

<token-xpath expression="$current-node/@src-dn"/>

</arg-string>
</do-set-
local-variable>
<do-add-
association direct="true">

<arg-dn>

<token-local-variable name="destgrup"/>

</arg-dn>

<arg-association>

<token-association/>

</arg-association>
</do-add-
association>
</arg-actions>
</do-for-each>
<do-strip-xpath
expression="."/>
</arg-actions>
<arg-actions>
<do-break/>
</arg-actions>
</do-if>
</arg-actions>
<arg-actions/>
</do-if>
</actions>
</rule>
</policy>
In article <aZRnr.13$EH6.6@kovat.provo.novell.com>, ab@novell.com
says...
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Have you seen this thread from last week?
>
> http://forums.novell.com/showthread.php?t=455074
>
> Good luck.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.18 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBAgAGBQJPn+vGAAoJEF+XTK08PnB5ZQ0QAMUgmltY23QnoB7R+J4205kz
> pAdvlB2wLgY8QWUvzF1u8quq2N20HG6fkpa7+wOJoQPomEratqgux5qkJNKFGHvn
> sqnkqwaFRWG7QUr2Rvf5tFc9wifF3BpgNx4cO/8ERTrZZT8GAds5xomEwxVsp8PO
> I89NtS5+BfAfPA2J0IVmK6i5w2V1kLOHM35gslkKjEvTadcDbGdS9lEhxw010ofT
> yQu0Fwf7x5vLtKRF9Zvy0QpbNZQMJ9En9xPuPp0LJeR5hfhhhhd2hkVaYebvmH5U
> 7u/zQmQdUPINAEUue2k2bkcgbcAHmt692XOcbZMbSN13ukUIOfmBuxmL6wJ7zXst
> o48/ZE+oyp6y5nMGABpmp5/SALSCKcPT36WyZu/nmPqHecESHNrAAa8ONMd4xMc3
> A9PWb9XmsYdlbz6k/BLSZb481DEO67chc6KjljDQgiZxu8DTfysTumAdZD2bD2Dn
> JQfpVfc4THNgvsShno3EtsdBht1s6ewqU+blYH84nlL7TdfwdztL8CPR2ywZczMS
> BgM57f2GLzGV7s8/cPVqa0PRezpX7icKsISaFHwMDtiyFuH2vWfJjQcOdRRtVCIJ
> M1QjxCr9Nw5ucR6s5/tmtd8aJ9mmVrT3PIFe+2NPIsbQYfFGnOGQwHZXnPQR8y6m
> lVll3rysq+a4MvNe37IO
> =RIqd
> -----END PGP SIGNATURE-----



0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.