Hi All

To cut a long story short, I have a prepopulated AD, created
indpendantly of eDir, there is no guarantee AD samaccountname matches
the eDir CN. I have to do a little jiggery pokery as CN in the vault is
not usable to match, but I do have a separate attribute I can use. At
this stage data validation isn't going to happen, so I want to achieve
three things

1, detect a from-merge, add a description to show it's been matched to
an eDir account.
2, on a merge event, I would like to have the AD attribs remain the
same, but I need the filter in place to cater for new adds.
3, move the merge user account to a new container, but adds will adhere
to a mapping table placement.
The biggest constraint I have is that two distinct support agencies own
the two different parts, one owns eDir and IDM, one owns AD, getting
changes in the vault is an almost impossible task as its a liner flow
model, the vault isn't the provisioning source, it's synched from
another edir instance, flow isn't bi-directional either.

My questions are:

1, Can I detect and act upon a from-merge event prior to the sub command
transform? I haven't been able to so far. I thought this might be more
efficient than going through the add process and rules and then going
through the merge processes.
2, Would this best be achieved by modifying the filter to support the
merge and add attribs will be created in a rule.
3, How do I stop a move on the subscriber channel spawning a resync or
vice versa?

Any ideas would be great.


JonH67's Profile: https://forums.netiq.com/member.php?userid=411
View this thread: https://forums.netiq.com/showthread.php?t=49715