I am trying to add one custom role at the time of user creation in
Identity vault. I am using jdbc driver. I have written the following
policy in command transform:

<rule>
<description>assignRoles</description>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
<if-operation disabled="true" mode="case"
op="equal">add</if-operation>
</and>
</conditions>
<actions>
<do-add-role id="CN=userappadmin,OU=services,O=system"
role-id="CN=whfRole1,CN=Level30,CN=RoleDefs,CN=RoleConf ig,CN=AppConfig,CN=UserApplication,CN=driverset,OU =idm,O=system"
url="http://10.*.*.58:8180/IDMProv">
<arg-password>
<token-text xml:space="preserve">P@ssw0rd</token-text>
</arg-password>
<arg-dn>
<token-text xml:space="preserve">cn=</token-text>
<token-local-variable name="attrCN"/>
<token-text
xml:space="preserve">,ou=users,o=dev1,c=us</token-text>
</arg-dn>
</do-add-role>
</actions>
</rule>

However I getting the following error in the trace:

DirXML Log Event -------------------
Driver: \PDS-DEV\system\idm\driverset\JDBC_LAWSON
Channel: Publisher
Object: EMPLOYEE=112,table=EMPLOYEE_TABLE,schema=TEST_USER
(us\dev1\users\jtest_user12)
Status: Error
Message: Code(-9205) Error in
vnd.nds.stream://PDS-DEV/system/idm/driverset/JDBC_LAWSON/Publisher/pub-ctp-assignDefaultRoles#XmlData:11
: Couldn't request assignment of role:
'CN=whfRole1,CN=Level30,CN=RoleDefs,CN=RoleConfig, CN=App
Config,CN=UserApplication,CN=driverset,OU=idm,O=sy stem' to identity:
'cn=jtest_user12,ou=users,o=dev1,c=us':
com.novell.nds.dirxml.soap.UserAppClientException:
com.novell.nds.dirxml.soap.rolestubs.NrfServiceExc eption={_Reason=DAL
communi
cation error.}

Can anybody explain me the reason and the fix.


--
joydeepg
------------------------------------------------------------------------
joydeepg's Profile: https://forums.netiq.com/member.php?userid=7638
View this thread: https://forums.netiq.com/showthread.php?t=51266