This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
IDM Manage Posix Attributes
IDM Manage Posix Attributes

Version management

Difference between version and

At line 1 added 907 lines
!!! Overview
The client want to provide uid and gid values while and maintain the MemberUID values.
Shows a [DirXML Example] and [XPATH Example] for working with [{$pagename}].
{{{
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC "policy-builder-dtd" "C:\novell\Designer\eclipse\plugins\com.novell.designer.idm.oldpolicybuilder_2.0.0.200710261247\DTD\dirxmlscript.dtd"><policy xmlns:query="http://www.novell.com/nxsl/java/com.novell.nds.dirxml.driver.XdsQueryProcessor">
<rule>
<description>Regenerate GID number for Groups</description>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">Group</if-class-name>
<if-op-attr name="gidNumber" op="equal">999999999</if-op-attr>
</and>
</conditions>
<actions>
<do-set-local-variable name="lastGIDUsed">
<arg-string>
<token-src-attr name="nwLastGIDused">
<arg-dn>
<token-global-variable name="GIDNumberCounterDN"/>
</arg-dn>
</token-src-attr>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lastGIDUsed">
<arg-string>
<token-xpath expression="$lastGIDUsed + 1"/>
</arg-string>
</do-set-local-variable>
<do-set-src-attr-value name="nwLastGIDused">
<arg-dn>
<token-global-variable name="GIDNumberCounterDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lastGIDUsed"/>
</arg-value>
</do-set-src-attr-value>
<do-set-src-attr-value name="gidNumber">
<arg-value type="string">
<token-local-variable name="lastGIDUsed"/>
</arg-value>
</do-set-src-attr-value>
</actions>
</rule>
<rule>
<description>Generate GID number for new Groups</description>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">Group</if-class-name>
<if-operation op="equal">add</if-operation>
</and>
</conditions>
<actions>
<do-set-local-variable name="lastGIDUsed">
<arg-string>
<token-src-attr name="nwLastGIDused">
<arg-dn>
<token-global-variable name="GIDNumberCounterDN"/>
</arg-dn>
</token-src-attr>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lastGIDUsed">
<arg-string>
<token-xpath expression="$lastGIDUsed + 1"/>
</arg-string>
</do-set-local-variable>
<do-set-src-attr-value name="nwLastGIDused">
<arg-dn>
<token-global-variable name="GIDNumberCounterDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lastGIDUsed"/>
</arg-value>
</do-set-src-attr-value>
<do-add-src-attr-value name="Object Class">
<arg-value type="string">
<token-text xml:space="preserve">posixGroup</token-text>
</arg-value>
</do-add-src-attr-value>
<do-add-src-attr-value name="gidNumber">
<arg-value type="string">
<token-local-variable name="lastGIDUsed"/>
</arg-value>
</do-add-src-attr-value>
</actions>
</rule>
<rule>
<description>Generate UID number on User Modify</description>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
<if-op-attr name="uidNumber" op="equal">999999999</if-op-attr>
</and>
</conditions>
<actions>
<do-set-local-variable name="lastUIDUsed">
<arg-string>
<token-src-attr name="nwLastUIDused">
<arg-dn>
<token-global-variable name="UIDNumberCounterDN"/>
</arg-dn>
</token-src-attr>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lastUIDUsed">
<arg-string>
<token-xpath expression="$lastUIDUsed + 1"/>
</arg-string>
</do-set-local-variable>
<do-set-src-attr-value name="nwLastUIDused">
<arg-dn>
<token-global-variable name="UIDNumberCounterDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lastUIDUsed"/>
</arg-value>
</do-set-src-attr-value>
<do-set-src-attr-value name="uidNumber">
<arg-value type="string">
<token-local-variable name="lastUIDUsed"/>
</arg-value>
</do-set-src-attr-value>
</actions>
</rule>
<rule>
<description>Set default user data - on User Create</description>
<conditions>
<and>
<if-class-name mode="nocase" op="equal">User</if-class-name>
<if-operation op="equal">add</if-operation>
</and>
</conditions>
<actions>
<do-set-local-variable name="lastUIDUsed">
<arg-string>
<token-src-attr name="nwLastUIDused">
<arg-dn>
<token-global-variable name="UIDNumberCounterDN"/>
</arg-dn>
</token-src-attr>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lastUIDUsed">
<arg-string>
<token-xpath expression="$lastUIDUsed + 1"/>
</arg-string>
</do-set-local-variable>
<do-set-src-attr-value name="nwLastUIDused">
<arg-dn>
<token-global-variable name="UIDNumberCounterDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lastUIDUsed"/>
</arg-value>
</do-set-src-attr-value>
