I made the following code, which come out from OTP on a AD Driver.
Essentially what it does is, if there are more than one value in
telephone number from IDMVault, the first phone always go to
telephoneNumber, and the 2nd (or 3rd, and so on) will go to
otherTelephone in AD. I feel like this may not be the most efficient.
I thought I ping the experts here to see if things can get improve
here:

<rule>
<description>Add: User - convert multi-valued phone to 2
attributes</description>
<comment xml:space="preserve">If phone number has more than one value,
the first value always go to telephoneNumber, all other value(s) go to
otherTelephoneNumber</comment>
<conditions>
<and>
<if-operation op="equal">add</if-operation>
<if-op-attr name="telephoneNumber" op="available"/>
</and>
</conditions>
<actions>
<do-set-local-variable name="firstPhoneNumber" scope="policy">
<arg-string>
<token-xpath
expression="./add-attr[@attr-name='telephoneNumber']/value[1]"/>
</arg-string>
</do-set-local-variable>
<do-strip-op-attr disabled="true" name="telephoneNumber"/>
<do-set-dest-attr-value name="telephoneNumber">
<arg-value type="string">
<token-local-variable name="firstPhoneNumber"/>
</arg-value>
</do-set-dest-attr-value>
<do-for-each>
<arg-node-set>
<token-xpath
expression='modify-attr[@attr-name="telephoneNumber"]/add-value/value'/>
</arg-node-set>
<arg-actions>
<do-trace-message>
<arg-string>
<token-text xml:space="preserve">Telephone number
changes</token-text>
</arg-string>
</do-trace-message>
<do-set-local-variable name="currentTel" scope="policy">
<arg-string>
<token-xpath expression="$current-node"/>
</arg-string>
</do-set-local-variable>
<do-trace-message>
<arg-string>
<token-text xml:space="preserve">Current Telephone:
</token-text>
<token-local-variable name="currentTel"/>
</arg-string>
</do-trace-message>
<do-if>
<arg-conditions>
<and>
<if-local-variable mode="nocase" name="currentTel"
op="equal">$firstPhoneNumber$</if-local-variable>
</and>
</arg-conditions>
<arg-actions>
<do-trace-message>
<arg-string>
<token-text xml:space="preserve">First phone number not writing
to otherTelephoneNumber in AD</token-text>
</arg-string>
</do-trace-message>
</arg-actions>
<arg-actions>
<do-add-dest-attr-value class-name="User" name="otherTelephone">
<arg-value type="string">
<token-text xml:space="preserve">true</token-text>
</arg-value>
</do-add-dest-attr-value>
</arg-actions>
</do-if>
</arg-actions>
</do-for-each>
</actions>
</rule>


--
vzlchan
------------------------------------------------------------------------
vzlchan's Profile: https://forums.netiq.com/member.php?userid=4473
View this thread: https://forums.netiq.com/showthread.php?t=50702