Expands to a pattern based name that is unique in the destination data store according to the criteria specified.
Each <arg-string> element provides a pattern to be used to create a proposed name.
A proposed name is tested by performing a query for that value in the name attribute against the destination data store using the <arg-dn> element or the <arg-association> element as the base of the query and scope as the scope of the query. If the destination data store is the Identity Vault and name is omitted, then a search is performed against the pseudo-attribute “[Entry].rdn”, which represents the RDN of an object without respect to what the naming attribute might be. If the destination data store is the application, then name is required.
A pattern can be tested with and/or without a counter as indicated by counter-use and counter-pattern. When a pattern is tested with a counter, the pattern is tested repeatedly with an appended counter until a name is found that does not return any instances or the counter is exhausted. The counter starting value is specified by counter-start and the counter maximum value is specified in terms of the maximum number of digits as specified by counter-digits. If the number of digits is less than those specified, then the counter is right padded with zeros unless the counter-pad attribute is set to false. The counter is considered exhausted when the counter can no longer be represented by the specified number of digits.
As soon as a proposed name is determined to be unique, the testing of names is stopped and the unique name is returned.
The order of proposed names is tested as follows:
Each pattern is tested in the order specified. If counter-use=“always” and the pattern is one of the patterns indicated by the counter-pattern then the pattern is tested with a counter, otherwise it is tested without a counter.
If no unique name has been found after the patterns have been exhausted and counter-use=“fallback”, then the patterns indicated by the counter-pattern are retried with a counter.
If all specified combinations of patterns and counters are exhausted, then the action specified by the on-unavailable is taken.
<token-unique-name counter-digits="2" counter-pad="true" counter-pattern="first" counter-start="1" counter-use="fallback" name="CN" on-unavailable="error" scope="subtree" test-all-objects="true">
<arg-string> <token-upper-case>
<token-substring length="1" start="0">
<token-attr name="Given Name"/>
</token-substring>
<token-attr name="Surname"/>
</token-upper-case>
</arg-string>
<arg-string>
<token-upper-case>
<token-substring length="1" start="0">
<token-attr name="Given Name"/>
</token-substring>
<token-substring length="1" start="0">
<token-attr name="MI"/>
</token-substring>
<token-attr name="Surname"/>
</token-upper-case>
</arg-string>
<arg-string>
<token-upper-case>
<token-attr name="Given Name"/>
<token-attr name="Surname"/>
</token-upper-case>
</arg-string>
</token-unique-name>
|
Element |
Description |
|---|---|
|
Association argument. |
|
|
DN argument. |
|
|
String argument |
|
Attribute |
Possible Values |
Default Value |
|---|---|---|
|
counter-digits |
CDATA Width in digits of counter. |
#IMPLIED |
|
counter-pad |
true | false Enable/disable right zero padding of counter. |
true |
|
counter-pattern |
first | last | all Which patterns to use counter with: First: Use counter only with the first pattern. Last: Use counter only with the last pattern. All: Use counter with all patterns. |
last |
|
counter-start |
CDATA Number to start counter. |
1 |
|
counter-use |
always | never | fallbackWhen to use counters: Never: Don't use counters. Always: Always use counters on the patterns indicated by counter-pattern. Fallback: Use counters counter the patterns indicated by counter-pattern only after all patterns have failed without counters. |
fallback |
|
name |
CDATA Name of attribute to check for uniqueness. |
#IMPLIED |
|
notrace |
true | false True if this element should not be traced during execution of the policy. |
false |
|
on-unavailable |
ignore | warning | error | fatal Action to take if unique name cannot be constructed: Ignore: Ignore and return empty name. Warning: Issue warning and return empty name. Error: Generate error and abort current transaction. Fatal: Generate fatal error and shut down driver. |
error |
|
scope |
subordinates | subtree The scope in which to check uniqueness. |
subtree |
|
test-all-objects |
true | false The include/exclude object class name in the unique-name query. |
false |
(( arg-dn | arg-association ) ? , arg-string + )
|
Element |
Description |
|---|---|
|
Association argument. |
|
|
Component argument. |
|
|
DN argument. |
|
|
Node set argument. |
|
|
Password argument. |
|
|
String argument. |
|
|
Value argument. |
|
|
Decode base64 data into a string. |
|
|
Encode a string into base64 data. |
|
|
Convert a data/time from one format to another format. |
|
|
Convert a string for use in the destination DN. |
|
|
Convert a string for use in a source DN. |
|
|
Join a node set into a string. |
|
|
Convert a string to lowercase. |
|
|
Map a string through a mapping table. |
|
|
Parses or converts a DN. |
|
|
Replaces all instances of a substring with a string. |
|
|
Replaces a single instance of a substring within a string. |
|
|
Splits a string into a node set. |
|
|
Substring of a string. |
|
|
Converts a string to uppercase. |
|
|
Parses XML. |
|
|
Serializes XML. |