I am trying to do a one way sync of accounts from my Vault to a remote
eDirectory server to be used as an LDAP source for our Web Applications.
I have entitlements turned on for Users and Groups. When I add a users
to a Group Entitlement it adds the user to the Group but fails to add
the Group to the User. I turned on Reciprocal Attribute mapping made no
change here isthe default code to add the groups


<token-added-entitlement name="Group"/>
<do-set-local-variable name="assoc" scope="policy">
<do-add-dest-attr-value class-name="Group"
<token-local-variable name="assoc"/>
<arg-value type="dn">

What do I need to add to modify Group Membership to the User.

stharp's Profile: https://forums.netiq.com/member.php?userid=2709
View this thread: https://forums.netiq.com/showthread.php?t=47873