LDAPSync: Functionality To Move Groups Between Containers
Last updated on FEBRUARY 04, 2018
Applies to:Identity Manager - Version 22.214.171.124.161018 and later
Information in this document applies to any platform.
1. In a ldap sync environment, modify the LDAPContainerRules.xml to add a new rule for the role based on Role Description, for example: Below are two rule in /LDAPContainerRules.xml
So if the Role description is "Group1", then the role should be pushed to cn=Group1,dc=example,dc=com, if it "Group2", it should be pushed to cn=Group2,dc=example,dc=com this works perfectly fine for new role.
2. But if your modifying the Role Description, lets say, Role Description is NUll and if your modifying the role with "Role Description" as Group 1, the role is not pushed to container "cn=Group1,dc=example,dc=com".
Modify the same Role Description to "Group2", now the role will be pushed to earlier container cn=Group1,dc=example,dc=com.
You further update any other attribute in Role, now it gets pushed to container "cn=Group1,dc=example,dc=com"
So technically pushing of role on a modify operation is (x-1) times, where x is the container that it actually had to be pushed too.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms