First time trying the bidirectional driver (test environment, IDM 4.0.2)
to sync objects from the ID vault to an eDir LDAP auth store.

I used Designer to create a new driver set and a bidirectional driver,
using default config settings as far as possible.
On the vault and in the LDAP tree, user objects are stored in
ou=users,o=myorg & groups objects in ou=groups,o=myorg
After deploying the driver it did not start, complaining about missing
GCVs : idv.dit.data.users & idv.dit.data.groups

This GCV is used in the default matching policy on the subscriber
channel.
If this is a default value, why is it not populated by default?
How and where should it be added?

Also, I am struggling to understand the logic of the default matching
policy:
<if-src-dn op="in-subtree">~idv.dit.data.users~</if-src-dn>
When would the source DN be in this subtree? (Users in the vault are
created in users.myorg)
Is '~' some sort of wild card?

This error can be bypassed by replacing the references to
idv.dit.data.users & groups with containers which does exist in the
vault, but I would like to understand what the intention of the default
config is.

I am still troubleshooting further problems with the driver; looks like
I am running into some known bugs which are solved by IDM patches.
However I am running into permission errors when trying to download the
IDM patches from the Novell site.

Any help to explain things to this Noob will be appreciated.


--
hscheff
------------------------------------------------------------------------
hscheff's Profile: https://forums.netiq.com/member.php?userid=7118
View this thread: https://forums.netiq.com/showthread.php?t=51340