API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 20th, 2012
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 297.67 KB | None | 0 0
raw download clone embed print report
  1. [03/20/12 07:46:22.442]:Active Directory :Reading named passwords list.
  2. [03/20/12 07:46:22.447]:Active Directory :Named passwords:
  3. [03/20/12 07:46:22.447]:Active Directory : Name: secretstore-enhanced-protection-password
  4. [03/20/12 07:46:22.447]:Active Directory :Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-EngineControlValues.
  5. [03/20/12 07:46:22.449]:Active Directory :Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST#DirXML-ConfigValues.
  6. [03/20/12 07:46:22.450]:Active Directory :Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-ConfigValues.
  7. [03/20/12 07:46:22.456]:Active Directory :Global Configuration Values:
  8. [03/20/12 07:46:22.457]:Active Directory : Name: ConnectedSystemName Value: Active Directory
  9. [03/20/12 07:46:22.457]:Active Directory : Name: drv.domain.dns.name Value: edir2adlab.local
  10. [03/20/12 07:46:22.457]:Active Directory : Name: drv.subPlacementType Value: mirrored
  11. [03/20/12 07:46:22.457]:Active Directory : Name: drv.user.container Value: OU=FDNY,dc=edir2adlab,dc=local
  12. [03/20/12 07:46:22.457]:Active Directory : Name: drv.pubPlacementType Value: mirrored
  13. [03/20/12 07:46:22.457]:Active Directory : Name: drv.entitlement.display Value: hide
  14. [03/20/12 07:46:22.457]:Active Directory : Name: drv.entitlement.UserAccount Value: false
  15. [03/20/12 07:46:22.458]:Active Directory : Name: drv.entitlement.remove Value: disable
  16. [03/20/12 07:46:22.458]:Active Directory : Name: drv.entitlement.Group Value: false
  17. [03/20/12 07:46:22.458]:Active Directory : Name: drv.exchMailboxMethod Value: disabled
  18. [03/20/12 07:46:22.458]:Active Directory : Name: drv.exchDefaultMDB Value:
  19. [03/20/12 07:46:22.458]:Active Directory : Name: pwd-mgt-display Value: hide
  20. [03/20/12 07:46:22.458]:Active Directory : Name: enable-password-subscribe Value: true
  21. [03/20/12 07:46:22.458]:Active Directory : Name: enable-password-publish Value: true
  22. [03/20/12 07:46:22.458]:Active Directory : Name: publish-password-to-nds Value: true
  23. [03/20/12 07:46:22.459]:Active Directory : Name: publish-password-to-dp Value: false
  24. [03/20/12 07:46:22.459]:Active Directory : Name: enforce-password-policy Value: true
  25. [03/20/12 07:46:22.459]:Active Directory : Name: reset-external-password-on-failure Value: true
  26. [03/20/12 07:46:22.459]:Active Directory : Name: notify-user-on-password-dist-failure Value: true
  27. [03/20/12 07:46:22.459]:Active Directory : Name: name-map-display Value: hide
  28. [03/20/12 07:46:22.459]:Active Directory : Name: FullNameMap Value: true
  29. [03/20/12 07:46:22.459]:Active Directory : Name: LogonNameMap Value: true
  30. [03/20/12 07:46:22.460]:Active Directory : Name: UpnMap Value: edir-name-auth
  31. [03/20/12 07:46:22.460]:Active Directory : Name: credprov.display Value: hide
  32. [03/20/12 07:46:22.460]:Active Directory : Name: credprov.enable Value: false
  33. [03/20/12 07:46:22.460]:Active Directory : Name: credprov.on.new-user Value: true
  34. [03/20/12 07:46:22.460]:Active Directory : Name: credprov.on.modify-Login_Disabled Value: true
  35. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.on.password-change Value: true
  36. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.application.credential.id Value: ad
  37. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.application.userid.attr Value: sAMAccountName
  38. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.secretstore.enable Value: true
  39. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.secretstore.sharedsecrettype Value: C
  40. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.secretstore.enhancedprotectionflag Value: 0
  41. [03/20/12 07:46:22.461]:Active Directory : Name: credprov.securelogin.enable Value: true
  42. [03/20/12 07:46:22.462]:Active Directory : Name: credprov.nslpassphrase.enable Value: true
  43. [03/20/12 07:46:22.462]:Active Directory : Name: credprov.nslpassphrase.question Value: What is your Workforce ID?
  44. [03/20/12 07:46:22.462]:Active Directory : Name: credprov.nslpassphrase.answervalueattr Value: workforceID
  45. [03/20/12 07:46:22.462]:Active Directory : Name: drv.acctTrk.display Value: hide
  46. [03/20/12 07:46:22.462]:Active Directory : Name: drv.acctTrk.enable Value: true
  47. [03/20/12 07:46:22.462]:Active Directory : Name: drv.acctTrk.realm Value: edir2adlab.local
  48. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.objectClass Value: user
  49. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.identifiers Value: sAMAccountName;userPrincipalName;LDAPDN;association
  50. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.statusAttr Value: dirxml-uACAccountDisable
  51. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.activeStatus Value: false
  52. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.inactiveStatus Value: true
  53. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.idvDefaultStatus Value: A
  54. [03/20/12 07:46:22.463]:Active Directory : Name: drv.acctTrk.appDefaultStatus Value: -
  55. [03/20/12 07:46:22.464]:Active Directory : Name: idv.credprov.nsl.repository Value: lib-CredProv-NSLRepository-V1
  56. [03/20/12 07:46:22.464]:Active Directory : Name: idv.credprov.nss.repository Value: lib-CredProv-NSSRepository-V1
  57. [03/20/12 07:46:22.464]:Active Directory : Name: idv.dit.data.users Value: fdny
  58. [03/20/12 07:46:22.464]:Active Directory : Name: dirxml.auto.treename Value: EDIR2ADLAB
  59. [03/20/12 07:46:22.464]:Active Directory : Name: dirxml.auto.driverdn Value: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  60. [03/20/12 07:46:22.464]:Active Directory : Name: dirxml.auto.driverguid Value: {65C7C4BB-8BDD-41c7-7EBB-BBC4C765DD8B}
  61. [03/20/12 07:46:22.465]:Active Directory :Using default reciprocal attribute map
  62. [03/20/12 07:46:22.465]:Active Directory :Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-PersistentData.
  63. [03/20/12 07:46:22.466]:Active Directory :Loaded persistent data
  64. [03/20/12 07:46:22.466]:Active Directory :
  65. <persistent-data>
  66. <op-counters last-reset-time="1332184584177">
  67. <subscriber>
  68. <counters index="0">
  69. <sync>127</sync>
  70. </counters>
  71. <counters index="1">
  72. <sync>26</sync>
  73. </counters>
  74. <counters index="2">
  75. <modify>1</modify>
  76. <query>64</query>
  77. <add>3</add>
  78. </counters>
  79. <counters index="3">
  80. <modify>1</modify>
  81. <query>64</query>
  82. <add>3</add>
  83. </counters>
  84. <counters index="4">
  85. <status>68</status>
  86. <instance>13</instance>
  87. <add-association>1</add-association>
  88. </counters>
  89. </subscriber>
  90. <publisher>
  91. <counters index="0">
  92. <status>991</status>
  93. <query>3</query>
  94. <add>1</add>
  95. <check-password><!-- content suppressed --></check-password>
  96. <init-params>2</init-params>
  97. </counters>
  98. <counters index="1">
  99. <status>991</status>
  100. <query>3</query>
  101. <add>1</add>
  102. <check-password><!-- content suppressed --></check-password>
  103. <init-params>2</init-params>
  104. </counters>
  105. <counters index="2">
  106. <status>991</status>
  107. <query>3</query>
  108. <add>1</add>
  109. <check-password><!-- content suppressed --></check-password>
  110. <init-params>2</init-params>
  111. </counters>
  112. <counters index="3">
  113. <status>991</status>
  114. <modify>16</modify>
  115. <query>4</query>
  116. <check-password><!-- content suppressed --></check-password>
  117. <init-params>2</init-params>
  118. </counters>
  119. <counters index="4">
  120. <status>1018</status>
  121. <instance>4</instance>
  122. </counters>
  123. </publisher>
  124. </op-counters>
  125. </persistent-data>
  126. [03/20/12 07:46:22.475]:Active Directory :Found subscriber fdny\AD-TEST\Active Directory\Subscriber.
  127. [03/20/12 07:46:22.481]:Active Directory :Found publisher fdny\AD-TEST\Active Directory\Publisher.
  128. [03/20/12 07:46:22.481]:Active Directory :Creating subscriber thread.
  129. [03/20/12 07:46:22.482]:Active Directory ST:Subscriber thread starting.
  130. [03/20/12 07:46:22.494]:Active Directory ST:Initializing driver shim.
  131. [03/20/12 07:46:22.494]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-ApplicationSchema.
  132. [03/20/12 07:46:22.496]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-ConfigManifest.
  133. [03/20/12 07:46:22.497]:Active Directory ST:Reading driver information from the \EDIR2ADLAB\fdny\AD-TEST\Active Directory object.
  134. [03/20/12 07:46:22.497]:Active Directory ST:Loading Java shim com.novell.nds.dirxml.remote.driver.DriverShimImpl.
  135. [03/20/12 07:46:22.505]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-ShimConfigInfo.
  136. [03/20/12 07:46:22.508]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-DriverStorage.
  137. [03/20/12 07:46:22.509]:Active Directory ST:
  138. <nds dtdversion="3.5" ndsversion="8.x">
  139. <source>
  140. <product version="3.6.10.4747">DirXML</product>
  141. <contact>Novell, Inc.</contact>
  142. </source>
  143. <input>
  144. <init-params src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory">
  145. <authentication-info>
  146. <server>REMOTE(hostname=10.237.48.38 port=8090)10.237.48.38</server>
  147. <user>edir2adlab/Administrator</user>
  148. <password><!-- content suppressed --></password>
  149. </authentication-info>
  150. <driver-options>
  151. <auth-options display-name="Show authentication options">hide</auth-options>
  152. <auth-method display-name="Authentication Method">Negotiate</auth-method>
  153. <signing display-name="Digitally sign communications">no</signing>
  154. <sealing display-name="Digitally sign and seal communications">no</sealing>
  155. <use-ssl display-name="Use SSL for encryption">no</use-ssl>
  156. <impersonation display-name="Logon and impersonate">yes</impersonation>
  157. <xchg-options display-name="Show Exchange Management Options">hide</xchg-options>
  158. <xchg-prov display-name="Enable Exchange mailbox provisioning">disabled</xchg-prov>
  159. <exch-api-type display-name="Exchange Management interface type (use-cdoexm/use-post-cdoexm)">use-post-cdoexm</exch-api-type>
  160. <exch-move display-name="Allow Exchange mailbox move (yes/no)">yes</exch-move>
  161. <exch-delete display-name="Allow Exchange mailbox delete (yes/no)">yes</exch-delete>
  162. <access-options display-name="Show access options">hide</access-options>
  163. <pollingInterval display-name="Driver Polling Interval">1</pollingInterval>
  164. <pub-heartbeat-interval display-name="Publisher heartbeat interval">1</pub-heartbeat-interval>
  165. <pub-password-expire-time display-name="Password Sync Timeout (minutes)">5</pub-password-expire-time>
  166. <search-domain-scope display-name="Search domain scope">yes</search-domain-scope>
  167. <retry-ldap-auth-unknown display-name="Retry LDAP Auth unknown error">no</retry-ldap-auth-unknown>
  168. <enable-incremental-values display-name="Enable DirSync Incremental Values">no</enable-incremental-values>
  169. </driver-options>
  170. </init-params>
  171. </input>
  172. </nds>
  173. [03/20/12 07:46:22.512]:Active Directory ST:DriverShim.init() returned:
  174. [03/20/12 07:46:22.513]:Active Directory ST:
  175. <nds dtdversion="3.5" ndsversion="8.x">
  176. <output>
  177. <status level="success">
  178. <provides-secure-channel>false</provides-secure-channel>
  179. </status>
  180. </output>
  181. </nds>
  182. [03/20/12 07:46:22.517]:Active Directory ST:Initializing ECMAScript extensions.
  183. [03/20/12 07:46:22.519]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-DriverFilter.
  184. [03/20/12 07:46:22.521]:Active Directory ST:Loaded filter.
