A Forum reader recently asked:

“I want to synchronize some Boolean attributes with IDM3 to an OpenLDAP directory. Doing so, I get the error “value #0 invalid per syntax”. I found out that Boolean values in NDS are stored in lowercase letters (true/false) but OpenLDAP requires uppercase values (TRUE/FALSE) according to RFC 2252, section 6.4.

I there a way to change all Boolean attributes from NDS to uppercase values for OpenLDAP in general? Or do I need to change each attribute separately?”

And here’s a solution from Father Ramon …


You can use something like this in an output transformation policy:

  <description>convert boolean values to upper case</description>
     <token-xpath expression="value[@type='state']"/>
     <do-set-local-variable name="uppervalue">
        <token-local-variable name="current-node"/>
     <do-strip-xpath expression="$current-node/text()"/>
     <do-append-xml-text expression="$current-node">
       <token-local-variable name="uppervalue"/>
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: coolguys
Sep 20, 2006
12:00 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow