I'm trying to get a SOAP driver to trigger a re-sync/migrate event on a
single user when specific criteria are met. I've read several articals
that clearly explain the process, e.g:


Using LDIF I have managed to manually set the DirXML-Associations value
as a migrate status (#4#) and this triggers the user to be processed by
the driver the same as if migrating from the IDV.

However, when I set the DirXML-Associations value directly from policy
it does nothing, and the driver does not process. The association value
then gets stuck as "migrate" and the driver is not interested.
I'm sure the values are the same as I viewed the object in
ApacheDirectoryStudio and iManager. The value shown is exactly the same
as when setting it via an LDIF import. To test again I copied the value
set by the driver rule, then deleted and re-added the exact same value
using an LDAP browser and the driver processed the migrate function.

Does anyone know if this is caused by me writing the DirXML-Associations
value from the sub-itp? I have it here as it is using the returned Doc
from the connected system to decide if this needs to be set or not. If
it returns an error then I strip the existing DirXML-Association value
and add this to force it to re-process without an association value.

The Rule is below:

<if-dest-dn op="in-container">OU\student</if-dest-dn>
<do-remove-association direct="true">
<token-dest-attr name="UnI:regno"/>
<do-add-dest-attr-value direct="true" name="DirXML-Associations">
<arg-value type="structured">
<arg-component name="volume">
<token-global-variable name="gcv.DirXMLDriverDN"/>
<arg-component name="nameSpace">
<token-text xml:space="preserve">4</token-text>
<arg-component name="path"/>

Jevans78's Profile: https://forums.netiq.com/member.php?userid=7684
View this thread: https://forums.netiq.com/showthread.php?t=54135