Home

Results 1 to 8 of 8

Thread: eDir2eDir ou placement policy

  1. #1
    Join Date
    May 2011
    Posts
    32

    eDir2eDir ou placement policy


    Dear everybody,

    I hope you can help me with the following problem:

    We have a eDir (with hierarchy) to eDir (with hierarchy). The sync is
    working.

    But there is one problem: The hierarchy on the first eDir is not the
    same as the hierarchy on the second eDir.

    eDir1: DE\SAMPLE\TEST

    DC=DE, OU=SAMPLE, OU=TEST

    is in the second

    eDir2: DE\SAMPLE\01.

    DC=DE, OU=SAMPLE, OU=01

    My first idea: publisher-placement-policy with mapping-table. I hope
    this is correct?

    I found a sample xml-script for a rule which I a have modified a bit (i
    don't know if this is correct):

    <rule>
    <description>Organizational Unit Placement Policy by Mapping
    Table</description>
    <conditions>
    <and>
    <if-class-name mode="nocase" op="equal">Organizational
    Unit</if-class-name>
    <if-src-dn op="in-subtree">DE\SAMPLE</if-src-dn>
    </and>
    </conditions>
    <actions>
    <do-set-op-dest-dn>
    <arg-dn>
    <token-src-dn convert="true" length="1" start="-1"/>
    <token-text xml:space="preserve">,</token-text>
    <token-map dest="destination" src="source"
    table="..\ou-placement-table">
    <token-op-attr name="L"/>
    </token-map>
    </arg-dn>
    </do-set-op-dest-dn>
    </actions>
    </rule>

    and a placement table like this:

    <mapping-table>
    <col-def name="source" type="nocase"/>
    <col-def name="destination" type="nocase"/>
    <row>
    <col>TEST</col>
    <col>OU=01,OU=SAMPLE,DC=DE</col>
    </row>
    </mapping-table>

    Can you help and show me how to create a mapping?


    --
    robertmeier83
    ------------------------------------------------------------------------
    robertmeier83's Profile: http://forums.novell.com/member.php?userid=110605
    View this thread: http://forums.novell.com/showthread.php?t=448296


  2. #2

    Re: eDir2eDir ou placement policy

    On Wed, 16 Nov 2011 15:46:02 +0000, robertmeier83 wrote:

    > But there is one problem: The hierarchy on the first eDir is not the
    > same as the hierarchy on the second eDir.
    >
    > eDir1: DE\SAMPLE\TEST
    >
    > DC=DE, OU=SAMPLE, OU=TEST
    >
    > is in the second
    >
    > eDir2: DE\SAMPLE\01.
    >
    > DC=DE, OU=SAMPLE, OU=01


    Interesting. So, conceptually, how do you decide that users from OU=TEST
    go in OU=01? Is there a 1:1 mapping between these two hierarchical
    structures, only with different naming?


    > My first idea: publisher-placement-policy with mapping-table. I hope
    > this is correct?


    Sure, that'd work.


    > I found a sample xml-script for a rule which I a have modified a bit (i
    > don't know if this is correct):
    >
    > <rule>
    > <description>Organizational Unit Placement Policy by Mapping
    > Table</description>
    > <conditions>
    > <and>
    > <if-class-name mode="nocase" op="equal">Organizational
    > Unit</if-class-name>
    > <if-src-dn op="in-subtree">DE\SAMPLE</if-src-dn> </and>
    > </conditions>
    > <actions>
    > <do-set-op-dest-dn>
    > <arg-dn>
    > <token-src-dn convert="true" length="1" start="-1"/> <token-text
    > xml:space="preserve">,</token-text> <token-map dest="destination"
    > src="source" table="..\ou-placement-table">
    > <token-op-attr name="L"/>
    > </token-map>
    > </arg-dn>
    > </do-set-op-dest-dn>
    > </actions>
    > </rule>


    You're using the value of 'L', why? Does it contain useful information?

    Let's see a level 3 trace of an <add> operation being processed by your
    rule, so we can see what information you have to start with, and the
    results of processing it.


    > and a placement table like this:
    >
    > <mapping-table>
    > <col-def name="source" type="nocase"/> <col-def name="destination"
    > type="nocase"/>
    > <row>
    > <col>TEST</col>
    > <col>OU=01,OU=SAMPLE,DC=DE</col>
    > </row>
    > </mapping-table>
    >
    > Can you help and show me how to create a mapping?


