I am running IDM 3.5.1 on Netware 6.5 SP8, Using Version 3.5.3 of the GroupWise Driver connecting to a Remote Loader located on a Windows 2008 R2 server which is also the host of the GroupWise Primary Domain.¬* Using primarily the policies created by installing a new GW Driver in Designer¬*and enabling the External User Policies.
¬*
I am trying to configure the GroupWise Driver to create and maintain external users in an External Domain and Post Office I have already created in¬*using Console1.¬* The users do have an existing eDirectory account which they use for authentication to the external mail system.¬*
¬*
The largest stumbling block I have encountered was¬*the requirement for Class name¬*= GroupWise External User, in pretty much every condition for rules pertaining to external users¬* (I don't know how to set the class name to external).¬* Fortunately, because all of these accounts are in nested OU's within a single isolated OU, I have replaced the Class name condition with a Source DN condition.¬* So it appears to be creating the external users properly.¬*
¬*
However, I have approximately 5000 existing accounts within the External Post Office which were imported using the GWEUI tool.¬* I cannot seem to get the Matching Policy to identify the¬*existing accounts.¬* I think it has something to do with matching the NGW: GroupWise ID attribute.¬* Because they are external¬*users they do not appear to have a GroupWise ID.¬* They do however appear to have a GroupWise mailbox¬*ID when their External User object is viewed¬*the ConsoleOne from the GroupWise Plugin.¬*
¬*
If I attempt to modify¬*an eDirectory user that has an existing external User object in GroupWise the matching fails because it cannot find the NGW: GroupWise ID.¬* So it attempts to create a new one only to find that it exists.¬* (Therefore, the driver association is never made).
¬*
Any suggestions on how I can get around this, or should I just delete the 5000 existing external users at 3:00AM , and allow the driver to re-populate.¬* If I do that what is the best way to trigger a mass synchronization?¬* ¬*
¬*
I have pasted a Level 3 Trace from a failed user match at:
¬*
http://pastebin.com/kzQfXBTB
Which includes the Trace Output, the Remote Loader Log, and NLIST output of the user being tested.
Thank You!