A Forum reader recently asked:

“Our Notes admin has created a custom/user-defined field in his Notes database that I would like to access/use/work-with in IDM. If the Notes field name is “LocationID”, how do I access this within IDM, since it does not appear in the “schema mapping area”? (The field is a 3-digit numeric value that defines a specific location, and each location has its own 3-digit number.)

Can anyone provide advice / code examples on referencing this custom Notes field and using an ‘If LocationID=101 then do’ type of operation?”

And here’s the response from Novell’s Perry Nuffer …


There are many ways to accomplish your task. Most of the ways use relatively simple methods of data translation and manipulation that are built into your driver configuration, using the existing Identity Manager policy tool set. These tools are esy to use when you understand how data flows between the Idnetity Vault and an application.

Check here for more details:

Given your description so far, there are still too many unknowns. Questions that can narrow your approach to the solution are:

  • What is the origin of the LocationID data?
  • Is it stored in the Identity vault?
  • Does the field need to be synchronized on the subscriber channel, publisher
    channel, or both?

Adjusting the driver filter and schema map may be your easiest solution, and you may not even have to implement any other specialized policies. You may also be able to easily leverage DirXMLScript’s do-reformat-op-attr to get the job done.

Below is an example of a specialized policy. In the policy, the Identity Vault Location ‘L’ attribute with value of 100 within eDirectory is set as the “Location ID” field within Lotus Notes. Also note that the arg-value is of type “int” instead of “string”. This should allow the value to be stored in the Notes database as a number instead of a text string (as per your
original post).

  <description>Set Notes user's LocationID field</description>
      <if-class-name op="equal">User</if-class-name>
      <if-op-attr name="L" op="equal">100</if-op-attr>
    <do-set-dest-attr-value class-name="User" name="LocationID">
      <arg-value type="int">
        <token-op-attr name="L"/>
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: pnuffer
Apr 25, 2007
5:30 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow