8.17 Placement - Subscriber Flat - LDAP Format

This rule places objects from the Identity Vault into one container in the data store. Implement the rule on the Subscriber Placement policy in the driver.

There are two steps involved in using the predefined rules: creating a policy in the Placement policy set and importing the predefined rule. If you already have a Placement policy that you want to add this rule to, skip to Importing the Predefined Rule.

8.17.1 Creating a Policy

  1. From the Outline view or the Policy Flow view, select the Publisher channel.

  2. Select the Placement policy set in Policy Set view, then click Create or add a new policy to the Policy Set icon Create or Add a New Policy icon to create a new policy.

  3. Click Create a new policy, then click Next.

  4. Name the policy.

  5. Use the default location or browse and select another location to place the policy in the driver.

    Create Policy Wizard
  6. Select Open Editor after creating policy, then click Next.

  7. Select DirXML Script for the type of policy, then click Finish.

  8. A file conflict window appears with the message “Before editing this item you need to save. Do you wish to save the editor’s changes and continue?” Click Yes. The Policy Builder is launched and the new Placement policy is saved.

  9. Continue with Importing the Predefined Rule.

8.17.2 Importing the Predefined Rule

  1. Right-click in the Policy Builder, then click New > Predefined Rule > Insert Predefined Rule Before or Insert Predefined Rule After.

  2. Select Placement - Subscriber Flat - LDAP format, then click OK.

  3. Expand the predefined rule.

    Placement - Subscriber Flat - LDAP format
  4. Edit the action by double-clicking the Actions tab.

  5. Delete [Enter DN of destination container] from the Specify String field.

  6. Click the Edit the arguments icon Edit Arguments icon to launch the Argument Builder.

  7. Select Text in the noun list.

  8. Double-click Text to add it to the argument.

  9. In the editor, add the destination container where you want all of the User objects to be placed. Make sure the container is specified in LDAP format, then click OK.

  10. Click Finish.

  11. Save the rule by clicking File > Save.

8.17.3 How the Rule Works

This rule places all User objects in the destination DN. The rule sets the DN of the destination container as the local variable dest-base. The rule then sets the destination DN to be uid=unique name,dest-base. The uid attribute of the User object is the first two letters of the Given Name attribute plus the Surname attribute in lowercase. The rule uses LDAP format.