Hi,

Adding stuff to a new user in AD with powershell can be tricky. The user
has to be properlu created first so I am moving my code (that is
working) to the itp policy set so we do it after creation.

Basicly copied the logic from the NOVLADENTEX-itp-Entitlemen policy and
do a set source using the association.
But it seems like the RL does not find the user even tough it reports
success since neither the attributes I try to write gets written or the
powershell commant gets executed.

What did I do wrong?

This is the code:
> <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC
> "policy-builder-dtd" "C:\Program Files
> (x86)\Novell\Designer\plugins\com.novell.idm.polic ybuilder_4.0.0.201401071232\DTD\dirxmlscript4.0.2. dtd"><policy>
> <rule>
> <description>Create Home Directory</description>
> <comment xml:space="preserve">Skapa hembibliotek direkt efter kontot
> r skapat i AD</comment>
> <conditions>
> <and>
> <if-operation op="equal">add-association</if-operation>
> </and>
> </conditions>
> <actions>
> <do-set-local-variable name="varADname" scope="policy">
> <arg-string>
> <token-dest-name/>
> </arg-string>
> </do-set-local-variable>
> <do-set-src-attr-value name="homeDrive">
> <arg-association>
> <token-xpath expression="./text()"/>
> </arg-association>
> <arg-value type="string">
> <token-global-variable name="idv.dit.data.homedrive"/>
> <token-text xml:space="preserve">:</token-text>
> </arg-value>
> </do-set-src-attr-value>
> <do-set-src-attr-value name="homeDirectory">
> <arg-association>
> <token-xpath expression="./text()"/>
> </arg-association>
> <arg-value type="string">
> <token-global-variable name="idv.dit.data.homedir"/>
> <token-text xml:space="preserve">\</token-text>
> <token-local-variable name="varADname"/>
> </arg-value>
> </do-set-src-attr-value>
> <do-set-src-attr-value name="PSexecute">
> <arg-association>
> <token-xpath expression="./text()"/>
> </arg-association>
> <arg-value type="string">
> <token-text xml:space="preserve">Invoke-Expression</token-text>
> <token-text xml:space="preserve"> -command </token-text>
> <token-text xml:space="preserve"> "</token-text>
> <token-global-variable name="idv.dit.data.PShomedirScript"/>
> <token-text xml:space="preserve"> -dirPath </token-text>
> <token-global-variable name="idv.dit.data.homedir"/>
> <token-text xml:space="preserve"> -name </token-text>
> <token-local-variable name="varADname"/>
> <token-text xml:space="preserve"> -domain </token-text>
> <token-global-variable name="drv.domain.name"/>
> <token-text xml:space="preserve">"</token-text>
> </arg-value>
> </do-set-src-attr-value>
> </actions>
> </rule>
> </policy>


This is the RL trace:

> DirXML: [02/25/15 11:15:57.06]: <nds dtdversion="4.0" ndsversion="8.x">
> <source>
> <product edition="Advanced" version="4.0.2.7">DirXML</product>
> <contact>Novell, Inc.</contact>
> </source>
> <input>
> <modify
> event-id="IDM01-VK#20150225101554#1#1:0f746953-0437-4815-888d-1efcf548a97b">
> <association>2286b3b31ed7d94ba05c75c18fc832ed</association>
> <modify-attr attr-name="homeDrive">
> <remove-all-values/>
> <add-value>
> <value type="string">H:</value>
> </add-value>
> </modify-attr>
> <modify-attr attr-name="homeDirectory">
> <remove-all-values/>
> <add-value>
> <value type="string">\\vk-fs01.varmdo.se\home$\ptepte</value>
> </add-value>
> </modify-attr>
> <modify-attr attr-name="PSexecute">
> <remove-all-values/>
> <add-value>
> <value type="string">Invoke-Expression -command
> "c:\novell\powershell\homedir.ps1 -dirPath \\vk-fs01.varmdo.se\home$
> -name ptepte -domain Varmdo"</value>
> </add-value>
> </modify-attr>
> </modify>
> </input>
> </nds>
> DirXML: [02/25/15 11:15:57.06]: ADDriver: parse command
>
> className
> destDN
> eventId
> IDM01-VK#20150225101554#1#1:0f746953-0437-4815-888d-1efcf548a97b
> association 2286b3b31ed7d94ba05c75c18fc832ed
> DirXML: [02/25/15 11:15:57.06]: ADDriver: parse modify class =
> DirXML: [02/25/15 11:15:57.06]: Loader: subscriptionShim->execute()
> returned:
> DirXML: [02/25/15 11:15:57.06]: Loader: XML Document:
> DirXML: [02/25/15 11:15:57.06]: <nds ndsversion="8.7" dtdversion="1.1">
> <source>
> <product version="4.0.0.2" asn1id="" build="20130813_120000"
> instance="\IDM\Res\DriverSetStandard\Varmdo ADM AD">AD</product>
> <contact>Novell, Inc.</contact>
> </source>
> <output>
> <status level="success"
> event-id="IDM01-VK#20150225101554#1#1:0f746953-0437-4815-888d-1efcf548a97b"/>
> </output>
> </nds>
>



--
joakim_ganse
------------------------------------------------------------------------
joakim_ganse's Profile: https://forums.netiq.com/member.php?userid=159
View this thread: https://forums.netiq.com/showthread.php?t=52916