A Forum reader recently asked:

“I’m trying to place new Groupwise accounts in two different PO objects. One PO takes all users with CN’s beginning with A through K, the other takes L through Z. I’ve been playing with IDM Policy builder, but apart from creating a heap of separate rules for A through Z, I can’t really come up with a tidy solution. Does anyone have a good stylesheet suggestion for this?”

And here’s the response from Aaron Burgemeister …


You should only need (at most) two rules. The first rule should use a regular expression to say this:

if username starts with a character in the set (case insensitive) [a-k] put them in POAtoK

The second rule says the opposite. You could even take out the second condition and have a rule that just runs if it’s hit, assuming you break out of your policy after the first rule’s actions are run.

<if username starts with [a-k]>
  <do set placement in POAtoK />
  <break />
<do set placement in POLtoZ /> #Not reached if first rule runs because of the break.

Ta-da! Policy Builder should make this fairly simple. Tons of material is available online regarding regular expressions.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: ab
Apr 3, 2007
2:15 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow