I have a customized JDBC driver that needs to do a DN lookup based off a
WorkForce ID. the DN found will then be placed in the new users Manager
Attribute. Currenlty in my trace for new users from the pay roll system
the manager DN lookup occurs in IDM/Person/users. this shows in the
trace.

Action:
do-set-local-variable("local.manager",scope="policy",*arg-node-set(token-query(arg-dn("IDM\Person\Users"),arg-match-attr("workforceID",token-op-attr("managerWorkforceID"))))).*
[02/06/17 11:54:32.534]:Lawson PT:
arg-node-set(token-query(arg-dn("IDM\Person\Users"),arg-match-attr("workforceID",token-op-attr("managerWorkforceID"))))
[02/06/17 11:54:32.535]:Lawson PT:
token-query(arg-dn("IDM\Person\Users"),arg-match-attr("workforceID",token-op-attr("managerWorkforceID")))
[02/06/17 11:54:32.535]:Lawson PT:
arg-dn("IDM\Person\Users")
[02/06/17 11:54:32.535]:Lawson PT:
token-text("IDM\Person\Users")
[02/06/17 11:54:32.535]:Lawson PT: Arg Value:
"IDM\Person\Users".
[02/06/17 11:54:32.535]:Lawson PT:
arg-match-attr("workforceID",token-op-attr("managerWorkforceID"))
[02/06/17 11:54:32.535]:Lawson PT:
arg-string(token-op-attr("managerWorkforceID"))
[02/06/17 11:54:32.535]:Lawson PT:
token-op-attr("managerWorkforceID")
[02/06/17 11:54:32.535]:Lawson PT: Token Value:
"37756".
[02/06/17 11:54:32.536]:Lawson PT: Arg Value: "37756".
[02/06/17 11:54:32.536]:Lawson PT: Query from policy


Here is the issue, the code is set up to search IDM/Person. so if the
manager is not in the users OU they are never found.


<do-set-local-variable name="local.manager" scope="policy">
<arg-node-set>
<token-query>
<arg-dn>
<token-text xml:space="preserve">IDM\Person</token-text>
</arg-dn>
<arg-match-attr name="workforceID">
<arg-value type="string">
<token-op-attr name="managerWorkforceID"/>
</arg-value>
</arg-match-attr>
</token-query>
</arg-node-set>
</do-set-local-variable>
<do-set-local-variable name="local.email" scope="policy">
<arg-string>
<token-dest-attr name="Internet EMail Address">
<arg-dn>
<token-xpath expression="$local.manager/@src-dn"/>


I am not seeing why this is looking to the users OU and not Person OU.

Any help would be great


--
porteg
------------------------------------------------------------------------
porteg's Profile: https://forums.netiq.com/member.php?userid=11267
View this thread: https://forums.netiq.com/showthread.php?t=57317