<do-add-src-attr-value name="Object Class">
<arg-value type="string">
<token-text xml:space="preserve">posixAccount</token-text>
</arg-value>
</do-add-src-attr-value>
<do-set-src-attr-value name="uidNumber">
<arg-value type="string">
<token-local-variable name="lastUIDUsed"/>
</arg-value>
</do-set-src-attr-value>
<do-set-src-attr-value name="homeDirectory">
<arg-value type="string">
<token-global-variable name="DefaultUserHomeDirectory"/>
<token-src-attr name="uniqueID"/>
</arg-value>
</do-set-src-attr-value>
<do-set-src-attr-value name="gidNumber">
<arg-value type="string">
<token-global-variable name="DefaultUserGID"/>
</arg-value>
</do-set-src-attr-value>
<do-set-src-attr-value name="loginShell">
<arg-value type="string">
<token-global-variable name="DefaultShell"/>
</arg-value>
</do-set-src-attr-value>
<do-add-src-attr-value name="Object Class">
<arg-value type="string">
<token-text xml:space="preserve">shadowAccount</token-text>
</arg-value>
</do-add-src-attr-value>
</actions>
</rule>
<rule>
<description>PosixGroup - Member Changing - Update Group MemberUID &amp; User Group Membership</description>
<conditions>
<and>
<if-class-name op="equal">Group</if-class-name>
<if-op-attr name="Member" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="Member"/>
</arg-node-set>
<arg-actions>
<do-add-src-attr-value class-name="Group" name="memberUid">
<arg-value type="string">
<token-parse-dn length="1" start="-1">
<token-local-variable name="current-node"/>
</token-parse-dn>
</arg-value>
</do-add-src-attr-value>
<do-add-src-attr-value name="Group Membership">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="Member"/>
</arg-node-set>
<arg-actions>
<do-remove-src-attr-value class-name="Group" name="memberUid">
<arg-value type="string">
<token-parse-dn length="1" start="-1">
<token-local-variable name="current-node"/>
</token-parse-dn>
</arg-value>
</do-remove-src-attr-value>
<do-set-local-variable name="lvUserUID">
<arg-string>
<token-parse-dn length="1" start="-1">
<token-local-variable name="current-node"/>
</token-parse-dn>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $lvUserUID, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="Group Membership">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-src-dn/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>PosixGroup - memberUID Changing - Update Group Member</description>
<conditions>
<and>
<if-class-name op="equal">Group</if-class-name>
<if-op-attr name="memberUid" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="memberUid"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $current-node, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$result/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">Results eq </token-text>
<token-local-variable name="lvDN"/>
</arg-string>
</do-trace-message>
<do-add-src-attr-value name="Member">
<arg-value type="dn">
<token-local-variable name="lvDN"/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="memberUid"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $current-node, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$result/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">Results eq </token-text>
<token-local-variable name="lvDN"/>
</arg-string>
</do-trace-message>
<do-remove-src-attr-value name="Member">
<arg-value type="string">
<token-local-variable name="lvDN"/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>User - Group Membership Changing - Update Group Member &amp; Group memberUID</description>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-op-attr name="Group Membership" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="Group Membership"/>
</arg-node-set>
<arg-actions>
<do-add-src-attr-value name="Member">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn/>
</arg-value>
</do-add-src-attr-value>
<do-add-src-attr-value name="memberUid">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn length="1" start="-1"/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="Group Membership"/>
</arg-node-set>
<arg-actions>
<do-remove-src-attr-value name="Member">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn/>
</arg-value>
</do-remove-src-attr-value>
<do-remove-src-attr-value name="memberUid">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn length="1" start="-1"/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>SudoRole - SudoUser Changing - update user sudoRole Membership</description>
<conditions>
<and>
<if-class-name op="equal">sudoRole</if-class-name>
