Need a little help.

AD -> eDir

What I have so for is that if user is created in AD they are not synced
until they are added to a group. Done working.

Now I need to delete a user in eDir if they are removed from an AD
group. How can intercept the reduction of members of a Group with a
if class equal Group
if operation equal modify
if oper attr member changing
if oper attr member not available

How do I intercept the values of the members and convert to a delete?



<nds dtdversion="2.2">
<source>
<product build="20120330_120000"
instance="\DEV_VAULT\la\iservices\idmdrivers\AD"
version="4.0.0.0">AD</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="Group" event-id="0"
src-dn="CN=DCF,OU=Users,OU=LA,DC=addev,DC=dcfdev">
<association>97065f16aac2c348ae5892f03e843cc7</association>
<modify-attr attr-name="Member">
<remove-value>
<value naming="false"
type="dn">\DEV_VAULT\la\vault\users\active\aidm2</value>
<value naming="false"
type="dn">\DEV_VAULT\la\vault\users\active\aidm3</value>
</remove-value>
</modify-attr>
</modify>
</input>
</nds>


Always appreciate the help.

Chad


--
ncisrael
------------------------------------------------------------------------
ncisrael's Profile: https://forums.netiq.com/member.php?userid=769
View this thread: https://forums.netiq.com/showthread.php?t=51975