This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Creating A new document from The current Document
Creating A new document from The current Document

Version management

Difference between version and

At line 1 added 126 lines
!!! Overview
Okay. The title is a little weird. (Old info ~ 2009-12-23)
The problem was that the current RACF driver (3.52) does not support setting a password when the user is created.
The good news, the next release of the driver, which should be soon, will.
Shows a [DirXML Example] and [XPATH Example].
!! Related
We have on occasion needed to [Convert DirXML Document] from one form to another.
!! Details
Back the the issue. We have a add document that looks like this:
{{{
<input>
<add class-name="User" event-id="plux0884#20091217161122#99#57" qualified-src-dn="dc=com\dc=willeke\OU=users\CN=GDR109" src-dn="\willekeIDV-LAB\com\willeke\users\GDR109" src-entry-id="42696">
<add-attr attr-name="willekeRACFAccount">
<value timestamp="1258656672#59" type="state">true</value>
</add-attr>
<add-attr attr-name="willekeRacfDefaultGroup">
<value timestamp="1258656671#126" type="string">DEPTGFR</value>
</add-attr>
<add-attr attr-name="willekeTargetIDMUser">
<value timestamp="1261066756#13" type="state">false</value>
</add-attr>
<add-attr attr-name="willekeUcode">
<value timestamp="1258656671#130" type="string">U9G004</value>
</add-attr>
<add-attr attr-name="Login Disabled">
<value timestamp="1258656671#111" type="state">false</value>
</add-attr>
<add-attr attr-name="nspmDistributionPassword">`
<value timestamp="1258984340#10" type="string">Mickey</value>
</add-attr>
<add-attr attr-name="preferredName">
<value timestamp="1258656671#7" type="string">aldo2</value>
</add-attr>
<add-attr attr-name="Surname">
<value timestamp="1258656671#21" type="string">Stellato2</value>
</add-attr>
<add-attr attr-name="workforceID">
<value timestamp="1258656671#6" type="string">GDR109</value>
</add-attr>
<password>password4User</password>
<operation-data op-sourceDN="\willekeIDV-LAB\com\willeke\users\GDR109"/>
</add>
</input>
}}}
Note: the current driver will put the <password> element in the document, when you set the destination password, it just does not do anything with it.
We need to end up with a document that looks something like this:
{{{
<modify-password class-name="User" event-id="plux0884#20091217161122#99#57xx" src-dn="\willekeIDV-LAB\com\willeke\users\GDR109">
<association>\willekeIDV-LAB\com\willeke\users\GDR109</association>
<password>password4User</password>
</modify-password>
}}}
The [DirXML Examples] of the code:
{{{
<rule>
<description>Convert adds of the nspmDistributionPassword attribute to password elements</description>
<comment xml:space="preserve">Creates a separate document for a modif-password operation that will follow the add document.</comment>
<comment name="author" xml:space="preserve">jim@willeke.com</comment>
<comment name="version" xml:space="preserve">13</comment>
<comment name="lastchanged" xml:space="preserve">2009-12-20</comment>
<conditions>
<and>
<if-operation op="equal">add</if-operation>
<if-op-attr name="nspmDistributionPassword" op="available"/>
</and>
</conditions>
<actions>
<!-- Change all add-attr elements for the nspmDistributionPassword attribute to password elements-->
<do-set-dest-password>
<arg-string>
<token-xpath expression="modify-attr[@attr-name='nspmDistributionPassword']//add-value//value"/>
</arg-string>
</do-set-dest-password>
<do-set-local-variable name="lv-thisuserdn" scope="policy">
<arg-string>
<token-src-dn/>
</arg-string>
</do-set-local-variable>
<do-append-xml-element expression=".." name="modify-password"/>
<do-set-xml-attr expression="../modify-password" name="class-name">
<arg-string>
<token-text xml:space="preserve">User</token-text>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../modify-password" name="event-id">
<arg-string>
<token-xpath expression="@event-id"/>
<token-text xml:space="preserve">xx</token-text>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../modify-password" name="src-dn">
<arg-string>
<token-local-variable name="lv-thisuserdn"/>
</arg-string>
</do-set-xml-attr>
<do-append-xml-element expression="../modify-password" name="association"/>
<do-append-xml-text expression="../modify-password/association">
<arg-string>
<token-local-variable name="lv-thisuserdn"/>
</arg-string>
</do-append-xml-text>
<do-append-xml-element expression="../modify-password" name="password"/>
<do-append-xml-text expression="../modify-password/password">
<arg-string>
<token-xpath expression="../add/password/text()"/>
</arg-string>
</do-append-xml-text>
<!-- Remove all add-attr elements for the nspmDistributionPassword attribute -->
<do-strip-op-attr name="nspmDistributionPassword"/>
<do-strip-xpath disabled="true" expression="../add/password"/>
</actions>
</rule>
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop