I am trying to do a one way sync of accounts from my Vault to a remote
eDirectory server to be used as an LDAP source for our Web Applications.
I have entitlements turned on for Users and Groups. When I add a users
to a Group Entitlement it adds the user to the Group but fails to add
the Group to the User. I turned on Reciprocal Attribute mapping made no
change here isthe default code to add the groups


<do-for-each>

<do-for-each>
<arg-node-set>
<token-added-entitlement name="Group"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="assoc" scope="policy">
<arg-string>
<token-xpath
expression="es:getEntParamField($current-node,'ID')"/>
</arg-string>
</do-set-local-variable>
<do-add-dest-attr-value class-name="Group"
name="Member">
<arg-association>
<token-local-variable name="assoc"/>
</arg-association>
<arg-value type="dn">
<token-src-dn/>
</arg-value>
</do-add-dest-attr-value>

What do I need to add to modify Group Membership to the User.


--
stharp
------------------------------------------------------------------------
stharp's Profile: https://forums.netiq.com/member.php?userid=2709
View this thread: https://forums.netiq.com/showthread.php?t=47873