<if-op-attr name="sudoUser" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="sudoUser"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $current-node, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$result/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">Results eq </token-text>
<token-local-variable name="lvDN"/>
</arg-string>
</do-trace-message>
<do-add-src-attr-value name="nwSudoMembership">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="dn">
<token-src-dn/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="sudoUser"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $current-node, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$result/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">Results eq </token-text>
<token-local-variable name="lvDN"/>
</arg-string>
</do-trace-message>
<do-remove-src-attr-value name="nwSudoMembership">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-src-dn/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>User - nwSudoMembership Changing - Update SudoRole sudoUser</description>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-op-attr name="nwSudoMembership" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="nwSudoMembership"/>
</arg-node-set>
<arg-actions>
<do-add-src-attr-value name="sudoUser">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn length="1" start="-1"/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="nwSudoMembership"/>
</arg-node-set>
<arg-actions>
<do-remove-src-attr-value name="sudoUser">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-src-dn length="1" start="-1"/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>nisNetGroup - nisNetGroupTriple Changing - update user nwNetGroupMembership</description>
<conditions>
<and>
<if-class-name op="equal">nisNetGroup</if-class-name>
<if-op-attr name="nisNetGroupTriple" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="nisNetGroupTriple"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvFormatedNisTriple">
<arg-string>
<token-replace-all regex="[-(),]">
<token-local-variable name="current-node"/>
</token-replace-all>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $lvFormatedNisTriple, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$result/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">Results eq </token-text>
<token-local-variable name="lvDN"/>
</arg-string>
</do-trace-message>
<do-add-src-attr-value name="nwNetGroupMembership">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="dn">
<token-src-dn/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="nisNetGroupTriple"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvFormatedNisTriple">
<arg-string>
<token-replace-all regex="[-(),]">
<token-local-variable name="current-node"/>
</token-replace-all>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="result">
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "User", "uniqueID", $lvFormatedNisTriple, "DN")'/>
</arg-node-set>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-local-variable name="result"/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$result/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">Results eq </token-text>
<token-local-variable name="lvDN"/>
</arg-string>
</do-trace-message>
<do-remove-src-attr-value name="nwNetGroupMembership">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-src-dn/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>User - nwNetGroupMembership Changing - Update NetGroup nisNetGroupTriple</description>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-op-attr name="nwNetGroupMembership" op="changing"/>
</and>
</conditions>
<actions>
<do-for-each>
<arg-node-set>
<token-op-attr name="nwNetGroupMembership"/>
</arg-node-set>
<arg-actions>
<do-add-src-attr-value name="nisNetGroupTriple">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-text xml:space="preserve">(-,</token-text>
<token-src-dn length="1" start="-1"/>
<token-text xml:space="preserve">,)</token-text>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-removed-attr name="nwNetGroupMembership"/>
</arg-node-set>
<arg-actions>
<do-remove-src-attr-value name="nisNetGroupTriple">
<arg-dn>
<token-local-variable name="current-node"/>
</arg-dn>
<arg-value type="string">
<token-text xml:space="preserve">(-,</token-text>
<token-src-dn length="1" start="-1"/>
