Hi all,

I am looking for the best way to do the following:

We have a driver that connects to a system that creates a group for
each role in the application. I then want to create a system role in the
UserApplication (Class = nrfRole) as well as a Resource then link them
using the ResourceAssociation object.
So that is 3 new objects for each Group.

I have been able to do each with an LDIF import, the most complex was
creating the ResourceAssociation, but that was solved by a colleague.

I have started on creating the role, but I am getting an error:


Code:
--------------------
12:55:24 8416710 Drvrs: Fenix Role Administration ST:Applying policy: sub-ctp-CreateRole.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Applying to add #1.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Evaluating selection criteria for rule 'CreateRole'.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Rule selected.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Applying rule 'CreateRole'.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Action: do-trace-message(level="0","LOOK HERE").
12:55:24 8416710 Drvrs: Fenix Role Administration ST: arg-string("LOOK HERE")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("LOOK HERE")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "LOOK HERE".
12:55:24 8416710 Drvrs: Fenix Role Administration ST:LOOK HERE
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Action: do-add-src-object(class-name="nrfRole",arg-dn(token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name()))).
12:55:24 8416710 Drvrs: Fenix Role Administration ST: arg-dn(token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name()))
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("firstrand\fnb\services\DriverSet\UserApplica tion\AppConfig\RoleConfig\RoleDefs\Level20\Connect ed Systems\Fenix\")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("*")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-src-name()
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Token Value: "Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "firstrand\fnb\services\DriverSet\UserApplication\ AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Token Value: "firstrand'\fnb'\services'\DriverSet'\UserApplicat ion'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Con nected Systems'\Fenix'\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "firstrand'\fnb'\services'\DriverSet'\UserApplicat ion'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Con nected Systems'\Fenix'\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Action: do-set-dest-attr-value("nrfRoleLevel",arg-dn(token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())),"20").
12:55:24 8416710 Drvrs: Fenix Role Administration ST: arg-dn(token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name()))
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("firstrand\fnb\services\DriverSet\UserApplica tion\AppConfig\RoleConfig\RoleDefs\Level20\Connect ed Systems\Fenix\")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("*")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-src-name()
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Token Value: "Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "firstrand\fnb\services\DriverSet\UserApplication\ AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Token Value: "firstrand'\fnb'\services'\DriverSet'\UserApplicat ion'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Con nected Systems'\Fenix'\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "firstrand'\fnb'\services'\DriverSet'\UserApplicat ion'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Con nected Systems'\Fenix'\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: arg-string("20")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("20")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "20".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Action: do-set-dest-attr-value("nrfRoleCategoryKey",arg-dn(token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())),"frgFenix").
12:55:24 8416710 Drvrs: Fenix Role Administration ST: arg-dn(token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name()))
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-escape-for-src-dn("firstrand\fnb\services\DriverSet\UserApplicati on\AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\"+"*"+token-src-name())
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("firstrand\fnb\services\DriverSet\UserApplica tion\AppConfig\RoleConfig\RoleDefs\Level20\Connect ed Systems\Fenix\")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("*")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-src-name()
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Token Value: "Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "firstrand\fnb\services\DriverSet\UserApplication\ AppConfig\RoleConfig\RoleDefs\Level20\Connected Systems\Fenix\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Token Value: "firstrand'\fnb'\services'\DriverSet'\UserApplicat ion'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Con nected Systems'\Fenix'\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "firstrand'\fnb'\services'\DriverSet'\UserApplicat ion'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Con nected Systems'\Fenix'\*Asset Cost Centre Owner".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: arg-string("frgFenix")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: token-text("frgFenix")
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Arg Value: "frgFenix".
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Direct command from policy
12:55:24 8416710 Drvrs: Fenix Role Administration ST:
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.0.1.0">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<add class-name="nrfRole" dest-dn="firstrand'\fnb'\services'\DriverSet'\UserAppli cation'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\ Connected Systems'\Fenix'\*Asset Cost Centre Owner" event-id="RBGDEVIDV101#20120228105524#1#1:a00c5cb5-0e92-4692-3cac-b55c0ca0920e"/>
</input>
</nds>
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Pumping XDS to eDirectory.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Performing operation add for firstrand'\fnb'\services'\DriverSet'\UserApplicati on'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Conn ected Systems'\Fenix'\*Asset Cost Centre Owner.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: --JCLNT-- \FRGDEVIDV\firstrand\fnb\services\DriverSet\Fenix Role Administration : Duplicating : context = 133169248, tempContext = 133169242
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Adding entry firstrand'\fnb'\services'\DriverSet'\UserApplicati on'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Conn ected Systems'\Fenix'\*Asset Cost Centre Owner.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Creating RDN firstrand'\fnb'\services'\DriverSet'\UserApplicati on'\AppConfig'\RoleConfig'\RoleDefs'\Level20'\Conn ected Systems'\Fenix'\*Asset Cost Centre Owner in context ..
12:55:24 8416710 Drvrs: Fenix Role Administration ST: --JCLNT-- \FRGDEVIDV\firstrand\fnb\services\DriverSet\Fenix Role Administration : Calling free on tempContext = 133169242
02/28/12
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Processing returned document.
12:55:24 8416710 Drvrs: Fenix Role Administration ST: Processing operation <status> for .
12:55:24 8416710 Drvrs: Fenix Role Administration ST:
DirXML Log Event -------------------
Driver: \FRGDEVIDV\firstrand\fnb\services\DriverSet\Fenix Role Administration
Channel: Subscriber
Object: \FRGDEVIDV\firstrand\fnb\applications\fenix\actors \Asset Cost Centre Owner
Status: Error
Message: Code(-9010) An exception occurred: novell.jclient.JCException: createEntry -334 ERR_RDN_TOO_LONG
--------------------


The strange thing is, I am able to create the Role using the LDIF
import with exactly the same name... Am I doing something worng in my
code??

The last bit of info I need is regarding removing the
ResourceAssociation... Since the name of the object is not constant,
(made up of a time stamop and a UUID) can someone suggest a programatic
way to remove the ResourceAssociation if the group is deleted??
Maybe by creating an association for each object? Is that even possible
to have one group "associated" to 3 other objects on 1 driver?

Thanks in advance!

Regards,
Craig Cikara


--
ccikara
------------------------------------------------------------------------
ccikara's Profile: http://forums.novell.com/member.php?userid=86966
View this thread: http://forums.novell.com/showthread.php?t=452715