    Given that this is eDirectory, you want your dest dn in slash format, not
    LDAP, so:

    > <col>OU=01,OU=SAMPLE,DC=DE</col>


    should be:

    > <col>DC=DE\OU=SAMPLE\OU=01</col>



    --
    ---------------------------------------------------------------------------
    David Gersic dgersic_@_niu.edu
    Novell Knowledge Partner http://forums.novell.com

    Please post questions in the newsgroups. No support provided via email.


  3. #3
    Join Date
    May 2011
    Posts
    32

    Re: eDir2eDir ou placement policy


    Hello dgersic,

    thanks for your answer!


    dgersic;2154365 Wrote:
    > On Wed, 16 Nov 2011 15:46:02 +0000, robertmeier83 wrote:
    >
    > > But there is one problem: The hierarchy on the first eDir is not the
    > > same as the hierarchy on the second eDir.
    > >
    > > eDir1: DE\SAMPLE\TEST
    > >
    > > DC=DE, OU=SAMPLE, OU=TEST
    > >
    > > is in the second
    > >
    > > eDir2: DE\SAMPLE\01.
    > >
    > > DC=DE, OU=SAMPLE, OU=01

    >
    > Interesting. So, conceptually, how do you decide that users from
    > OU=TEST
    > go in OU=01? Is there a 1:1 mapping between these two hierarchical
    > structures, only with different naming?
    >
    >
    > Yes exactly.
    >
    >
    >
    > > My first idea: publisher-placement-policy with mapping-table. I hope
    > > this is correct?

    >
    > Sure, that'd work.
    >
    >
    > > I found a sample xml-script for a rule which I a have modified a bit

    > (i
    > > don't know if this is correct):
    > >
    > > <rule>
    > > <description>Organizational Unit Placement Policy by Mapping
    > > Table</description>
    > > <conditions>
    > > <and>
    > > <if-class-name mode="nocase" op="equal">Organizational
    > > Unit</if-class-name>
    > > <if-src-dn op="in-subtree">DE\SAMPLE</if-src-dn> </and>
    > > </conditions>
    > > <actions>
    > > <do-set-op-dest-dn>
    > > <arg-dn>
    > > <token-src-dn convert="true" length="1" start="-1"/> <token-text
    > > xml:space="preserve">,</token-text> <token-map dest="destination"
    > > src="source" table="..\ou-placement-table">
    > > <token-op-attr name="L"/>
    > > </token-map>
    > > </arg-dn>
    > > </do-set-op-dest-dn>
    > > </actions>
    > > </rule>

    >
    > You're using the value of 'L', why? Does it contain useful
    > information?
    >
    >
    > No - the value 'L' is not necessary. I oversight it, when i used the
    > sample.
    >
    >
    > Let's see a level 3 trace of an <add> operation being processed by
    > your
    > rule, so we can see what information you have to start with, and the
    > results of processing it.
    >
    >
    > Not yet tested. I will try it now with your hints. I wasn't sure if my
    > approach is correct (idm beginner).
    >
    >
    >
    > > and a placement table like this:
    > >
    > > <mapping-table>
    > > <col-def name="source" type="nocase"/> <col-def name="destination"
    > > type="nocase"/>
    > > <row>
    > > <col>TEST</col>
    > > <col>OU=01,OU=SAMPLE,DC=DE</col>
    > > </row>
    > > </mapping-table>
    > >
    > > Can you help and show me how to create a mapping?

    >
    > Given that this is eDirectory, you want your dest dn in slash format,
    > not
    > LDAP, so:
    >
    > > <col>OU=01,OU=SAMPLE,DC=DE</col>

    >
    > should be:
    >
    > > <col>DC=DE\OU=SAMPLE\OU=01</col>

    >
    >
    >
    > Thanks for your help!
    >
    > --
    > ---------------------------------------------------------------------------
    > David Gersic
    > dgersic_@_niu.edu
    > Novell Knowledge Partner
    > http://forums.novell.com
    >
    > Please post questions in the newsgroups. No support provided via
    > email.



    --
    robertmeier83
    ------------------------------------------------------------------------
    robertmeier83's Profile: http://forums.novell.com/member.php?userid=110605
    View this thread: http://forums.novell.com/showthread.php?t=448296


  4. #4
    Join Date
    May 2011
    Posts
    32

    Re: eDir2eDir ou placement policy


    Hello,

    help - i can't get it working. My policy (the rule in there) reads like
    this:

    <rule>
    <description>Organizational Unit Placement Policy by Mapping
    Table</description>
    <conditions>
    <and>
    <if-class-name mode="nocase" op="equal">User</if-class-name>
    <if-src-dn op="in-subtree">DE\Sample</if-src-dn>
    </and>
    </conditions>
    <actions>
    <do-set-op-dest-dn>
    <arg-dn>
    <token-map dest="destination" src="source"
    table="..\ou-placement-table" />
    </arg-dn>
    </do-set-op-dest-dn>
    </actions>
    </rule>

    The Trace-Log (Level 3) I can see, that the rule is selected and looks
    up in the ou-placement-table. But nothing happens.

    http://www.baynetwork.xenonserver.de/trace_log_edir.png

    Unfortunately only as picture available.

    My mapping table reads:

    ou-placement-table

    <mapping-table>
    <col-def name="source" type="nocase" />
    <row>
    <col>C=DE\O=Sample\OU=I</col>
    <col>C=DE\O=Sample\OU=01</col>
    </row>
    <col-def name="destination" type="nocase" />
    </mapping-table>

    It is a 1:1 mapping.

    Is the "no-dn-generated" a problem, because there is no entry found in
    the table? How to handle
    entries which are not an the table?


    --
    robertmeier83
    ------------------------------------------------------------------------
    robertmeier83's Profile: http://forums.novell.com/member.php?userid=110605
    View this thread: http://forums.novell.com/showthread.php?t=448296


  5. #5
    Join Date
    Jan 2009
    Location
    Stavanger, Norway
    Posts
    1,729

    Re: eDir2eDir ou placement policy

    On 18.11.2011 12:46, robertmeier83 wrote:
    > help - i can't get it working. My policy (the rule in there) reads like
    > this:
    >
    > <rule>
    > <description>Organizational Unit Placement Policy by Mapping
    > Table</description>
    > <conditions>
    > <and>
    > <if-class-name mode="nocase" op="equal">User</if-class-name>
    > <if-src-dn op="in-subtree">DE\Sample</if-src-dn>
    > </and>
    > </conditions>
    > <actions>
    > <do-set-op-dest-dn>
    > <arg-dn>
    > <token-map dest="destination" src="source"
    > table="..\ou-placement-table" />
    > </arg-dn>
    > </do-set-op-dest-dn>
    > </actions>
    > </rule>
    >
    > The Trace-Log (Level 3) I can see, that the rule is selected and looks
    > up in the ou-placement-table. But nothing happens.


    Your problem is you have used a verb (token-map) without specifying a
    noun for it to act on.


    In the earlier example, the noun was <token-op-attr name="L"/>

    From what I understand of your logic, maybe it's src-dn that is the
    noun you are trying to act on (or part of the src-dn)

    For example:

    <rule>
    <description>Organizational Unit Placement Policy by Mapping
    Table</description>
    <conditions>
    <and>
    <if-class-name mode="nocase" op="equal">User</if-class-name>
    <if-src-dn op="in-subtree">DE\Sample</if-src-dn>
    </and>
    </conditions>
    <actions>
    <do-set-op-dest-dn>
    <arg-dn>
    <token-map dest="destination" src="source"
    table="..\ou-placement-table">
    <token-src-dn/>
    </token-map>
    </arg-dn>
    </do-set-op-dest-dn>
    </actions>
    </rule>

  6. #6
    Join Date
    May 2011
    Posts
    32

    Re: eDir2eDir ou placement policy


    Hello alexmchugh,

    yes - you are right. So I will try this and give you a response.

    Thanks for your tip.


    --
    robertmeier83
    ------------------------------------------------------------------------
    robertmeier83's Profile: http://forums.novell.com/member.php?userid=110605
    View this thread: http://forums.novell.com/showthread.php?t=448296


  7. #7

    Re: eDir2eDir ou placement policy

    On Fri, 18 Nov 2011 11:46:02 +0000, robertmeier83 wrote:


    > Is the "no-dn-generated" a problem, because there is no entry found in
    > the table? How to handle
    > entries which are not an the table?


    Usually, I assign the result of token-map to a variable, so I can check
    it to see if I got anything. If nothing returned, the variable is empty,
    and I can react (send email, establish a default, veto because it's an
    error, etc.) to it.


    --
    ---------------------------------------------------------------------------
    David Gersic dgersic_@_niu.edu
    Novell Knowledge Partner http://forums.novell.com

    Please post questions in the newsgroups. No support provided via email.


  8. #8

    Re: eDir2eDir ou placement policy

    On Fri, 18 Nov 2011 11:46:02 +0000, robertmeier83 wrote:

    > <arg-dn>
    > <token-map dest="destination" src="source" table="..\ou-placement-table"
    > />
    > </arg-dn>


    Your token-map isn't being told to map anything. You need to add
    something for it to map the source to.



    --
    ---------------------------------------------------------------------------
    David Gersic dgersic_@_niu.edu
    Novell Knowledge Partner http://forums.novell.com

    Please post questions in the newsgroups. No support provided via email.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •