Hello,

Sorry for the long post, I have following policy

Code:
--------------------

if class name equal "User"
and if source attribute 'CN' available

set local variable("userCN", scope="policy", Attribute("CN"))
set local variable("genUID", scope="policy", XPath("External:newUid()"))
add source attribute value("Object Class", "posixAccount")
set source attribute value("uidNumber", Local Variable("genUID"))
set source attribute value("gidNumber", Local Variable("genUID"))
set source attribute value("homeDirectory", Local Variable("userCN")
set source attribute value("loginShell", Global Configuration Value("gcvLoginShell"))
set source attribute value("UID", Local Variable("userCN")

--------------------


here is the input in trace log

Code:
--------------------

<nds dtdversion="3.5" ndsversion="8.x">
<source>
<product version="3.6.10.4747">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify class-name="User" dest-dn="\META-TEST\data\people\prj1736_sta" dest-entry-id="1528720" event-id="meta1#20150623170257#3#1">
<modify-attr attr-name="Object Class">
<add-value>
<value>posixAccount</value>
</add-value>
</modify-attr>
<modify-attr attr-name="uidNumber">
<remove-all-values/>
<add-value>
<value>100324362</value>
</add-value>
</modify-attr>
<modify-attr attr-name="gidNumber">
<remove-all-values/>
<add-value>
<value>100324362</value>
</add-value>
</modify-attr>
<modify-attr attr-name="homeDirectory">
<remove-all-values/>
<add-value>
<value>/home/prj1736_sta</value>
</add-value>
</modify-attr>
<modify-attr attr-name="loginShell">
<remove-all-values/>
<add-value>
<value>/bin/bash</value>
</add-value>
</modify-attr>
<modify-attr attr-name="UID">
<remove-all-values/>
<add-value>
<value>prj1736_sta</value>
</add-value>
</modify-attr>
</modify>
</input>
</nds>

--------------------

but it result in error
DirXML Log Event -------------------
Driver: \META-TEST\system\services\idm\driverset1\meta-null-posixattrs
Channel: Subscriber
Status: Error
Message: Code(-9010) An exception occurred: novell.jclient.JCException:
modifyEntry -609 ERR_MISSING_MANDATORY

Then I thought maybe because it is missing ndsLoginProperties object
class, which is parent class of posixAccount, so I added following
action

Code:
--------------------

add source attribute value("Object Class", "ndsLoginProperties")

--------------------

but it result in different error
DirXML Log Event -------------------
Driver: \META-TEST\system\services\idm\driverset1\meta-null-posixattrs
Channel: Subscriber
Status: Error
Message: Code(-9010) An exception occurred: novell.jclient.JCException:
modifyEntry -628 ERR_OBJECT_CLASS_VIOLATION

I think it is probably because both the creation and my driver are
adding ndsLoginProperties at the same time causing the error, because
without my driver running, I see the new creation has ndsLoginProperties
as one of the values in object class, but the problem is I search
through entire driverset, can't find where in the object class is added
during creation.

I initially posted my problem onto eDirectory forum, thanks for David
Gersic to point me out to the correct forum

Thank for the help


--
yiqian
------------------------------------------------------------------------
yiqian's Profile: https://forums.netiq.com/member.php?userid=9901
View this thread: https://forums.netiq.com/showthread.php?t=53772