Skip to main content

NetIQ IDM - Query Entitlement value from another driver


Wanted to share very important peice of code shared by Microfocus employee "Dhaval" in the NetIQ support forums
Ref:

 https://forums.novell.com/showthread.php/504380-Check-driver-entitlement-from-another-driver

<actions> <do-set-local-variable name="entitlementDN" scope="policy"> <arg-string> <token-text xml:space="preserve">entitlement DN you want</token-text> </arg-string> </do-set-local-variable> <do-set-local-variable name="prevEntRef" scope="policy"> <arg-node-set> <token-query class-name="User" scope="entry"> <arg-dn> <token-dest-dn /> </arg-dn> <arg-string> <token-text xml:space="preserve">DirXML-EntitlementRef</token-text> </arg-string> </token-query> </arg-node-set> </do-set-local-variable> <do-for-each> <arg-node-set> <token-local-variable name="prevEntRef" /> </arg-node-set> <arg-actions> <do-if> <arg-conditions> <and> <if-xpath op="true">$current-node/attr/value[component[@name="volume"]/text()=$entitlementDN and component[@name="nameSpace"]/text()="1"]</if-xpath> </and> </arg-conditions> <arg-actions> <do-set-local-variable name="isGranted" scope="policy"> <arg-string> <token-text xml:space="preserve">true</token-text> </arg-string> </do-set-local-variable> </arg-actions> <arg-actions> <do-set-local-variable name="isGranted" scope="policy"> <arg-string> <token-text xml:space="preserve">false</token-text> </arg-string> </do-set-local-variable> </arg-actions> </do-if> </arg-actions> </do-for-each> </actions>

Comments

Post a Comment

Popular posts from this blog

NetIQ IDM - Adding operation-data to subscriber command transformaiton custom commands

Recently i had to execute EOL cmdlets using psexecute though new NetIQ azure ad driver, since this operation is fire and forget in nature, i would like to track whole request and response for my own generated commands from subscriber command transofrmaiton policy, so i solved it by following policy: < do-set-dest-attr-value direct = "true" name = "psexecute" > < arg-association > < token-resolve datastore = "src" > < arg-dn > < token-text xml:space = "preserve" > {userref} </ token-text > </ arg-dn > </ token-resolve > </ arg-association > < arg-value type = "string" > < token-local-variable name = "cmdlet" /> </ arg-value > </ do-set-dest-attr-value > < do-append-xml-element expression = "../modify[@direct]" na
2 comments
Read more

NetIQ IDM - JDBC driver - SQL calls from driver (Publisher channel) using XSLT

Recently I was working on a task where we had to call some SQL statements from publisher channel on a JDBC driver to different tables than the ones driver was configured to sync. The official documentation suggest to achieve this using jdbc-statement but it only schedules them on the subscriber channel, best suited for calling some SQL for stored procedure. The way I solved it was using XSLT and enabling Subscriber channel. On the publisher  Command Transformation Channel , I have following XSLT: < xsl:stylesheet xmlns:xsl = "http://www.w3.org/1999/XSL/Transform" xmlns:jdbc = "urn:dirxml:jdbc" xmlns:query = "http://www.novell.com/nxsl/java/com.novell.nds.dirxml.driver.XdsQueryProcessor" version = "1.0" > < xsl:param name = "srcQueryProcessor" /> < xsl:param name = "destQueryProcessor" /> < xsl:template match = "node()|@*" > < xsl:copy > &
Post a Comment
Read more