Handling Move Events and Associations with the Loopback Driver

lhaeger

By: lhaeger

August 29, 2007 3:36 am

Reads: 225

Comments:0

Rating:0

Problem

A Forum reader recently asked:

“How is it possible to handle a move event in a loopback driver when there is no association? I’ve read that one should not use associations with the loopback driver and just handle everything in the event transform. As I understand it, I need an association to get a move event – when I do a move, I just get a sync event.”

And here’s the response from Lothar Haeger …

Solution

That’s the easiest way in many cases, but it’s not forbidden to use association on a loopback driver. Actually it seems to be a good idea for what you want to do. You can simply add a subscriber matching policy like this:

<rule>
  <description>Match to self</description>
  <conditions/>
  <actions>
    <do-set-op-association>
      <arg-association>
        <token-src-attr name="GUID"/>
      </arg-association>
    </do-set-op-association>
    <do-add-association>
      <arg-association>
        <token-xpath expression="association/text()"/>
      </arg-association>
    </do-add-association>
  </actions>
</rule>

The loopback driver will behave a lot like any other “ordinary” driver. Don’t forget to add a rule like this as last subscriber command transform, too:

<rule>
  <description>Veto all</description>
    <conditions/>
  <actions>
    <do-veto/>
  </actions>
</rule>
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Tags: ,
Categories: Identity Manager, Technical Solutions

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Comment