A Forum reader recently asked:

“The “Network Address” field is usually cleared of the previous value, but it is not reliably removed. I’m thinking about using the WorkOrder driver to schedule a <remove-all-values/> for that particular attribute to happen some number of hours after they log in. I was thinking it’d be better if I could schedule it for some number of minutes or hours after they log out.”

And here’s the response from Lothar Haeger …


Have you tried running a regular query for network addresses that have an attribute value timestamp older than xxx hours? You could use something like this:

<do-set-local-variable name="ExpireBefore" scope="policy">
    <token-xpath expression="round(jdate:getTime(jdate:new()) div 1000)-~GracePeriod~"/>
    <token-xpath expression='query:search($srcQueryProcessor, "~WksSearchScope~","","~WksSearchBase~","Workstation","Network Address","*","Network Address")[attr[@attr-name="Network Address"]/value/@timestamp<$ExpireBefore]'/>
    <do-clear-src-attr-value name="Network Address">
        <token-xpath expression="$current-node/@src-dn"/>

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: lhaeger
May 30, 2007
1:18 am
Active Directory Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management Knowledge Depot LDAP Migrating from Windows XP or 2003 to SUSE Linux Monitoring Open Enterprise Server Passwords Reporting Secure Access Sentinel Supported Troubleshooting Workflow