<token-text xml:space="preserve">,)</token-text>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>User Deleted - Remove from SudoRoles, NetGroups, &amp; Groups</description>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-operation op="equal">delete</if-operation>
</and>
</conditions>
<actions>
<do-set-local-variable name="lvUserUID">
<arg-string>
<token-src-dn length="1" start="-1"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lvUserNisNetGroupTriple">
<arg-string>
<token-text xml:space="preserve">(-,</token-text>
<token-local-variable name="lvUserUID"/>
<token-text xml:space="preserve">,)</token-text>
</arg-string>
</do-set-local-variable>
<do-for-each>
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "nisNetGroup", "nisNetGroupTriple", $lvUserNisNetGroupTriple, "DN")'/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="nisNetGroupTriple">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-text xml:space="preserve">(-,</token-text>
<token-local-variable name="lvUserUID"/>
<token-text xml:space="preserve">,)</token-text>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "SudoRole", "SudoUser", $lvUserUID, "DN")'/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="sudoUser">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvUserUID"/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "Group", "memberUID", $lvUserUID, "DN")'/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="memberUid">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvUserUID"/>
</arg-value>
</do-remove-src-attr-value>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>User Rename - Update Groups, NetGroups, &amp; Sudo Roles</description>
<conditions>
<and>
<if-class-name op="equal">User</if-class-name>
<if-operation op="equal">rename</if-operation>
</and>
</conditions>
<actions>
<do-set-local-variable name="lvOldUID">
<arg-string>
<token-parse-dn length="1" start="-1">
<token-xpath expression="@old-src-dn"/>
</token-parse-dn>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lvNewUID">
<arg-string>
<token-xpath expression="new-name"/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lvOldNisNetGroupTriple">
<arg-string>
<token-text xml:space="preserve">(-,</token-text>
<token-local-variable name="lvOldUID"/>
<token-text xml:space="preserve">,)</token-text>
</arg-string>
</do-set-local-variable>
<do-trace-message level="3">
<arg-string>
<token-text xml:space="preserve">New Name = </token-text>
<token-local-variable name="lvNewUID"/>
<token-text xml:space="preserve"> Old Name = </token-text>
<token-local-variable name="lvOldUID"/>
</arg-string>
</do-trace-message>
<do-for-each>
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "Group", "memberUID", $lvOldUID, "DN")'/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="memberUid">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvOldUID"/>
</arg-value>
</do-remove-src-attr-value>
<do-add-src-attr-value name="memberUid">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvNewUID"/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "SudoRole", "sudoUser", $lvOldUID, "DN")'/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="sudoUser">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvOldUID"/>
</arg-value>
</do-remove-src-attr-value>
<do-add-src-attr-value name="sudoUser">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvNewUID"/>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
<do-for-each>
<arg-node-set>
<token-xpath expression='query:search($srcQueryProcessor, "subtree", "", "", "nisNetGroup", "nisNetGroupTriple", $lvOldNisNetGroupTriple, "DN")'/>
</arg-node-set>
<arg-actions>
<do-set-local-variable name="lvDN">
<arg-string>
<token-xpath expression="$current-node/@src-dn"/>
</arg-string>
</do-set-local-variable>
<do-remove-src-attr-value name="nisNetGroupTriple">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-local-variable name="lvOldNisNetGroupTriple"/>
</arg-value>
</do-remove-src-attr-value>
<do-add-src-attr-value name="nisNetGroupTriple">
<arg-dn>
<token-local-variable name="lvDN"/>
</arg-dn>
<arg-value type="string">
<token-text xml:space="preserve">(-,</token-text>
<token-local-variable name="lvNewUID"/>
<token-text xml:space="preserve">,)</token-text>
</arg-value>
</do-add-src-attr-value>
</arg-actions>
</do-for-each>
</actions>
</rule>
<rule>
<description>BlockFurtherAction</description>
<conditions>
<and>
<if-op-attr name="audio" op="not-available"/>
</and>
</conditions>
<actions>
<do-veto/>
</actions>
</rule>
</policy>
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop