3. Content Rule
( entitlements ? , connections ? )
The <entitlement-configuration> node contains the metadata about the various entitlements for a driver.
<entitlement-configuration modified="20121004122936">
<entitlements>
<entitlement resource-mapping-state="add" parameter-format="legacy" dn="CN=ExchangeMailbox,CN=Active Directory,CN=driverset1,dc=idm,dc=services,dc=system" resource-mapping="true" role-mapping="true">
<type id="mailbox" name="mailbox" category="other account">
<display-name>
<value langCode="EN">Mailbox</value>
</display-name>
</type>
</entitlement>
<entitlement resource-mapping-state="pending" parameter-format="idm4" dn="CN=Group,CN=Active Directory,CN=driverset1,dc=idm,dc=services,dc=system" resource-mapping="true" role-mapping="true">
<type id="group" name="group" category="security grouping">
<display-name>
<value langCode="EN">Group</value>
</display-name>
</type>
<parameters>
<parameter mandatory="true" name="ID" source="read-attr" source-name="ID"/>
<parameter mandatory="true" name="ID2" source="src-dn"/>
</parameters>
<member-assignment-extensions>
<query-attr name="query-type">entitlement-assignment</query-attr>
<query-xml>
<read-attr attr-name="member"/>
</query-xml>
</member-assignment-extensions>
<query-extensions>
<query-attr name="extension-type">data</query-attr>
<query-xml>
<read-attr attr-name="owner"/>
<read-attr attr-name="sAMAccountName"/>
</query-xml>
</query-extensions>
</entitlement>
<entitlement dn="CN=UserAccount,CN=Active Directory,CN=driverset1,dc=idm,dc=services,dc=system" resource-mapping="true" role-mapping="true">
<type id="user" name="account" category="security account">
<display-name>
<value langCode="EN">User</value>
</display-name>
</type>
<member-assignment-query>
<query-attr name="query-type">entitlement-assignment</query-attr>
<query-xml>
<nds dtdversion="2.0">
<input>
<query class-name="User" scope="subtree">
<search-class class-name="User"/>
<read-attr/>
</query>
</input>
</nds>
</query-xml>
</member-assignment-query>
<query-extensions>
<query-attr name="extension-type">accounts</query-attr>
<query-xml>
<read-attr attr-name="dirxml-uACAccountDisable"/>
<read-attr attr-name="userPrincipalName"/>
<read-attr attr-name="sAMAccountName"/>
</query-xml>
</query-extensions>
<account>
<account-id source="read-attr" source-name="sAMAccountName"/>
<account-id source="read-attr" source-name="userPrincipalName"/>
<account-id source="src-dn"/>
<account-id source="association"/>
<account-status source="read-attr" source-name="userAccountControl" active="false" inactive="true"/>
</account>
</entitlement>
</entitlements>
</entitlement-configuration>
- entitlements
- entitlement list
- connections
- logical connections for fanout configuration
Attribute Value(s) Default Value driver-type CDATA
indicate the driver type#IMPLIED min-driver-version CDATA
minimum required shim version. This should only be used in conjunction with @driver-type to indicate to the UI agent which driver and version are expected for the configuration to work.#IMPLIED modified CDATA
date/time the configuration file was modified#REQUIRED rbpm-refresh-rate CDATA
RBPM configuration parameter#IMPLIED rbpm-time-out CDATA
RBPM configuration parameter#IMPLIED
( entitlements ? , connections ? )
None
Top Elements || All Elements || Tree