  185. [03/20/12 07:46:22.521]:Active Directory ST:
  186. <filter>
  187. <filter-class class-name="Group" publisher="sync" subscriber="sync">
  188. <filter-attr attr-name="CN" publisher="ignore" subscriber="ignore"/>
  189. <filter-attr attr-name="Description" publisher="sync" subscriber="sync"/>
  190. <filter-attr attr-name="Full Name" publisher="sync" subscriber="sync"/>
  191. <filter-attr attr-name="L" publisher="sync" subscriber="sync"/>
  192. <filter-attr attr-name="Member" publisher="sync" subscriber="sync"/>
  193. <filter-attr attr-name="Owner" publisher="sync" subscriber="sync"/>
  194. </filter-class>
  195. <filter-class class-name="Organizational Unit" publisher="sync" subscriber="sync">
  196. <filter-attr attr-name="Description" publisher="sync" subscriber="sync"/>
  197. <filter-attr attr-name="OU" publisher="ignore" subscriber="ignore"/>
  198. </filter-class>
  199. <filter-class class-name="User" publisher="sync" subscriber="sync">
  200. <filter-attr attr-name="CN" publisher="notify" subscriber="ignore"/>
  201. <filter-attr attr-name="Description" publisher="sync" subscriber="sync"/>
  202. <filter-attr attr-name="DirXML-ADAliasName" publisher="sync" subscriber="ignore"/>
  203. <!--filter-attr attr-name="DirXML-ADContext" publisher="notify" subscriber="sync"/-->
  204. <filter-attr attr-name="Facsimile Telephone Number" publisher="sync" subscriber="sync"/>
  205. <filter-attr attr-name="Full Name" publisher="sync" subscriber="sync"/>
  206. <filter-attr attr-name="Given Name" publisher="sync" subscriber="sync"/>
  207. <filter-attr attr-name="Initials" publisher="sync" subscriber="sync"/>
  208. <filter-attr attr-name="Internet EMail Address" publisher="sync" subscriber="sync"/>
  209. <filter-attr attr-name="L" publisher="sync" subscriber="sync"/>
  210. <filter-attr attr-name="Login Allowed Time Map" publisher="sync" subscriber="sync"/>
  211. <!-- login disabled is not synchronized if account is controlled by entitlements-->
  212. <filter-attr attr-name="Login Disabled" merge-authority="default" publisher="sync" publisher-optimize-modify="true" subscriber="sync"/>
  213. <filter-attr attr-name="Login Expiration Time" merge-authority="default" publisher="sync" publisher-optimize-modify="true" subscriber="sync"/>
  214. <filter-attr attr-name="Physical Delivery Office Name" publisher="sync" subscriber="sync"/>
  215. <filter-attr attr-name="Postal Code" publisher="sync" subscriber="sync"/>
  216. <filter-attr attr-name="Postal Office Box" publisher="sync" subscriber="sync"/>
  217. <filter-attr attr-name="S" publisher="sync" subscriber="sync"/>
  218. <filter-attr attr-name="SA" publisher="sync" subscriber="sync"/>
  219. <filter-attr attr-name="Surname" publisher="sync" subscriber="sync"/>
  220. <filter-attr attr-name="Telephone Number" publisher="sync" subscriber="sync"/>
  221. <filter-attr attr-name="Title" publisher="sync" subscriber="sync"/>
  222. <filter-attr attr-name="nspmDistributionPassword" merge-authority="none" publisher="ignore" publisher-optimize-modify="false" subscriber="notify"/>
  223. <!-- turn on entitlement notifications when entitlements are enabled.
  224. if the user enables entitlements after import this will need to be
  225. updated manually in the driver filter config via iManager or Designer. -->
  226. <filter-attr attr-name="DirXML-EntitlementRef" merge-authority="edir" publisher="ignore" publisher-optimize-modify="true" subscriber="notify"/>
  227. </filter-class>
  228. </filter>
  229. [03/20/12 07:46:22.526]:Active Directory ST:Initializing subscriber fdny\AD-TEST\Active Directory\Subscriber for \EDIR2ADLAB\fdny\AD-TEST\Active Directory.
  230. [03/20/12 07:46:22.526]:Active Directory ST:Loading Subscriber input transformation policies.
  231. [03/20/12 07:46:22.526]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Publish-itp-V1#XmlData.
  232. [03/20/12 07:46:22.528]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Publish-itp-V1#XmlData:
  233. [03/20/12 07:46:22.528]:Active Directory ST:Found DirXMLScript policy.
  234. [03/20/12 07:46:22.532]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-WriteAccounts-itp-V1#XmlData.
  235. [03/20/12 07:46:22.535]:Active Directory ST:Found DirXMLScript policy.
  236. [03/20/12 07:46:22.548]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/itp#XmlData.
  237. [03/20/12 07:46:22.549]:Active Directory ST:Found DirXMLScript policy.
  238. [03/20/12 07:46:22.551]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/itp-EntitlementsImpl#XmlData.
  239. [03/20/12 07:46:22.551]:Active Directory ST:Found DirXMLScript policy.
  240. [03/20/12 07:46:22.553]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Password%28Pub%29-Sub+Email+Notifications#XmlData.
  241. [03/20/12 07:46:22.554]:Active Directory ST:Found DirXMLScript policy.
  242. [03/20/12 07:46:22.557]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-Audit-SendEntitlementsEvents-itp-V1#XmlData.
  243. [03/20/12 07:46:22.558]:Active Directory ST:Found DirXMLScript policy.
  244. [03/20/12 07:46:22.561]:Active Directory ST:Loading Subscriber output transformation policies.
  245. [03/20/12 07:46:22.562]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/otp#XmlData.
  246. [03/20/12 07:46:22.563]:Active Directory ST:Found DirXMLScript policy.
  247. [03/20/12 07:46:22.565]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Password%28Sub%29-Pub+Email+Notifications#XmlData.
  248. [03/20/12 07:46:22.565]:Active Directory ST:Found DirXMLScript policy.
  249. [03/20/12 07:46:22.567]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-CredProv-ConvertPayload-otp-V1#XmlData.
  250. [03/20/12 07:46:22.568]:Active Directory ST:Found DirXMLScript policy.
  251. [03/20/12 07:46:22.571]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Subscribe-otp-V1#XmlData.
  252. [03/20/12 07:46:22.572]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Subscribe-otp-V1#XmlData:
  253. [03/20/12 07:46:22.573]:Active Directory ST:Found DirXMLScript policy.
  254. [03/20/12 07:46:22.575]:Active Directory ST:Loading Subscriber schema mapping policies.
  255. [03/20/12 07:46:22.575]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/smp#XmlData.
  256. [03/20/12 07:46:22.576]:Active Directory ST:Found schema map.
  257. [03/20/12 07:46:22.577]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/smp#XmlData.
  258. [03/20/12 07:46:22.577]:Active Directory ST:Found schema map.
  259. [03/20/12 07:46:22.578]:Active Directory ST:Loading policies.
  260. [03/20/12 07:46:22.578]:Active Directory ST:Loading Subscriber event transformation policies.
  261. [03/20/12 07:46:22.578]:Active Directory ST:Policy not found.
  262. [03/20/12 07:46:22.579]:Active Directory ST:Loading Subscriber object matching policies.
  263. [03/20/12 07:46:22.579]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-mp-Scoping#XmlData.
  264. [03/20/12 07:46:22.580]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-mp-Scoping#XmlData:
  265. [03/20/12 07:46:22.580]:Active Directory ST:Found DirXMLScript policy.
  266. [03/20/12 07:46:22.587]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-mp-EntitlementsImpl#XmlData.
  267. [03/20/12 07:46:22.587]:Active Directory ST:Found DirXMLScript policy.
  268. [03/20/12 07:46:22.588]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-mp#XmlData.
  269. [03/20/12 07:46:22.589]:Active Directory ST:Found DirXMLScript policy.
  270. [03/20/12 07:46:22.591]:Active Directory ST:Loading Subscriber object creation policies.
  271. [03/20/12 07:46:22.592]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-cp-EntitlementsImpl#XmlData.
  272. [03/20/12 07:46:22.593]:Active Directory ST:Found DirXMLScript policy.
  273. [03/20/12 07:46:22.593]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-cp-Users#XmlData.
  274. [03/20/12 07:46:22.594]:Active Directory ST:Found DirXMLScript policy.
  275. [03/20/12 07:46:22.596]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-cp-ExchMailboxPolicy#XmlData.
  276. [03/20/12 07:46:22.596]:Active Directory ST:Found DirXMLScript policy.
  277. [03/20/12 07:46:22.597]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-CredProv-RequiredAttributes-sub-cp-V1#XmlData.
  278. [03/20/12 07:46:22.597]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-CredProv-RequiredAttributes-sub-cp-V1#XmlData:
  279. [03/20/12 07:46:22.597]:Active Directory ST:Found DirXMLScript policy.
  280. [03/20/12 07:46:22.598]:Active Directory ST:Loading Subscriber object placement policies.
  281. [03/20/12 07:46:22.598]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-pp#XmlData.
  282. [03/20/12 07:46:22.599]:Active Directory ST:Found DirXMLScript policy.
  283. [03/20/12 07:46:22.599]:Active Directory ST:Loading Subscriber command transformation policies.
  284. [03/20/12 07:46:22.599]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-ctp-EntitlementsImpl#XmlData.
  285. [03/20/12 07:46:22.600]:Active Directory ST:Found DirXMLScript policy.
  286. [03/20/12 07:46:22.602]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-ctp-Audit-TagEvent#XmlData.
  287. [03/20/12 07:46:22.603]:Active Directory ST:Found DirXMLScript policy.
  288. [03/20/12 07:46:22.604]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-ctp-UserNameMap#XmlData.
  289. [03/20/12 07:46:22.605]:Active Directory ST:Found DirXMLScript policy.
  290. [03/20/12 07:46:22.607]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-ctp-ExchMailboxPolicy#XmlData.
  291. [03/20/12 07:46:22.607]:Active Directory ST:Found DirXMLScript policy.
  292. [03/20/12 07:46:22.608]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/Password%28Sub%29-Transform+Distribution+Password#XmlData.
  293. [03/20/12 07:46:22.609]:Active Directory ST:Found DirXMLScript policy.
  294. [03/20/12 07:46:22.610]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/Password%28Sub%29-Default+Password+Policy#XmlData.
  295. [03/20/12 07:46:22.610]:Active Directory ST:Found DirXMLScript policy.
  296. [03/20/12 07:46:22.611]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/Password%28Sub%29-Check+Password+GCV#XmlData.
  297. [03/20/12 07:46:22.611]:Active Directory ST:Found DirXMLScript policy.
  298. [03/20/12 07:46:22.612]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/Password%28Sub%29-Add+Password+Payload#XmlData.
  299. [03/20/12 07:46:22.612]:Active Directory ST:Found DirXMLScript policy.
  300. [03/20/12 07:46:22.630]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Subscriber/sub-ctp-GroupMemberResolution#XmlData.
  301. [03/20/12 07:46:22.630]:Active Directory ST:Found DirXMLScript policy.
  302. [03/20/12 07:46:22.638]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-CredProv-Trigger-sub-ctp-V1#XmlData.
  303. [03/20/12 07:46:22.639]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-CredProv-Trigger-sub-ctp-V1#XmlData:
  304. [03/20/12 07:46:22.639]:Active Directory ST:Found DirXMLScript policy.
  305. [03/20/12 07:46:22.642]:Active Directory ST:Mapping sensitive attribute names to application space
  306. [03/20/12 07:46:22.703]:Active Directory ST:Initializing subscriber shim.
  307. [03/20/12 07:46:22.706]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-ShimConfigInfo.
  308. [03/20/12 07:46:22.707]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-DriverStorage.
  309. [03/20/12 07:46:22.708]:Active Directory ST:Applying policy: %+C%14Csmp%-C.
  310. [03/20/12 07:46:22.708]:Active Directory ST: Mapping attr-name 'Description' to 'description'.
  311. [03/20/12 07:46:22.708]:Active Directory ST: Mapping attr-name 'Full Name' to 'displayName'.
  312. [03/20/12 07:46:22.708]:Active Directory ST: Mapping attr-name 'Member' to 'member'.
  313. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Owner' to 'managedBy'.
  314. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Description' to 'description'.
  315. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Description' to 'description'.
  316. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Facsimile Telephone Number' to 'facsimileTelephoneNumber'.
  317. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Full Name' to 'displayName'.
  318. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Given Name' to 'givenName'.
  319. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Initials' to 'initials'.
  320. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Internet EMail Address' to 'mail'.
  321. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'L' to 'physicalDeliveryOfficeName'.
  322. [03/20/12 07:46:22.709]:Active Directory ST: Mapping attr-name 'Login Allowed Time Map' to 'logonHours'.
  323. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Login Disabled' to 'dirxml-uACAccountDisable'.
  324. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Login Expiration Time' to 'accountExpires'.
  325. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Physical Delivery Office Name' to 'l'.
  326. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Postal Code' to 'postalCode'.
  327. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Postal Office Box' to 'postOfficeBox'.
  328. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'S' to 'st'.
  329. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'SA' to 'streetAddress'.
  330. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Surname' to 'sn'.
  331. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Telephone Number' to 'telephoneNumber'.
  332. [03/20/12 07:46:22.710]:Active Directory ST: Mapping attr-name 'Title' to 'title'.
  333. [03/20/12 07:46:22.711]:Active Directory ST: Mapping class-name 'Group' to 'group'.
  334. [03/20/12 07:46:22.711]:Active Directory ST: Mapping class-name 'Organizational Unit' to 'organizationalUnit'.
  335. [03/20/12 07:46:22.711]:Active Directory ST: Mapping class-name 'User' to 'user'.
  336. [03/20/12 07:46:22.711]:Active Directory ST:
  337. <nds dtdversion="3.5" ndsversion="8.x">
  338. <source>
  339. <product version="3.6.10.4747">DirXML</product>
  340. <contact>Novell, Inc.</contact>
  341. </source>
  342. <input>
  343. <init-params src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory">
  344. <authentication-info>
  345. <server>REMOTE(hostname=10.237.48.38 port=8090)10.237.48.38</server>
  346. <user>edir2adlab/Administrator</user>
  347. <password><!-- content suppressed --></password>
  348. </authentication-info>
  349. <driver-filter>
  350. <allow-class class-name="group">
  351. <allow-attr attr-name="description"/>
  352. <allow-attr attr-name="displayName"/>
  353. <allow-attr attr-name="L"/>
  354. <allow-attr attr-name="member"/>
  355. <allow-attr attr-name="managedBy"/>
  356. </allow-class>
  357. <allow-class class-name="organizationalUnit">
  358. <allow-attr attr-name="description"/>
  359. </allow-class>
  360. <allow-class class-name="user">
  361. <allow-attr attr-name="description"/>
  362. <allow-attr attr-name="facsimileTelephoneNumber"/>
  363. <allow-attr attr-name="displayName"/>
  364. <allow-attr attr-name="givenName"/>
  365. <allow-attr attr-name="initials"/>
  366. <allow-attr attr-name="mail"/>
  367. <allow-attr attr-name="physicalDeliveryOfficeName"/>
  368. <allow-attr attr-name="logonHours"/>
  369. <allow-attr attr-name="dirxml-uACAccountDisable"/>
  370. <allow-attr attr-name="accountExpires"/>
  371. <allow-attr attr-name="l"/>
  372. <allow-attr attr-name="postalCode"/>
  373. <allow-attr attr-name="postOfficeBox"/>
  374. <allow-attr attr-name="st"/>
  375. <allow-attr attr-name="streetAddress"/>
  376. <allow-attr attr-name="sn"/>
  377. <allow-attr attr-name="telephoneNumber"/>
  378. <allow-attr attr-name="title"/>
  379. </allow-class>
  380. </driver-filter>
  381. </init-params>
  382. </input>
  383. </nds>
  384. [03/20/12 07:46:22.713]:Active Directory ST:SubscriptionShim.init() returned:
  385. [03/20/12 07:46:22.713]:Active Directory ST:
  386. <nds dtdversion="3.5" ndsversion="8.x">
  387. <output>
  388. <status level="success"/>
  389. </output>
  390. </nds>
  391. [03/20/12 07:46:22.713]:Active Directory ST:Applying input transformation policies.
  392. [03/20/12 07:46:22.713]:Active Directory ST:Applying policy: %+C%14Clib-AccountTracking-Publish-itp-V1%-C.
  393. [03/20/12 07:46:22.713]:Active Directory ST: Applying to status #1.
  394. [03/20/12 07:46:22.714]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  395. [03/20/12 07:46:22.714]:Active Directory ST: Rule selected.
  396. [03/20/12 07:46:22.714]:Active Directory ST: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  397. [03/20/12 07:46:22.714]:Active Directory ST: Action: do-if().
  398. [03/20/12 07:46:22.714]:Active Directory ST: Evaluating conditions.
  399. [03/20/12 07:46:22.714]:Active Directory ST: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  400. [03/20/12 07:46:22.714]:Active Directory ST: Performing else actions.
  401. [03/20/12 07:46:22.714]:Active Directory ST: Action: do-if().
  402. [03/20/12 07:46:22.714]:Active Directory ST: Evaluating conditions.
  403. [03/20/12 07:46:22.714]:Active Directory ST: (if-class-name available) = FALSE.
  404. [03/20/12 07:46:22.714]:Active Directory ST: Performing else actions.
  405. [03/20/12 07:46:22.715]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  406. [03/20/12 07:46:22.715]:Active Directory ST: (if-operation equal "add-association") = FALSE.
  407. [03/20/12 07:46:22.715]:Active Directory ST: Rule rejected.
  408. [03/20/12 07:46:22.715]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  409. [03/20/12 07:46:22.715]:Active Directory ST: (if-operation match "modify|delete|move|rename") = FALSE.
  410. [03/20/12 07:46:22.715]:Active Directory ST: Rule rejected.
  411. [03/20/12 07:46:22.715]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  412. [03/20/12 07:46:22.715]:Active Directory ST: (if-operation match "add|modify|delete|rename|move|status") = TRUE.
  413. [03/20/12 07:46:22.716]:Active Directory ST: Rule selected.
  414. [03/20/12 07:46:22.716]:Active Directory ST: Applying rule 'AccountTracking - add interested properties to current doc for future use.'.
  415. [03/20/12 07:46:22.716]:Active Directory ST: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.identifiers"))).
  416. [03/20/12 07:46:22.716]:Active Directory ST: arg-node-set(token-global-variable("drv.acctTrk.identifiers"))
  417. [03/20/12 07:46:22.716]:Active Directory ST: token-global-variable("drv.acctTrk.identifiers")
  418. [03/20/12 07:46:22.716]:Active Directory ST: Token Value: {"sAMAccountName","userPrincipalName","LDAPDN","association"}.
  419. [03/20/12 07:46:22.716]:Active Directory ST: Arg Value: {"sAMAccountName","userPrincipalName","LDAPDN","association"}.
  420. [03/20/12 07:46:22.716]:Active Directory ST: Performing actions for local-variable(current-node) = "sAMAccountName".
  421. [03/20/12 07:46:22.717]:Active Directory ST: Action: do-if().
  422. [03/20/12 07:46:22.717]:Active Directory ST: Evaluating conditions.
  423. [03/20/12 07:46:22.717]:Active Directory ST: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  424. [03/20/12 07:46:22.717]:Active Directory ST: Performing else actions.
  425. [03/20/12 07:46:22.717]:Active Directory ST: Action: do-if().
  426. [03/20/12 07:46:22.717]:Active Directory ST: Evaluating conditions.
  427. [03/20/12 07:46:22.717]:Active Directory ST: (if-local-variable 'current-node' equal "association") = FALSE.
  428. [03/20/12 07:46:22.717]:Active Directory ST: Performing else actions.
  429. [03/20/12 07:46:22.717]:Active Directory ST: Action: do-if().
  430. [03/20/12 07:46:22.717]:Active Directory ST: Evaluating conditions.
  431. [03/20/12 07:46:22.718]:Active Directory ST: Expanded variable reference '$current-node$' to 'sAMAccountName'.
  432. [03/20/12 07:46:22.718]:Active Directory ST: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  433. [03/20/12 07:46:22.718]:Active Directory ST: Expanded variable reference '$current-node$' to 'sAMAccountName'.
  434. [03/20/12 07:46:22.718]:Active Directory ST: (if-op-attr '$current-node$' available) = FALSE.
  435. [03/20/12 07:46:22.718]:Active Directory ST: Performing else actions.
  436. [03/20/12 07:46:22.718]:Active Directory ST: Performing actions for local-variable(current-node) = "userPrincipalName".
  437. [03/20/12 07:46:22.718]:Active Directory ST: Action: do-if().
  438. [03/20/12 07:46:22.718]:Active Directory ST: Evaluating conditions.
  439. [03/20/12 07:46:22.718]:Active Directory ST: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  440. [03/20/12 07:46:22.719]:Active Directory ST: Performing else actions.
  441. [03/20/12 07:46:22.719]:Active Directory ST: Action: do-if().
  442. [03/20/12 07:46:22.719]:Active Directory ST: Evaluating conditions.
  443. [03/20/12 07:46:22.719]:Active Directory ST: (if-local-variable 'current-node' equal "association") = FALSE.
  444. [03/20/12 07:46:22.719]:Active Directory ST: Performing else actions.
  445. [03/20/12 07:46:22.719]:Active Directory ST: Action: do-if().
  446. [03/20/12 07:46:22.719]:Active Directory ST: Evaluating conditions.
  447. [03/20/12 07:46:22.719]:Active Directory ST: Expanded variable reference '$current-node$' to 'userPrincipalName'.
  448. [03/20/12 07:46:22.719]:Active Directory ST: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  449. [03/20/12 07:46:22.719]:Active Directory ST: Expanded variable reference '$current-node$' to 'userPrincipalName'.
  450. [03/20/12 07:46:22.720]:Active Directory ST: (if-op-attr '$current-node$' available) = FALSE.
  451. [03/20/12 07:46:22.720]:Active Directory ST: Performing else actions.
  452. [03/20/12 07:46:22.720]:Active Directory ST: Performing actions for local-variable(current-node) = "LDAPDN".
  453. [03/20/12 07:46:22.720]:Active Directory ST: Action: do-if().
  454. [03/20/12 07:46:22.720]:Active Directory ST: Evaluating conditions.
  455. [03/20/12 07:46:22.720]:Active Directory ST: (if-local-variable 'current-node' equal "LDAPDN") = TRUE.
  456. [03/20/12 07:46:22.720]:Active Directory ST: Expanded variable reference '$current-node$' to 'LDAPDN'.
  457. [03/20/12 07:46:22.720]:Active Directory ST: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  458. [03/20/12 07:46:22.720]:Active Directory ST: (if-src-dn available) = FALSE.
  459. [03/20/12 07:46:22.721]:Active Directory ST: Performing else actions.
  460. [03/20/12 07:46:22.721]:Active Directory ST: Action: do-if().
  461. [03/20/12 07:46:22.721]:Active Directory ST: Evaluating conditions.
  462. [03/20/12 07:46:22.721]:Active Directory ST: (if-local-variable 'current-node' equal "association") = FALSE.
  463. [03/20/12 07:46:22.721]:Active Directory ST: Performing else actions.
  464. [03/20/12 07:46:22.721]:Active Directory ST: Action: do-if().
  465. [03/20/12 07:46:22.721]:Active Directory ST: Evaluating conditions.
  466. [03/20/12 07:46:22.721]:Active Directory ST: Expanded variable reference '$current-node$' to 'LDAPDN'.
  467. [03/20/12 07:46:22.721]:Active Directory ST: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  468. [03/20/12 07:46:22.721]:Active Directory ST: Expanded variable reference '$current-node$' to 'LDAPDN'.
  469. [03/20/12 07:46:22.722]:Active Directory ST: (if-op-attr '$current-node$' available) = FALSE.
  470. [03/20/12 07:46:22.722]:Active Directory ST: Performing else actions.
  471. [03/20/12 07:46:22.722]:Active Directory ST: Performing actions for local-variable(current-node) = "association".
  472. [03/20/12 07:46:22.722]:Active Directory ST: Action: do-if().
  473. [03/20/12 07:46:22.722]:Active Directory ST: Evaluating conditions.
  474. [03/20/12 07:46:22.722]:Active Directory ST: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  475. [03/20/12 07:46:22.722]:Active Directory ST: Performing else actions.
  476. [03/20/12 07:46:22.722]:Active Directory ST: Action: do-if().
  477. [03/20/12 07:46:22.722]:Active Directory ST: Evaluating conditions.
  478. [03/20/12 07:46:22.722]:Active Directory ST: (if-local-variable 'current-node' equal "association") = TRUE.
  479. [03/20/12 07:46:22.723]:Active Directory ST: Expanded variable reference '$current-node$' to 'association'.
  480. [03/20/12 07:46:22.723]:Active Directory ST: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  481. [03/20/12 07:46:22.723]:Active Directory ST: (if-association available) = FALSE.
  482. [03/20/12 07:46:22.723]:Active Directory ST: Performing else actions.
  483. [03/20/12 07:46:22.723]:Active Directory ST: Action: do-if().
  484. [03/20/12 07:46:22.723]:Active Directory ST: Evaluating conditions.
  485. [03/20/12 07:46:22.723]:Active Directory ST: Expanded variable reference '$current-node$' to 'association'.
  486. [03/20/12 07:46:22.723]:Active Directory ST: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  487. [03/20/12 07:46:22.723]:Active Directory ST: Expanded variable reference '$current-node$' to 'association'.
  488. [03/20/12 07:46:22.724]:Active Directory ST: (if-op-attr '$current-node$' available) = FALSE.
  489. [03/20/12 07:46:22.724]:Active Directory ST: Performing else actions.
  490. [03/20/12 07:46:22.724]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  491. [03/20/12 07:46:22.724]:Active Directory ST: (if-operation match "add|modify|delete|rename|move") = FALSE.
  492. [03/20/12 07:46:22.724]:Active Directory ST: Rule rejected.
  493. [03/20/12 07:46:22.724]:Active Directory ST:Policy returned:
  494. [03/20/12 07:46:22.724]:Active Directory ST:
  495. <nds dtdversion="3.5" ndsversion="8.x">
  496. <output>
  497. <status level="success"/>
  498. </output>
  499. </nds>
  500. [03/20/12 07:46:22.724]:Active Directory ST:Applying policy: %+C%14Clib-AccountTracking-WriteAccounts-itp-V1%-C.
  501. [03/20/12 07:46:22.725]:Active Directory ST: Applying to status #1.
  502. [03/20/12 07:46:22.725]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  503. [03/20/12 07:46:22.725]:Active Directory ST: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  504. [03/20/12 07:46:22.725]:Active Directory ST: Rule rejected.
  505. [03/20/12 07:46:22.725]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  506. [03/20/12 07:46:22.725]:Active Directory ST: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  507. [03/20/12 07:46:22.725]:Active Directory ST: Rule rejected.
  508. [03/20/12 07:46:22.725]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  509. [03/20/12 07:46:22.725]:Active Directory ST: (if-operation match "delete|remove-association") = FALSE.
  510. [03/20/12 07:46:22.726]:Active Directory ST: (if-operation equal "status") = TRUE.
  511. [03/20/12 07:46:22.726]:Active Directory ST: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  512. [03/20/12 07:46:22.726]:Active Directory ST: Rule rejected.
  513. [03/20/12 07:46:22.726]:Active Directory ST: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  514. [03/20/12 07:46:22.726]:Active Directory ST: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  515. [03/20/12 07:46:22.726]:Active Directory ST: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  516. [03/20/12 07:46:22.726]:Active Directory ST: (if-operation equal "status") = TRUE.
  517. [03/20/12 07:46:22.726]:Active Directory ST: (if-xpath true "./@level='success'") = TRUE.
  518. [03/20/12 07:46:22.726]:Active Directory ST: (if-op-property 'AccountTracking-Operation' available) = FALSE.
  519. [03/20/12 07:46:22.726]:Active Directory ST: Rule rejected.
  520. [03/20/12 07:46:22.727]:Active Directory ST:Policy returned:
  521. [03/20/12 07:46:22.727]:Active Directory ST:
  522. <nds dtdversion="3.5" ndsversion="8.x">
  523. <output>
  524. <status level="success"/>
  525. </output>
  526. </nds>
  527. [03/20/12 07:46:22.727]:Active Directory ST:Applying policy: %+C%14Citp%-C.
  528. [03/20/12 07:46:22.727]:Active Directory ST: Applying to status #1.
  529. [03/20/12 07:46:22.727]:Active Directory ST: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  530. [03/20/12 07:46:22.727]:Active Directory ST: Rule selected.
  531. [03/20/12 07:46:22.727]:Active Directory ST: Applying rule 'streetAddress: Convert CR-LF to LF'.
  532. [03/20/12 07:46:22.727]:Active Directory ST: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  533. [03/20/12 07:46:22.727]:Active Directory ST: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  534. [03/20/12 07:46:22.728]:Active Directory ST: Rule selected.
  535. [03/20/12 07:46:22.728]:Active Directory ST: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  536. [03/20/12 07:46:22.728]:Active Directory ST: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  537. [03/20/12 07:46:22.728]:Active Directory ST: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  538. [03/20/12 07:46:22.728]:Active Directory ST: Rule selected.
  539. [03/20/12 07:46:22.728]:Active Directory ST: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  540. [03/20/12 07:46:22.728]:Active Directory ST: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  541. [03/20/12 07:46:22.728]:Active Directory ST: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  542. [03/20/12 07:46:22.729]:Active Directory ST: Rule selected.
  543. [03/20/12 07:46:22.729]:Active Directory ST: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  544. [03/20/12 07:46:22.729]:Active Directory ST: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  545. [03/20/12 07:46:22.729]:Active Directory ST:Policy returned:
  546. [03/20/12 07:46:22.729]:Active Directory ST:
  547. <nds dtdversion="3.5" ndsversion="8.x">
  548. <output>
  549. <status level="success"/>
  550. </output>
  551. </nds>
  552. [03/20/12 07:46:22.729]:Active Directory ST:Applying policy: %+C%14Citp-EntitlementsImpl%-C.
  553. [03/20/12 07:46:22.729]:Active Directory ST: Applying to status #1.
  554. [03/20/12 07:46:22.729]:Active Directory ST: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  555. [03/20/12 07:46:22.729]:Active Directory ST: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  556. [03/20/12 07:46:22.730]:Active Directory ST: Rule rejected.
  557. [03/20/12 07:46:22.730]:Active Directory ST: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  558. [03/20/12 07:46:22.730]:Active Directory ST: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  559. [03/20/12 07:46:22.730]:Active Directory ST: Rule rejected.
  560. [03/20/12 07:46:22.730]:Active Directory ST:Policy returned:
  561. [03/20/12 07:46:22.730]:Active Directory ST:
  562. <nds dtdversion="3.5" ndsversion="8.x">
  563. <output>
  564. <status level="success"/>
  565. </output>
  566. </nds>
  567. [03/20/12 07:46:22.730]:Active Directory ST:Applying policy: %+C%14CPassword(Pub)-Sub Email Notifications%-C.
  568. [03/20/12 07:46:22.731]:Active Directory ST: Applying to status #1.
  569. [03/20/12 07:46:22.731]:Active Directory ST: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  570. [03/20/12 07:46:22.731]:Active Directory ST: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  571. [03/20/12 07:46:22.731]:Active Directory ST: (if-operation equal "status") = TRUE.
  572. [03/20/12 07:46:22.731]:Active Directory ST: (if-xpath true "self::status[@level != 'success'][text() != '']/operation-data/password-subscribe-status/association[text() != '']") = FALSE.
  573. [03/20/12 07:46:22.731]:Active Directory ST: Rule rejected.
  574. [03/20/12 07:46:22.731]:Active Directory ST: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  575. [03/20/12 07:46:22.731]:Active Directory ST: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  576. [03/20/12 07:46:22.732]:Active Directory ST: (if-operation equal "status") = TRUE.
  577. [03/20/12 07:46:22.732]:Active Directory ST: (if-xpath true "self::status[@level != 'success']/operation-data/password-reset-status") = FALSE.
  578. [03/20/12 07:46:22.732]:Active Directory ST: Rule rejected.
  579. [03/20/12 07:46:22.732]:Active Directory ST:Policy returned:
  580. [03/20/12 07:46:22.732]:Active Directory ST:
  581. <nds dtdversion="3.5" ndsversion="8.x">
  582. <output>
  583. <status level="success"/>
  584. </output>
  585. </nds>
  586. [03/20/12 07:46:22.732]:Active Directory ST:Applying policy: %+C%14Clib-Audit-SendEntitlementsEvents-itp-V1%-C.
  587. [03/20/12 07:46:22.732]:Active Directory ST: Applying to status #1.
  588. [03/20/12 07:46:22.732]:Active Directory ST: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  589. [03/20/12 07:46:22.733]:Active Directory ST: (if-operation equal "status") = TRUE.
  590. [03/20/12 07:46:22.733]:Active Directory ST: (if-op-property 'accountAction' equal "accountCreateByEntitlementGrant") = FALSE.
  591. [03/20/12 07:46:22.733]:Active Directory ST: Rule rejected.
  592. [03/20/12 07:46:22.733]:Active Directory ST: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  593. [03/20/12 07:46:22.733]:Active Directory ST: (if-operation equal "status") = TRUE.
  594. [03/20/12 07:46:22.733]:Active Directory ST: (if-xpath true "./operation-data/entitlement-impl/@state = '0'") = FALSE.
  595. [03/20/12 07:46:22.733]:Active Directory ST: (if-operation equal "status") = TRUE.
  596. [03/20/12 07:46:22.733]:Active Directory ST: (if-op-property 'accountAction' equal "accountDeleteByEntitlementRevoke") = FALSE.
  597. [03/20/12 07:46:22.733]:Active Directory ST: Rule rejected.
  598. [03/20/12 07:46:22.733]:Active Directory ST: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  599. [03/20/12 07:46:22.734]:Active Directory ST: (if-operation equal "status") = TRUE.
  600. [03/20/12 07:46:22.734]:Active Directory ST: (if-op-property 'accountAction' equal "accountDisableByEntitlementRevoke") = FALSE.
  601. [03/20/12 07:46:22.734]:Active Directory ST: Rule rejected.
  602. [03/20/12 07:46:22.734]:Active Directory ST: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  603. [03/20/12 07:46:22.734]:Active Directory ST: (if-operation equal "status") = TRUE.
  604. [03/20/12 07:46:22.734]:Active Directory ST: (if-op-property 'accountAction' equal "accountEnableByEntitlementGrant") = FALSE.
  605. [03/20/12 07:46:22.734]:Active Directory ST: Rule rejected.
  606. [03/20/12 07:46:22.734]:Active Directory ST: Evaluating selection criteria for rule 'Generate Audit Event'.
  607. [03/20/12 07:46:22.734]:Active Directory ST: (if-operation equal "status") = TRUE.
  608. [03/20/12 07:46:22.734]:Active Directory ST: (if-local-variable 'auditEventID' available) = FALSE.
  609. [03/20/12 07:46:22.735]:Active Directory ST: Rule rejected.
  610. [03/20/12 07:46:22.735]:Active Directory ST:Policy returned:
  611. [03/20/12 07:46:22.735]:Active Directory ST:
  612. <nds dtdversion="3.5" ndsversion="8.x">
  613. <output>
  614. <status level="success"/>
  615. </output>
  616. </nds>
  617. [03/20/12 07:46:22.735]:Active Directory ST:Applying schema mapping policies to input.
  618. [03/20/12 07:46:22.735]:Active Directory ST:Applying policy: %+C%14Csmp%-C.
  619. [03/20/12 07:46:22.735]:Active Directory ST:Resolving association references.
  620. [03/20/12 07:46:22.735]:Active Directory ST:Applying policy: %+C%14Csmp%-C.
  621. [03/20/12 07:46:22.735]:Active Directory ST: Mapping class-name 'user' to 'User'.
  622. [03/20/12 07:46:22.735]:Active Directory ST: Mapping attr-name 'accountExpires' to 'Login Expiration Time'.
  623. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'cn' to 'CN'.
  624. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'description' to 'Description'.
  625. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'dirxml-uACAccountDisable' to 'Login Disabled'.
  626. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'displayName' to 'Full Name'.
  627. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'facsimileTelephoneNumber' to 'Facsimile Telephone Number'.
  628. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'givenName' to 'Given Name'.
  629. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'initials' to 'Initials'.
  630. [03/20/12 07:46:22.736]:Active Directory ST: Mapping attr-name 'l' to 'Physical Delivery Office Name'.
  631. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'lockoutTime' to 'Login Intruder Reset Time'.
  632. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'logonHours' to 'Login Allowed Time Map'.
  633. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'mail' to 'Internet EMail Address'.
  634. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'memberOf' to 'Group Membership'.
  635. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'ou' to 'OU'.
  636. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'physicalDeliveryOfficeName' to 'L'.
  637. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'postalCode' to 'Postal Code'.
  638. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'postOfficeBox' to 'Postal Office Box'.
  639. [03/20/12 07:46:22.737]:Active Directory ST: Mapping attr-name 'sAMAccountName' to 'CN'.
  640. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'seeAlso' to 'See Also'.
  641. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'sn' to 'Surname'.
  642. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'st' to 'S'.
  643. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'streetAddress' to 'SA'.
  644. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'telephoneNumber' to 'Telephone Number'.
  645. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'title' to 'Title'.
  646. [03/20/12 07:46:22.738]:Active Directory ST: Mapping attr-name 'userPrincipalName' to 'DirXML-ADAliasName'.
  647. [03/20/12 07:46:22.739]:Active Directory ST:Application DN form: ldap.
  648. [03/20/12 07:46:22.739]:Active Directory ST:Creating publisher.
  649. [03/20/12 07:46:22.739]:Active Directory ST:Loading Publisher input transformation policies.
  650. [03/20/12 07:46:22.739]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Publish-itp-V1#XmlData.
  651. [03/20/12 07:46:22.740]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Publish-itp-V1#XmlData:
  652. [03/20/12 07:46:22.741]:Active Directory ST:Found DirXMLScript policy.
  653. [03/20/12 07:46:22.745]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-WriteAccounts-itp-V1#XmlData.
  654. [03/20/12 07:46:22.747]:Active Directory ST:Found DirXMLScript policy.
  655. [03/20/12 07:46:22.753]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/itp#XmlData.
  656. [03/20/12 07:46:22.754]:Active Directory ST:Found DirXMLScript policy.
  657. [03/20/12 07:46:22.755]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/itp-EntitlementsImpl#XmlData.
  658. [03/20/12 07:46:22.755]:Active Directory ST:Found DirXMLScript policy.
  659. [03/20/12 07:46:22.769]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Password%28Pub%29-Sub+Email+Notifications#XmlData.
  660. [03/20/12 07:46:22.770]:Active Directory ST:Found DirXMLScript policy.
  661. [03/20/12 07:46:22.772]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-Audit-SendEntitlementsEvents-itp-V1#XmlData.
  662. [03/20/12 07:46:22.773]:Active Directory ST:Found DirXMLScript policy.
  663. [03/20/12 07:46:22.775]:Active Directory ST:Loading Publisher output transformation policies.
  664. [03/20/12 07:46:22.775]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/otp#XmlData.
  665. [03/20/12 07:46:22.776]:Active Directory ST:Found DirXMLScript policy.
  666. [03/20/12 07:46:22.777]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Password%28Sub%29-Pub+Email+Notifications#XmlData.
  667. [03/20/12 07:46:22.783]:Active Directory ST:Found DirXMLScript policy.
  668. [03/20/12 07:46:22.784]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-CredProv-ConvertPayload-otp-V1#XmlData.
  669. [03/20/12 07:46:22.785]:Active Directory ST:Found DirXMLScript policy.
  670. [03/20/12 07:46:22.791]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Subscribe-otp-V1#XmlData.
  671. [03/20/12 07:46:22.792]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-Subscribe-otp-V1#XmlData:
  672. [03/20/12 07:46:22.792]:Active Directory ST:Found DirXMLScript policy.
  673. [03/20/12 07:46:22.793]:Active Directory ST:Loading Publisher schema mapping policies.
  674. [03/20/12 07:46:22.794]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/smp#XmlData.
  675. [03/20/12 07:46:22.794]:Active Directory ST:Found schema map.
  676. [03/20/12 07:46:22.795]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/smp#XmlData.
  677. [03/20/12 07:46:22.795]:Active Directory ST:Found schema map.
  678. [03/20/12 07:46:22.796]:Active Directory ST:Loading Publisher event transformation policies.
  679. [03/20/12 07:46:22.796]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-etp-EntitlementsImpl#XmlData.
  680. [03/20/12 07:46:22.796]:Active Directory ST:Found DirXMLScript policy.
  681. [03/20/12 07:46:22.797]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-etp-HandleMovesAndRenames#XmlData.
  682. [03/20/12 07:46:22.798]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-etp-HandleMovesAndRenames#XmlData:
  683. [03/20/12 07:46:22.798]:Active Directory ST:Found DirXMLScript policy.
  684. [03/20/12 07:46:22.799]:Active Directory ST:Loading Publisher object matching policies.
  685. [03/20/12 07:46:22.800]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-mp-Scoping#XmlData.
  686. [03/20/12 07:46:22.834]:Active Directory ST:Global Configuration Value replacements made in vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-mp-Scoping#XmlData:
  687. [03/20/12 07:46:22.834]:Active Directory ST:Found DirXMLScript policy.
  688. [03/20/12 07:46:22.835]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-mp-EntitlementsImpl#XmlData.
  689. [03/20/12 07:46:22.835]:Active Directory ST:Found DirXMLScript policy.
  690. [03/20/12 07:46:22.836]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-mp#XmlData.
  691. [03/20/12 07:46:22.836]:Active Directory ST:Found DirXMLScript policy.
  692. [03/20/12 07:46:22.837]:Active Directory ST:Loading Publisher object creation policies.
  693. [03/20/12 07:46:22.838]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-cp#XmlData.
  694. [03/20/12 07:46:22.838]:Active Directory ST:Found DirXMLScript policy.
  695. [03/20/12 07:46:22.839]:Active Directory ST:Loading Publisher object placement policies.
  696. [03/20/12 07:46:22.839]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-pp#XmlData.
  697. [03/20/12 07:46:22.839]:Active Directory ST:Found DirXMLScript policy.
  698. [03/20/12 07:46:22.840]:Active Directory ST:Loading Publisher command transformation policies.
  699. [03/20/12 07:46:22.840]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-ctp-UserNameMap#XmlData.
  700. [03/20/12 07:46:22.841]:Active Directory ST:Found DirXMLScript policy.
  701. [03/20/12 07:46:22.842]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-ctp#XmlData.
  702. [03/20/12 07:46:22.842]:Active Directory ST:Found DirXMLScript policy.
  703. [03/20/12 07:46:22.844]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/pub-cts#XmlData.
  704. [03/20/12 07:46:22.844]:Active Directory ST:Found XSLT policy.
  705. [03/20/12 07:46:22.845]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/Password%28Pub%29-Default+Password+Policy#XmlData.
  706. [03/20/12 07:46:22.846]:Active Directory ST:Found DirXMLScript policy.
  707. [03/20/12 07:46:22.846]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/Password%28Pub%29-Check+Password+GCV#XmlData.
  708. [03/20/12 07:46:22.846]:Active Directory ST:Found DirXMLScript policy.
  709. [03/20/12 07:46:22.847]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/Password%28Pub%29-Publish+Distribution+Password#XmlData.
  710. [03/20/12 07:46:22.848]:Active Directory ST:Found DirXMLScript policy.
  711. [03/20/12 07:46:22.849]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/Password%28Pub%29-Publish+NDS+Password#XmlData.
  712. [03/20/12 07:46:22.849]:Active Directory ST:Found DirXMLScript policy.
  713. [03/20/12 07:46:22.849]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory/Publisher/Password%28Pub%29-Add+Password+Payload#XmlData.
  714. [03/20/12 07:46:22.850]:Active Directory ST:Found DirXMLScript policy.
  715. [03/20/12 07:46:22.851]:Active Directory ST:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Library/lib-AccountTracking-WriteAccountsOnAdds-pub-ctp-V1#XmlData.
  716. [03/20/12 07:46:22.858]:Active Directory ST:Found DirXMLScript policy.
  717. [03/20/12 07:46:22.860]:Active Directory ST:Creating publisher thread.
  718. [03/20/12 07:46:22.860]:Active Directory ST:Publisher thread created.
  719. [03/20/12 07:46:22.862]:Active Directory PT:In publisher thread.
  720. [03/20/12 07:46:22.867]:Active Directory PT:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-ShimConfigInfo.
  721. [03/20/12 07:46:22.869]:Active Directory ST:Starting event loop.
  722. [03/20/12 07:46:22.870]:Active Directory ST:Received state change event.
  723. [03/20/12 07:46:22.870]:Active Directory ST:Transitioned from state '%+C%14CStopped%-C' to state '%+C%14CStarting%-C'.
  724. [03/20/12 07:46:22.871]:Active Directory PT:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-DriverStorage.
  725. [03/20/12 07:46:22.872]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  726. [03/20/12 07:46:22.872]:Active Directory PT: Mapping attr-name 'Description' to 'description'.
  727. [03/20/12 07:46:22.872]:Active Directory PT: Mapping attr-name 'Full Name' to 'displayName'.
  728. [03/20/12 07:46:22.872]:Active Directory PT: Mapping attr-name 'Member' to 'member'.
  729. [03/20/12 07:46:22.872]:Active Directory PT: Mapping attr-name 'Owner' to 'managedBy'.
  730. [03/20/12 07:46:22.872]:Active Directory PT: Mapping attr-name 'Description' to 'description'.
  731. [03/20/12 07:46:22.873]:Active Directory ST:Successfully processed state change event.
  732. [03/20/12 07:46:22.873]:Active Directory ST:Submitting identification query to subscriber shim:
  733. [03/20/12 07:46:22.873]:Active Directory ST:
  734. <nds dtdversion="3.5" ndsversion="8.x">
  735. <source>
  736. <product version="3.6.10.4747">DirXML</product>
  737. <contact>Novell, Inc.</contact>
  738. </source>
  739. <input>
  740. <query event-id="query-driver-ident" scope="entry">
  741. <search-class class-name="__driver_identification_class__"/>
  742. <read-attr/>
  743. </query>
  744. </input>
  745. </nds>
  746. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'CN' to 'sAMAccountName'.
  747. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'Description' to 'description'.
  748. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'DirXML-ADAliasName' to 'userPrincipalName'.
  749. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'Facsimile Telephone Number' to 'facsimileTelephoneNumber'.
  750. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'Full Name' to 'displayName'.
  751. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'Given Name' to 'givenName'.
  752. [03/20/12 07:46:22.874]:Active Directory PT: Mapping attr-name 'Initials' to 'initials'.
  753. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Internet EMail Address' to 'mail'.
  754. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'L' to 'physicalDeliveryOfficeName'.
  755. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Login Allowed Time Map' to 'logonHours'.
  756. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Login Disabled' to 'dirxml-uACAccountDisable'.
  757. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Login Expiration Time' to 'accountExpires'.
  758. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Physical Delivery Office Name' to 'l'.
  759. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Postal Code' to 'postalCode'.
  760. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'Postal Office Box' to 'postOfficeBox'.
  761. [03/20/12 07:46:22.875]:Active Directory PT: Mapping attr-name 'S' to 'st'.
  762. [03/20/12 07:46:22.876]:Active Directory PT: Mapping attr-name 'SA' to 'streetAddress'.
  763. [03/20/12 07:46:22.876]:Active Directory PT: Mapping attr-name 'Surname' to 'sn'.
  764. [03/20/12 07:46:22.876]:Active Directory PT: Mapping attr-name 'Telephone Number' to 'telephoneNumber'.
  765. [03/20/12 07:46:22.876]:Active Directory PT: Mapping attr-name 'Title' to 'title'.
  766. [03/20/12 07:46:22.876]:Active Directory PT: Mapping class-name 'Group' to 'group'.
  767. [03/20/12 07:46:22.876]:Active Directory PT: Mapping class-name 'Organizational Unit' to 'organizationalUnit'.
  768. [03/20/12 07:46:22.876]:Active Directory PT: Mapping class-name 'User' to 'user'.
  769. [03/20/12 07:46:22.876]:Active Directory PT:Initializing publisher shim.
  770. [03/20/12 07:46:22.876]:Active Directory PT:
  771. <nds dtdversion="3.5" ndsversion="8.x">
  772. <source>
  773. <product version="3.6.10.4747">DirXML</product>
  774. <contact>Novell, Inc.</contact>
  775. </source>
  776. <input>
  777. <init-params src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory">
  778. <authentication-info>
  779. <server>REMOTE(hostname=10.237.48.38 port=8090)10.237.48.38</server>
  780. <user>edir2adlab/Administrator</user>
  781. <password><!-- content suppressed --></password>
  782. </authentication-info>
  783. <driver-filter>
  784. <allow-class class-name="group">
  785. <allow-attr attr-name="description"/>
  786. <allow-attr attr-name="displayName"/>
  787. <allow-attr attr-name="L"/>
  788. <allow-attr attr-name="member"/>
  789. <allow-attr attr-name="managedBy"/>
  790. </allow-class>
  791. <allow-class class-name="organizationalUnit">
  792. <allow-attr attr-name="description"/>
  793. </allow-class>
  794. <allow-class class-name="user">
  795. <allow-attr attr-name="sAMAccountName"/>
  796. <allow-attr attr-name="description"/>
  797. <allow-attr attr-name="userPrincipalName"/>
  798. <allow-attr attr-name="facsimileTelephoneNumber"/>
  799. <allow-attr attr-name="displayName"/>
  800. <allow-attr attr-name="givenName"/>
  801. <allow-attr attr-name="initials"/>
  802. <allow-attr attr-name="mail"/>
  803. <allow-attr attr-name="physicalDeliveryOfficeName"/>
  804. <allow-attr attr-name="logonHours"/>
  805. <allow-attr attr-name="dirxml-uACAccountDisable"/>
  806. <allow-attr attr-name="accountExpires"/>
  807. <allow-attr attr-name="l"/>
  808. <allow-attr attr-name="postalCode"/>
  809. <allow-attr attr-name="postOfficeBox"/>
  810. <allow-attr attr-name="st"/>
  811. <allow-attr attr-name="streetAddress"/>
  812. <allow-attr attr-name="sn"/>
  813. <allow-attr attr-name="telephoneNumber"/>
  814. <allow-attr attr-name="title"/>
  815. </allow-class>
  816. </driver-filter>
  817. <publisher-state>
  818. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  819. </publisher-state>
  820. </init-params>
  821. </input>
  822. </nds>
  823. [03/20/12 07:46:22.879]:Active Directory PT:PublicationShim.init() returned:
  824. [03/20/12 07:46:22.879]:Active Directory PT:
  825. <nds dtdversion="3.5" ndsversion="8.x">
  826. <output>
  827. <status level="success"/>
  828. </output>
  829. </nds>
  830. [03/20/12 07:46:22.879]:Active Directory PT:Applying input transformation policies.
  831. [03/20/12 07:46:22.879]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Publish-itp-V1%-C.
  832. [03/20/12 07:46:22.879]:Active Directory PT: Applying to status #1.
  833. [03/20/12 07:46:22.879]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  834. [03/20/12 07:46:22.879]:Active Directory PT: Rule selected.
  835. [03/20/12 07:46:22.879]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  836. [03/20/12 07:46:22.879]:Active Directory PT: Action: do-if().
  837. [03/20/12 07:46:22.880]:Active Directory PT: Evaluating conditions.
  838. [03/20/12 07:46:22.880]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  839. [03/20/12 07:46:22.880]:Active Directory PT: Performing else actions.
  840. [03/20/12 07:46:22.880]:Active Directory PT: Action: do-if().
  841. [03/20/12 07:46:22.880]:Active Directory PT: Evaluating conditions.
  842. [03/20/12 07:46:22.880]:Active Directory PT: (if-class-name available) = FALSE.
  843. [03/20/12 07:46:22.880]:Active Directory PT: Performing else actions.
  844. [03/20/12 07:46:22.880]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  845. [03/20/12 07:46:22.880]:Active Directory PT: (if-operation equal "add-association") = FALSE.
  846. [03/20/12 07:46:22.880]:Active Directory PT: Rule rejected.
  847. [03/20/12 07:46:22.881]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  848. [03/20/12 07:46:22.881]:Active Directory PT: (if-operation match "modify|delete|move|rename") = FALSE.
  849. [03/20/12 07:46:22.881]:Active Directory PT: Rule rejected.
  850. [03/20/12 07:46:22.881]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  851. [03/20/12 07:46:22.881]:Active Directory PT: (if-operation match "add|modify|delete|rename|move|status") = TRUE.
  852. [03/20/12 07:46:22.881]:Active Directory PT: Rule selected.
  853. [03/20/12 07:46:22.881]:Active Directory PT: Applying rule 'AccountTracking - add interested properties to current doc for future use.'.
  854. [03/20/12 07:46:22.881]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.identifiers"))).
  855. [03/20/12 07:46:22.881]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.identifiers"))
  856. [03/20/12 07:46:22.882]:Active Directory PT: token-global-variable("drv.acctTrk.identifiers")
  857. [03/20/12 07:46:22.882]:Active Directory PT: Token Value: {"sAMAccountName","userPrincipalName","LDAPDN","association"}.
  858. [03/20/12 07:46:22.882]:Active Directory PT: Arg Value: {"sAMAccountName","userPrincipalName","LDAPDN","association"}.
  859. [03/20/12 07:46:22.882]:Active Directory PT: Performing actions for local-variable(current-node) = "sAMAccountName".
  860. [03/20/12 07:46:22.882]:Active Directory PT: Action: do-if().
  861. [03/20/12 07:46:22.882]:Active Directory PT: Evaluating conditions.
  862. [03/20/12 07:46:22.882]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  863. [03/20/12 07:46:22.882]:Active Directory PT: Performing else actions.
  864. [03/20/12 07:46:22.882]:Active Directory PT: Action: do-if().
  865. [03/20/12 07:46:22.883]:Active Directory PT: Evaluating conditions.
  866. [03/20/12 07:46:22.883]:Active Directory PT: (if-local-variable 'current-node' equal "association") = FALSE.
  867. [03/20/12 07:46:22.883]:Active Directory PT: Performing else actions.
  868. [03/20/12 07:46:22.883]:Active Directory PT: Action: do-if().
  869. [03/20/12 07:46:22.883]:Active Directory PT: Evaluating conditions.
  870. [03/20/12 07:46:22.883]:Active Directory PT: Expanded variable reference '$current-node$' to 'sAMAccountName'.
  871. [03/20/12 07:46:22.883]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  872. [03/20/12 07:46:22.883]:Active Directory PT: Expanded variable reference '$current-node$' to 'sAMAccountName'.
  873. [03/20/12 07:46:22.883]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  874. [03/20/12 07:46:22.884]:Active Directory PT: Performing else actions.
  875. [03/20/12 07:46:22.884]:Active Directory PT: Performing actions for local-variable(current-node) = "userPrincipalName".
  876. [03/20/12 07:46:22.884]:Active Directory PT: Action: do-if().
  877. [03/20/12 07:46:22.884]:Active Directory PT: Evaluating conditions.
  878. [03/20/12 07:46:22.884]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  879. [03/20/12 07:46:22.884]:Active Directory PT: Performing else actions.
  880. [03/20/12 07:46:22.884]:Active Directory PT: Action: do-if().
  881. [03/20/12 07:46:22.884]:Active Directory PT: Evaluating conditions.
  882. [03/20/12 07:46:22.884]:Active Directory PT: (if-local-variable 'current-node' equal "association") = FALSE.
  883. [03/20/12 07:46:22.902]:Active Directory PT: Performing else actions.
  884. [03/20/12 07:46:22.902]:Active Directory PT: Action: do-if().
  885. [03/20/12 07:46:22.902]:Active Directory PT: Evaluating conditions.
  886. [03/20/12 07:46:22.902]:Active Directory PT: Expanded variable reference '$current-node$' to 'userPrincipalName'.
  887. [03/20/12 07:46:22.902]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  888. [03/20/12 07:46:22.902]:Active Directory PT: Expanded variable reference '$current-node$' to 'userPrincipalName'.
  889. [03/20/12 07:46:22.903]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  890. [03/20/12 07:46:22.903]:Active Directory PT: Performing else actions.
  891. [03/20/12 07:46:22.903]:Active Directory PT: Performing actions for local-variable(current-node) = "LDAPDN".
  892. [03/20/12 07:46:22.903]:Active Directory PT: Action: do-if().
  893. [03/20/12 07:46:22.903]:Active Directory PT: Evaluating conditions.
  894. [03/20/12 07:46:22.903]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = TRUE.
  895. [03/20/12 07:46:22.903]:Active Directory PT: Expanded variable reference '$current-node$' to 'LDAPDN'.
  896. [03/20/12 07:46:22.903]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  897. [03/20/12 07:46:22.903]:Active Directory PT: (if-src-dn available) = FALSE.
  898. [03/20/12 07:46:22.904]:Active Directory PT: Performing else actions.
  899. [03/20/12 07:46:22.904]:Active Directory PT: Action: do-if().
  900. [03/20/12 07:46:22.904]:Active Directory PT: Evaluating conditions.
  901. [03/20/12 07:46:22.904]:Active Directory PT: (if-local-variable 'current-node' equal "association") = FALSE.
  902. [03/20/12 07:46:22.904]:Active Directory PT: Performing else actions.
  903. [03/20/12 07:46:22.904]:Active Directory PT: Action: do-if().
  904. [03/20/12 07:46:22.904]:Active Directory PT: Evaluating conditions.
  905. [03/20/12 07:46:22.904]:Active Directory PT: Expanded variable reference '$current-node$' to 'LDAPDN'.
  906. [03/20/12 07:46:22.904]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  907. [03/20/12 07:46:22.905]:Active Directory PT: Expanded variable reference '$current-node$' to 'LDAPDN'.
  908. [03/20/12 07:46:22.905]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  909. [03/20/12 07:46:22.905]:Active Directory PT: Performing else actions.
  910. [03/20/12 07:46:22.905]:Active Directory PT: Performing actions for local-variable(current-node) = "association".
  911. [03/20/12 07:46:22.905]:Active Directory PT: Action: do-if().
  912. [03/20/12 07:46:22.905]:Active Directory PT: Evaluating conditions.
  913. [03/20/12 07:46:22.905]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  914. [03/20/12 07:46:22.905]:Active Directory PT: Performing else actions.
  915. [03/20/12 07:46:22.905]:Active Directory PT: Action: do-if().
  916. [03/20/12 07:46:22.905]:Active Directory PT: Evaluating conditions.
  917. [03/20/12 07:46:22.906]:Active Directory PT: (if-local-variable 'current-node' equal "association") = TRUE.
  918. [03/20/12 07:46:22.906]:Active Directory PT: Expanded variable reference '$current-node$' to 'association'.
  919. [03/20/12 07:46:22.906]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  920. [03/20/12 07:46:22.906]:Active Directory PT: (if-association available) = FALSE.
  921. [03/20/12 07:46:22.906]:Active Directory PT: Performing else actions.
  922. [03/20/12 07:46:22.906]:Active Directory PT: Action: do-if().
  923. [03/20/12 07:46:22.906]:Active Directory PT: Evaluating conditions.
  924. [03/20/12 07:46:22.906]:Active Directory PT: Expanded variable reference '$current-node$' to 'association'.
  925. [03/20/12 07:46:22.906]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  926. [03/20/12 07:46:22.907]:Active Directory PT: Expanded variable reference '$current-node$' to 'association'.
  927. [03/20/12 07:46:22.907]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  928. [03/20/12 07:46:22.907]:Active Directory PT: Performing else actions.
  929. [03/20/12 07:46:22.907]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  930. [03/20/12 07:46:22.907]:Active Directory PT: (if-operation match "add|modify|delete|rename|move") = FALSE.
  931. [03/20/12 07:46:22.907]:Active Directory PT: Rule rejected.
  932. [03/20/12 07:46:22.907]:Active Directory PT:Policy returned:
  933. [03/20/12 07:46:22.907]:Active Directory PT:
  934. <nds dtdversion="3.5" ndsversion="8.x">
  935. <output>
  936. <status level="success"/>
  937. </output>
  938. </nds>
  939. [03/20/12 07:46:22.908]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccounts-itp-V1%-C.
  940. [03/20/12 07:46:22.908]:Active Directory PT: Applying to status #1.
  941. [03/20/12 07:46:22.908]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  942. [03/20/12 07:46:22.908]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  943. [03/20/12 07:46:22.908]:Active Directory PT: Rule rejected.
  944. [03/20/12 07:46:22.908]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  945. [03/20/12 07:46:22.908]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  946. [03/20/12 07:46:22.908]:Active Directory PT: Rule rejected.
  947. [03/20/12 07:46:22.909]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  948. [03/20/12 07:46:22.909]:Active Directory PT: (if-operation match "delete|remove-association") = FALSE.
  949. [03/20/12 07:46:22.909]:Active Directory PT: (if-operation equal "status") = TRUE.
  950. [03/20/12 07:46:22.909]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  951. [03/20/12 07:46:22.909]:Active Directory PT: Rule rejected.
  952. [03/20/12 07:46:22.909]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  953. [03/20/12 07:46:22.909]:Active Directory PT: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  954. [03/20/12 07:46:22.909]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  955. [03/20/12 07:46:22.909]:Active Directory PT: (if-operation equal "status") = TRUE.
  956. [03/20/12 07:46:22.910]:Active Directory PT: (if-xpath true "./@level='success'") = TRUE.
  957. [03/20/12 07:46:22.910]:Active Directory PT: (if-op-property 'AccountTracking-Operation' available) = FALSE.
  958. [03/20/12 07:46:22.910]:Active Directory PT: Rule rejected.
  959. [03/20/12 07:46:22.910]:Active Directory PT:Policy returned:
  960. [03/20/12 07:46:22.910]:Active Directory PT:
  961. <nds dtdversion="3.5" ndsversion="8.x">
  962. <output>
  963. <status level="success"/>
  964. </output>
  965. </nds>
  966. [03/20/12 07:46:22.910]:Active Directory PT:Applying policy: %+C%14Citp%-C.
  967. [03/20/12 07:46:22.910]:Active Directory PT: Applying to status #1.
  968. [03/20/12 07:46:22.910]:Active Directory PT: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  969. [03/20/12 07:46:22.910]:Active Directory PT: Rule selected.
  970. [03/20/12 07:46:22.910]:Active Directory PT: Applying rule 'streetAddress: Convert CR-LF to LF'.
  971. [03/20/12 07:46:22.911]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  972. [03/20/12 07:46:22.911]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  973. [03/20/12 07:46:22.911]:Active Directory PT: Rule selected.
  974. [03/20/12 07:46:22.911]:Active Directory PT: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  975. [03/20/12 07:46:22.911]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  976. [03/20/12 07:46:22.911]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  977. [03/20/12 07:46:22.911]:Active Directory PT: Rule selected.
  978. [03/20/12 07:46:22.911]:Active Directory PT: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  979. [03/20/12 07:46:22.912]:Active Directory PT: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  980. [03/20/12 07:46:22.912]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  981. [03/20/12 07:46:22.912]:Active Directory PT: Rule selected.
  982. [03/20/12 07:46:22.912]:Active Directory PT: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  983. [03/20/12 07:46:22.912]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  984. [03/20/12 07:46:22.912]:Active Directory PT:Policy returned:
  985. [03/20/12 07:46:22.912]:Active Directory PT:
  986. <nds dtdversion="3.5" ndsversion="8.x">
  987. <output>
  988. <status level="success"/>
  989. </output>
  990. </nds>
  991. [03/20/12 07:46:22.913]:Active Directory PT:Applying policy: %+C%14Citp-EntitlementsImpl%-C.
  992. [03/20/12 07:46:22.913]:Active Directory PT: Applying to status #1.
  993. [03/20/12 07:46:22.913]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  994. [03/20/12 07:46:22.913]:Active Directory PT: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  995. [03/20/12 07:46:22.913]:Active Directory PT: Rule rejected.
  996. [03/20/12 07:46:22.913]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  997. [03/20/12 07:46:22.913]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  998. [03/20/12 07:46:22.913]:Active Directory PT: Rule rejected.
  999. [03/20/12 07:46:22.913]:Active Directory PT:Policy returned:
  1000. [03/20/12 07:46:22.913]:Active Directory PT:
  1001. <nds dtdversion="3.5" ndsversion="8.x">
  1002. <output>
  1003. <status level="success"/>
  1004. </output>
  1005. </nds>
  1006. [03/20/12 07:46:22.914]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Sub Email Notifications%-C.
  1007. [03/20/12 07:46:22.914]:Active Directory PT: Applying to status #1.
  1008. [03/20/12 07:46:22.914]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  1009. [03/20/12 07:46:22.914]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1010. [03/20/12 07:46:22.914]:Active Directory PT: (if-operation equal "status") = TRUE.
  1011. [03/20/12 07:46:22.914]:Active Directory PT: (if-xpath true "self::status[@level != 'success'][text() != '']/operation-data/password-subscribe-status/association[text() != '']") = FALSE.
  1012. [03/20/12 07:46:22.914]:Active Directory PT: Rule rejected.
  1013. [03/20/12 07:46:22.914]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  1014. [03/20/12 07:46:22.915]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1015. [03/20/12 07:46:22.915]:Active Directory PT: (if-operation equal "status") = TRUE.
  1016. [03/20/12 07:46:22.915]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-reset-status") = FALSE.
  1017. [03/20/12 07:46:22.915]:Active Directory PT: Rule rejected.
  1018. [03/20/12 07:46:22.915]:Active Directory PT:Policy returned:
  1019. [03/20/12 07:46:22.915]:Active Directory PT:
  1020. <nds dtdversion="3.5" ndsversion="8.x">
  1021. <output>
  1022. <status level="success"/>
  1023. </output>
  1024. </nds>
  1025. [03/20/12 07:46:22.915]:Active Directory PT:Applying policy: %+C%14Clib-Audit-SendEntitlementsEvents-itp-V1%-C.
  1026. [03/20/12 07:46:22.915]:Active Directory PT: Applying to status #1.
  1027. [03/20/12 07:46:22.915]:Active Directory PT: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  1028. [03/20/12 07:46:22.916]:Active Directory PT: (if-operation equal "status") = TRUE.
  1029. [03/20/12 07:46:22.916]:Active Directory PT: (if-op-property 'accountAction' equal "accountCreateByEntitlementGrant") = FALSE.
  1030. [03/20/12 07:46:22.916]:Active Directory PT: Rule rejected.
  1031. [03/20/12 07:46:22.916]:Active Directory PT: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  1032. [03/20/12 07:46:22.916]:Active Directory PT: (if-operation equal "status") = TRUE.
  1033. [03/20/12 07:46:22.916]:Active Directory PT: (if-xpath true "./operation-data/entitlement-impl/@state = '0'") = FALSE.
  1034. [03/20/12 07:46:22.916]:Active Directory PT: (if-operation equal "status") = TRUE.
  1035. [03/20/12 07:46:22.916]:Active Directory PT: (if-op-property 'accountAction' equal "accountDeleteByEntitlementRevoke") = FALSE.
  1036. [03/20/12 07:46:22.917]:Active Directory PT: Rule rejected.
  1037. [03/20/12 07:46:22.917]:Active Directory PT: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  1038. [03/20/12 07:46:22.917]:Active Directory PT: (if-operation equal "status") = TRUE.
  1039. [03/20/12 07:46:22.917]:Active Directory PT: (if-op-property 'accountAction' equal "accountDisableByEntitlementRevoke") = FALSE.
  1040. [03/20/12 07:46:22.917]:Active Directory PT: Rule rejected.
  1041. [03/20/12 07:46:22.917]:Active Directory PT: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  1042. [03/20/12 07:46:22.917]:Active Directory PT: (if-operation equal "status") = TRUE.
  1043. [03/20/12 07:46:22.917]:Active Directory PT: (if-op-property 'accountAction' equal "accountEnableByEntitlementGrant") = FALSE.
  1044. [03/20/12 07:46:22.917]:Active Directory PT: Rule rejected.
  1045. [03/20/12 07:46:22.917]:Active Directory PT: Evaluating selection criteria for rule 'Generate Audit Event'.
  1046. [03/20/12 07:46:22.918]:Active Directory PT: (if-operation equal "status") = TRUE.
  1047. [03/20/12 07:46:22.919]:Active Directory PT: (if-local-variable 'auditEventID' available) = FALSE.
  1048. [03/20/12 07:46:22.919]:Active Directory PT: Rule rejected.
  1049. [03/20/12 07:46:22.919]:Active Directory PT:Policy returned:
  1050. [03/20/12 07:46:22.919]:Active Directory PT:
  1051. <nds dtdversion="3.5" ndsversion="8.x">
  1052. <output>
  1053. <status level="success"/>
  1054. </output>
  1055. </nds>
  1056. [03/20/12 07:46:22.919]:Active Directory PT:Applying schema mapping policies to input.
  1057. [03/20/12 07:46:22.919]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  1058. [03/20/12 07:46:22.920]:Active Directory PT:Resolving association references.
  1059. [03/20/12 07:46:22.923]:Active Directory PT:Receiving DOM document from application.
  1060. [03/20/12 07:46:22.923]:Active Directory PT:
  1061. <nds dtdversion="3.5" ndsversion="8.x">
  1062. <input>
  1063. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1064. <read-attr attr-name="Public Key"/>
  1065. </query>
  1066. </input>
  1067. </nds>
  1068. [03/20/12 07:46:22.924]:Active Directory PT:Applying input transformation policies.
  1069. [03/20/12 07:46:22.924]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Publish-itp-V1%-C.
  1070. [03/20/12 07:46:22.924]:Active Directory PT: Applying to query #1.
  1071. [03/20/12 07:46:22.924]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  1072. [03/20/12 07:46:22.924]:Active Directory PT: Rule selected.
  1073. [03/20/12 07:46:22.924]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  1074. [03/20/12 07:46:22.924]:Active Directory PT: Action: do-if().
  1075. [03/20/12 07:46:22.925]:Active Directory PT: Evaluating conditions.
  1076. [03/20/12 07:46:22.925]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1077. [03/20/12 07:46:22.925]:Active Directory PT: Performing else actions.
  1078. [03/20/12 07:46:22.925]:Active Directory PT: Action: do-if().
  1079. [03/20/12 07:46:22.925]:Active Directory PT: Evaluating conditions.
  1080. [03/20/12 07:46:22.925]:Active Directory PT: (if-class-name available) = FALSE.
  1081. [03/20/12 07:46:22.925]:Active Directory PT: Performing else actions.
  1082. [03/20/12 07:46:22.925]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  1083. [03/20/12 07:46:22.925]:Active Directory PT: (if-operation equal "add-association") = FALSE.
  1084. [03/20/12 07:46:22.925]:Active Directory PT: Rule rejected.
  1085. [03/20/12 07:46:22.925]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  1086. [03/20/12 07:46:22.926]:Active Directory PT: (if-operation match "modify|delete|move|rename") = FALSE.
  1087. [03/20/12 07:46:22.926]:Active Directory PT: Rule rejected.
  1088. [03/20/12 07:46:22.926]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  1089. [03/20/12 07:46:22.926]:Active Directory PT: (if-operation match "add|modify|delete|rename|move|status") = FALSE.
  1090. [03/20/12 07:46:22.926]:Active Directory PT: Rule rejected.
  1091. [03/20/12 07:46:22.926]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  1092. [03/20/12 07:46:22.926]:Active Directory PT: (if-operation match "add|modify|delete|rename|move") = FALSE.
  1093. [03/20/12 07:46:22.926]:Active Directory PT: Rule rejected.
  1094. [03/20/12 07:46:22.926]:Active Directory PT:Policy returned:
  1095. [03/20/12 07:46:22.927]:Active Directory PT:
  1096. <nds dtdversion="3.5" ndsversion="8.x">
  1097. <input>
  1098. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1099. <read-attr attr-name="Public Key"/>
  1100. </query>
  1101. </input>
  1102. </nds>
  1103. [03/20/12 07:46:22.927]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccounts-itp-V1%-C.
  1104. [03/20/12 07:46:22.927]:Active Directory PT: Applying to query #1.
  1105. [03/20/12 07:46:22.927]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  1106. [03/20/12 07:46:22.927]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1107. [03/20/12 07:46:22.927]:Active Directory PT: Rule rejected.
  1108. [03/20/12 07:46:22.927]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  1109. [03/20/12 07:46:22.927]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  1110. [03/20/12 07:46:22.928]:Active Directory PT: Rule rejected.
  1111. [03/20/12 07:46:22.928]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  1112. [03/20/12 07:46:22.928]:Active Directory PT: (if-operation match "delete|remove-association") = FALSE.
  1113. [03/20/12 07:46:22.928]:Active Directory PT: (if-operation equal "status") = FALSE.
  1114. [03/20/12 07:46:22.928]:Active Directory PT: Rule rejected.
  1115. [03/20/12 07:46:22.928]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  1116. [03/20/12 07:46:22.928]:Active Directory PT: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  1117. [03/20/12 07:46:22.928]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  1118. [03/20/12 07:46:22.928]:Active Directory PT: (if-operation equal "status") = FALSE.
  1119. [03/20/12 07:46:22.928]:Active Directory PT: Rule rejected.
  1120. [03/20/12 07:46:22.929]:Active Directory PT:Policy returned:
  1121. [03/20/12 07:46:22.929]:Active Directory PT:
  1122. <nds dtdversion="3.5" ndsversion="8.x">
  1123. <input>
  1124. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1125. <read-attr attr-name="Public Key"/>
  1126. </query>
  1127. </input>
  1128. </nds>
  1129. [03/20/12 07:46:22.929]:Active Directory PT:Applying policy: %+C%14Citp%-C.
  1130. [03/20/12 07:46:22.929]:Active Directory PT: Applying to query #1.
  1131. [03/20/12 07:46:22.929]:Active Directory PT: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  1132. [03/20/12 07:46:22.929]:Active Directory PT: Rule selected.
  1133. [03/20/12 07:46:22.929]:Active Directory PT: Applying rule 'streetAddress: Convert CR-LF to LF'.
  1134. [03/20/12 07:46:22.929]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  1135. [03/20/12 07:46:22.929]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  1136. [03/20/12 07:46:22.930]:Active Directory PT: Rule selected.
  1137. [03/20/12 07:46:22.930]:Active Directory PT: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  1138. [03/20/12 07:46:22.930]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  1139. [03/20/12 07:46:22.930]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  1140. [03/20/12 07:46:22.930]:Active Directory PT: Rule selected.
  1141. [03/20/12 07:46:22.930]:Active Directory PT: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  1142. [03/20/12 07:46:22.930]:Active Directory PT: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  1143. [03/20/12 07:46:22.930]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  1144. [03/20/12 07:46:22.931]:Active Directory PT: Rule selected.
  1145. [03/20/12 07:46:22.931]:Active Directory PT: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  1146. [03/20/12 07:46:22.931]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  1147. [03/20/12 07:46:22.931]:Active Directory PT:Policy returned:
  1148. [03/20/12 07:46:22.931]:Active Directory PT:
  1149. <nds dtdversion="3.5" ndsversion="8.x">
  1150. <input>
  1151. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1152. <read-attr attr-name="Public Key"/>
  1153. </query>
  1154. </input>
  1155. </nds>
  1156. [03/20/12 07:46:22.931]:Active Directory PT:Applying policy: %+C%14Citp-EntitlementsImpl%-C.
  1157. [03/20/12 07:46:22.931]:Active Directory PT: Applying to query #1.
  1158. [03/20/12 07:46:22.931]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  1159. [03/20/12 07:46:22.932]:Active Directory PT: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  1160. [03/20/12 07:46:22.932]:Active Directory PT: Rule rejected.
  1161. [03/20/12 07:46:22.932]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  1162. [03/20/12 07:46:22.932]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  1163. [03/20/12 07:46:22.932]:Active Directory PT: Rule rejected.
  1164. [03/20/12 07:46:22.932]:Active Directory PT:Policy returned:
  1165. [03/20/12 07:46:22.932]:Active Directory PT:
  1166. <nds dtdversion="3.5" ndsversion="8.x">
  1167. <input>
  1168. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1169. <read-attr attr-name="Public Key"/>
  1170. </query>
  1171. </input>
  1172. </nds>
  1173. [03/20/12 07:46:22.932]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Sub Email Notifications%-C.
  1174. [03/20/12 07:46:22.933]:Active Directory PT: Applying to query #1.
  1175. [03/20/12 07:46:22.933]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  1176. [03/20/12 07:46:22.933]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1177. [03/20/12 07:46:22.933]:Active Directory PT: (if-operation equal "status") = FALSE.
  1178. [03/20/12 07:46:22.933]:Active Directory PT: Rule rejected.
  1179. [03/20/12 07:46:22.933]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  1180. [03/20/12 07:46:22.933]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1181. [03/20/12 07:46:22.933]:Active Directory PT: (if-operation equal "status") = FALSE.
  1182. [03/20/12 07:46:22.933]:Active Directory PT: Rule rejected.
  1183. [03/20/12 07:46:22.933]:Active Directory PT:Policy returned:
  1184. [03/20/12 07:46:22.934]:Active Directory PT:
  1185. <nds dtdversion="3.5" ndsversion="8.x">
  1186. <input>
  1187. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1188. <read-attr attr-name="Public Key"/>
  1189. </query>
  1190. </input>
  1191. </nds>
  1192. [03/20/12 07:46:22.934]:Active Directory PT:Applying policy: %+C%14Clib-Audit-SendEntitlementsEvents-itp-V1%-C.
  1193. [03/20/12 07:46:22.934]:Active Directory PT: Applying to query #1.
  1194. [03/20/12 07:46:22.934]:Active Directory PT: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  1195. [03/20/12 07:46:22.934]:Active Directory PT: (if-operation equal "status") = FALSE.
  1196. [03/20/12 07:46:22.934]:Active Directory PT: Rule rejected.
  1197. [03/20/12 07:46:22.934]:Active Directory PT: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  1198. [03/20/12 07:46:22.934]:Active Directory PT: (if-operation equal "status") = FALSE.
  1199. [03/20/12 07:46:22.935]:Active Directory PT: (if-operation equal "status") = FALSE.
  1200. [03/20/12 07:46:22.935]:Active Directory PT: Rule rejected.
  1201. [03/20/12 07:46:22.935]:Active Directory PT: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  1202. [03/20/12 07:46:22.935]:Active Directory PT: (if-operation equal "status") = FALSE.
  1203. [03/20/12 07:46:22.935]:Active Directory PT: Rule rejected.
  1204. [03/20/12 07:46:22.935]:Active Directory PT: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  1205. [03/20/12 07:46:22.935]:Active Directory PT: (if-operation equal "status") = FALSE.
  1206. [03/20/12 07:46:22.935]:Active Directory PT: Rule rejected.
  1207. [03/20/12 07:46:22.935]:Active Directory PT: Evaluating selection criteria for rule 'Generate Audit Event'.
  1208. [03/20/12 07:46:22.935]:Active Directory PT: (if-operation equal "status") = FALSE.
  1209. [03/20/12 07:46:22.935]:Active Directory PT: Rule rejected.
  1210. [03/20/12 07:46:22.936]:Active Directory PT:Policy returned:
  1211. [03/20/12 07:46:22.936]:Active Directory PT:
  1212. <nds dtdversion="3.5" ndsversion="8.x">
  1213. <input>
  1214. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1215. <read-attr attr-name="Public Key"/>
  1216. </query>
  1217. </input>
  1218. </nds>
  1219. [03/20/12 07:46:22.936]:Active Directory PT:Applying schema mapping policies to input.
  1220. [03/20/12 07:46:22.936]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  1221. [03/20/12 07:46:22.936]:Active Directory PT: No mapping for attr-name 'Public Key'.
  1222. [03/20/12 07:46:22.936]:Active Directory PT:Resolving association references.
  1223. [03/20/12 07:46:22.936]:Active Directory PT:Applying event transformation policies.
  1224. [03/20/12 07:46:22.937]:Active Directory PT:Applying policy: %+C%14Cpub-etp-EntitlementsImpl%-C.
  1225. [03/20/12 07:46:22.937]:Active Directory PT: Applying to query #1.
  1226. [03/20/12 07:46:22.937]:Active Directory PT: Evaluating selection criteria for rule 'Disallow user account delete when using entitlements'.
  1227. [03/20/12 07:46:22.937]:Active Directory PT: (if-operation equal "delete") = FALSE.
  1228. [03/20/12 07:46:22.937]:Active Directory PT: Rule rejected.
  1229. [03/20/12 07:46:22.937]:Active Directory PT: Evaluating selection criteria for rule 'Strip Login Disabled from operation (Disable Option)'.
  1230. [03/20/12 07:46:22.937]:Active Directory PT: (if-global-variable 'drv.entitlement.UserAccount' equal "true") = FALSE.
  1231. [03/20/12 07:46:22.937]:Active Directory PT: Rule rejected.
  1232. [03/20/12 07:46:22.937]:Active Directory PT:Policy returned:
  1233. [03/20/12 07:46:22.937]:Active Directory PT:
  1234. <nds dtdversion="3.5" ndsversion="8.x">
  1235. <input>
  1236. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1237. <read-attr attr-name="Public Key"/>
  1238. </query>
  1239. </input>
  1240. </nds>
  1241. [03/20/12 07:46:22.938]:Active Directory PT:Applying policy: %+C%14Cpub-etp-HandleMovesAndRenames%-C.
  1242. [03/20/12 07:46:22.938]:Active Directory PT: Applying to query #1.
  1243. [03/20/12 07:46:22.938]:Active Directory PT: Evaluating selection criteria for rule 'break if not a move or rename'.
  1244. [03/20/12 07:46:22.938]:Active Directory PT: (if-operation not-match "move|rename") = TRUE.
  1245. [03/20/12 07:46:22.938]:Active Directory PT: Rule selected.
  1246. [03/20/12 07:46:22.938]:Active Directory PT: Applying rule 'break if not a move or rename'.
  1247. [03/20/12 07:46:22.938]:Active Directory PT: Action: do-break().
  1248. [03/20/12 07:46:22.938]:Active Directory PT:Policy returned:
  1249. [03/20/12 07:46:22.938]:Active Directory PT:
  1250. <nds dtdversion="3.5" ndsversion="8.x">
  1251. <input>
  1252. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1253. <read-attr attr-name="Public Key"/>
  1254. </query>
  1255. </input>
  1256. </nds>
  1257. [03/20/12 07:46:22.940]:Active Directory PT:Skipping publisher filter on operation query.
  1258. [03/20/12 07:46:22.940]:Active Directory PT:Publisher processing query for .
  1259. [03/20/12 07:46:22.940]:Active Directory PT:Applying command transformation policies.
  1260. [03/20/12 07:46:22.940]:Active Directory PT:Applying policy: %+C%14Cpub-ctp-UserNameMap%-C.
  1261. [03/20/12 07:46:22.940]:Active Directory PT: Applying to query #1.
  1262. [03/20/12 07:46:22.940]:Active Directory PT: Evaluating selection criteria for rule 'consider user objects when name mapping is enabled'.
  1263. [03/20/12 07:46:22.940]:Active Directory PT: (if-class-name not-equal "User") = TRUE.
  1264. [03/20/12 07:46:22.940]:Active Directory PT: Rule selected.
  1265. [03/20/12 07:46:22.940]:Active Directory PT: Applying rule 'consider user objects when name mapping is enabled'.
  1266. [03/20/12 07:46:22.941]:Active Directory PT: Action: do-break().
  1267. [03/20/12 07:46:22.941]:Active Directory PT:Policy returned:
  1268. [03/20/12 07:46:22.941]:Active Directory PT:
  1269. <nds dtdversion="3.5" ndsversion="8.x">
  1270. <input>
  1271. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1272. <read-attr attr-name="Public Key"/>
  1273. </query>
  1274. </input>
  1275. </nds>
  1276. [03/20/12 07:46:22.941]:Active Directory PT:Applying policy: %+C%14Cpub-ctp%-C.
  1277. [03/20/12 07:46:22.941]:Active Directory PT: Applying to query #1.
  1278. [03/20/12 07:46:22.941]:Active Directory PT: Evaluating selection criteria for rule 'set cached context value on merge'.
  1279. [03/20/12 07:46:22.941]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1280. [03/20/12 07:46:22.941]:Active Directory PT: Rule rejected.
  1281. [03/20/12 07:46:22.941]:Active Directory PT: Evaluating selection criteria for rule 'Set Equivalent To Me when adding object to a group'.
  1282. [03/20/12 07:46:22.942]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  1283. [03/20/12 07:46:22.942]:Active Directory PT: Rule rejected.
  1284. [03/20/12 07:46:22.942]:Active Directory PT: Evaluating selection criteria for rule 'Remove Equivalent To Me when removing object from a group'.
  1285. [03/20/12 07:46:22.942]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  1286. [03/20/12 07:46:22.942]:Active Directory PT: Rule rejected.
  1287. [03/20/12 07:46:22.942]:Active Directory PT: Evaluating selection criteria for rule 'remove managed attributes when object disassociated'.
  1288. [03/20/12 07:46:22.942]:Active Directory PT: (if-operation equal "remove-association") = FALSE.
  1289. [03/20/12 07:46:22.942]:Active Directory PT: Rule rejected.
  1290. [03/20/12 07:46:22.942]:Active Directory PT: Evaluating selection criteria for rule 'Prevent unassociated users from being removed from groups'.
  1291. [03/20/12 07:46:22.942]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1292. [03/20/12 07:46:22.942]:Active Directory PT: Rule rejected.
  1293. [03/20/12 07:46:22.943]:Active Directory PT:Policy returned:
  1294. [03/20/12 07:46:22.943]:Active Directory PT:
  1295. <nds dtdversion="3.5" ndsversion="8.x">
  1296. <input>
  1297. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1298. <read-attr attr-name="Public Key"/>
  1299. </query>
  1300. </input>
  1301. </nds>
  1302. [03/20/12 07:46:22.943]:Active Directory PT:Applying XSLT policy: %+C%14Cpub-cts%-C.
  1303. [03/20/12 07:46:22.943]:Active Directory PT:Policy returned:
  1304. [03/20/12 07:46:22.943]:Active Directory PT:
  1305. <nds dtdversion="3.5" ndsversion="8.x">
  1306. <input>
  1307. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1308. <read-attr attr-name="Public Key"/>
  1309. </query>
  1310. </input>
  1311. </nds>
  1312. [03/20/12 07:46:22.944]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Default Password Policy%-C.
  1313. [03/20/12 07:46:22.944]:Active Directory PT: Applying to query #1.
  1314. [03/20/12 07:46:22.944]:Active Directory PT: Evaluating selection criteria for rule 'On User add, provide default password of @Dirxml1 if no password exists'.
  1315. [03/20/12 07:46:22.944]:Active Directory PT: (if-operation equal "add") = FALSE.
  1316. [03/20/12 07:46:22.944]:Active Directory PT: Rule rejected.
  1317. [03/20/12 07:46:22.944]:Active Directory PT:Policy returned:
  1318. [03/20/12 07:46:22.944]:Active Directory PT:
  1319. <nds dtdversion="3.5" ndsversion="8.x">
  1320. <input>
  1321. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1322. <read-attr attr-name="Public Key"/>
  1323. </query>
  1324. </input>
  1325. </nds>
  1326. [03/20/12 07:46:22.945]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Check Password GCV%-C.
  1327. [03/20/12 07:46:22.945]:Active Directory PT: Applying to query #1.
  1328. [03/20/12 07:46:22.945]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to Identity Manager data store when adding a object'.
  1329. [03/20/12 07:46:22.945]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  1330. [03/20/12 07:46:22.945]:Active Directory PT: Rule rejected.
  1331. [03/20/12 07:46:22.945]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the Identity Manager data store'.
  1332. [03/20/12 07:46:22.945]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  1333. [03/20/12 07:46:22.945]:Active Directory PT: Rule rejected.
  1334. [03/20/12 07:46:22.945]:Active Directory PT:Policy returned:
  1335. [03/20/12 07:46:22.945]:Active Directory PT:
  1336. <nds dtdversion="3.5" ndsversion="8.x">
  1337. <input>
  1338. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1339. <read-attr attr-name="Public Key"/>
  1340. </query>
  1341. </input>
  1342. </nds>
  1343. [03/20/12 07:46:22.946]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish Distribution Password%-C.
  1344. [03/20/12 07:46:22.946]:Active Directory PT: Applying to query #1.
  1345. [03/20/12 07:46:22.946]:Active Directory PT: Evaluating selection criteria for rule 'Add nspmDistributionAttribute attribute to add operation'.
  1346. [03/20/12 07:46:22.946]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  1347. [03/20/12 07:46:22.946]:Active Directory PT: Rule rejected.
  1348. [03/20/12 07:46:22.946]:Active Directory PT: Evaluating selection criteria for rule 'Change modify-password operations to a modify'.
  1349. [03/20/12 07:46:22.946]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  1350. [03/20/12 07:46:22.946]:Active Directory PT: Rule rejected.
  1351. [03/20/12 07:46:22.947]:Active Directory PT:Policy returned:
  1352. [03/20/12 07:46:22.947]:Active Directory PT:
  1353. <nds dtdversion="3.5" ndsversion="8.x">
  1354. <input>
  1355. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1356. <read-attr attr-name="Public Key"/>
  1357. </query>
  1358. </input>
  1359. </nds>
  1360. [03/20/12 07:46:22.947]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish NDS Password%-C.
  1361. [03/20/12 07:46:22.947]:Active Directory PT: Applying to query #1.
  1362. [03/20/12 07:46:22.947]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to NDS password'.
  1363. [03/20/12 07:46:22.947]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  1364. [03/20/12 07:46:22.947]:Active Directory PT: Rule rejected.
  1365. [03/20/12 07:46:22.947]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the NDS password'.
  1366. [03/20/12 07:46:22.947]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  1367. [03/20/12 07:46:22.948]:Active Directory PT: Rule rejected.
  1368. [03/20/12 07:46:22.948]:Active Directory PT:Policy returned:
  1369. [03/20/12 07:46:22.948]:Active Directory PT:
  1370. <nds dtdversion="3.5" ndsversion="8.x">
  1371. <input>
  1372. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1373. <read-attr attr-name="Public Key"/>
  1374. </query>
  1375. </input>
  1376. </nds>
  1377. [03/20/12 07:46:22.948]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Add Password Payload%-C.
  1378. [03/20/12 07:46:22.948]:Active Directory PT: Applying to query #1.
  1379. [03/20/12 07:46:22.948]:Active Directory PT: Evaluating selection criteria for rule 'Add operation-data element to password operations'.
  1380. [03/20/12 07:46:22.948]:Active Directory PT: (if-operation equal "add") = FALSE.
  1381. [03/20/12 07:46:22.948]:Active Directory PT: (if-operation equal "add") = FALSE.
  1382. [03/20/12 07:46:22.949]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  1383. [03/20/12 07:46:22.949]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1384. [03/20/12 07:46:22.949]:Active Directory PT: Rule rejected.
  1385. [03/20/12 07:46:22.949]:Active Directory PT: Evaluating selection criteria for rule 'Add payload data to password operations'.
  1386. [03/20/12 07:46:22.949]:Active Directory PT: (if-operation equal "addPayloadToPassword") = FALSE.
  1387. [03/20/12 07:46:22.949]:Active Directory PT: (if-operation equal "add") = FALSE.
  1388. [03/20/12 07:46:22.949]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  1389. [03/20/12 07:46:22.949]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1390. [03/20/12 07:46:22.949]:Active Directory PT: Rule rejected.
  1391. [03/20/12 07:46:22.949]:Active Directory PT:Policy returned:
  1392. [03/20/12 07:46:22.949]:Active Directory PT:
  1393. <nds dtdversion="3.5" ndsversion="8.x">
  1394. <input>
  1395. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1396. <read-attr attr-name="Public Key"/>
  1397. </query>
  1398. </input>
  1399. </nds>
  1400. [03/20/12 07:46:22.950]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccountsOnAdds-pub-ctp-V1%-C.
  1401. [03/20/12 07:46:22.950]:Active Directory PT: Applying to query #1.
  1402. [03/20/12 07:46:22.950]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard policy if disabled'.
  1403. [03/20/12 07:46:22.950]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1404. [03/20/12 07:46:22.950]:Active Directory PT: Rule rejected.
  1405. [03/20/12 07:46:22.950]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add operation add Dirxml-Accounts'.
  1406. [03/20/12 07:46:22.950]:Active Directory PT: (if-operation equal "add") = FALSE.
  1407. [03/20/12 07:46:22.950]:Active Directory PT: Rule rejected.
  1408. [03/20/12 07:46:22.950]:Active Directory PT:Policy returned:
  1409. [03/20/12 07:46:22.951]:Active Directory PT:
  1410. <nds dtdversion="3.5" ndsversion="8.x">
  1411. <input>
  1412. <query dest-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" scope="entry">
  1413. <read-attr attr-name="Public Key"/>
  1414. </query>
  1415. </input>
  1416. </nds>
  1417. [03/20/12 07:46:22.951]:Active Directory PT:Filtering out notification-only attributes.
  1418. [03/20/12 07:46:22.954]:Active Directory PT:Pumping XDS to eDirectory.
  1419. [03/20/12 07:46:22.954]:Active Directory PT:Performing operation query for \EDIR2ADLAB\fdny\AD-TEST\Active Directory.
  1420. [03/20/12 07:46:22.956]:Active Directory PT:Fixing up association references.
  1421. [03/20/12 07:46:22.956]:Active Directory PT:Applying schema mapping policies to output.
  1422. [03/20/12 07:46:22.956]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  1423. [03/20/12 07:46:22.956]:Active Directory PT: No mapping for class-name 'DirXML-Driver'.
  1424. [03/20/12 07:46:22.956]:Active Directory PT:Applying output transformation policies.
  1425. [03/20/12 07:46:22.956]:Active Directory PT:Applying policy: %+C%14Cotp%-C.
  1426. [03/20/12 07:46:22.956]:Active Directory PT: Applying to instance #1.
  1427. [03/20/12 07:46:22.957]:Active Directory PT: Evaluating selection criteria for rule 'Street Address: Convert LF to CR-LF'.
  1428. [03/20/12 07:46:22.957]:Active Directory PT: Rule selected.
  1429. [03/20/12 07:46:22.957]:Active Directory PT: Applying rule 'Street Address: Convert LF to CR-LF'.
  1430. [03/20/12 07:46:22.957]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("[^\r]\n","\r\n",token-local-variable("current-value"))).
  1431. [03/20/12 07:46:22.957]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Active Directory form'.
  1432. [03/20/12 07:46:22.957]:Active Directory PT: Rule selected.
  1433. [03/20/12 07:46:22.957]:Active Directory PT: Applying rule 'logonHours: Convert to Active Directory form'.
  1434. [03/20/12 07:46:22.957]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2ADLenient($current-value)")).
  1435. [03/20/12 07:46:22.957]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Active Directory form'.
  1436. [03/20/12 07:46:22.958]:Active Directory PT: (if-op-attr 'accountExpires' changing) = FALSE.
  1437. [03/20/12 07:46:22.958]:Active Directory PT: Rule rejected.
  1438. [03/20/12 07:46:22.958]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Active Directory form'.
  1439. [03/20/12 07:46:22.958]:Active Directory PT: Rule selected.
  1440. [03/20/12 07:46:22.958]:Active Directory PT: Applying rule 'lockoutTime: Convert to Active Directory form'.
  1441. [03/20/12 07:46:22.958]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateEpoch2FileTime($current-value)")).
  1442. [03/20/12 07:46:22.958]:Active Directory PT: Evaluating selection criteria for rule 'Add: User - convert multi-valued Telephone to single value'.
  1443. [03/20/12 07:46:22.958]:Active Directory PT: (if-operation equal "add") = FALSE.
  1444. [03/20/12 07:46:22.958]:Active Directory PT: Rule rejected.
  1445. [03/20/12 07:46:22.959]:Active Directory PT: Evaluating selection criteria for rule 'update Active Directory logon name'.
  1446. [03/20/12 07:46:22.959]:Active Directory PT: (if-xpath true "self::status[@level = 'success']/operation-data/windows-2000-logon-name") = FALSE.
  1447. [03/20/12 07:46:22.959]:Active Directory PT: Rule rejected.
  1448. [03/20/12 07:46:22.959]:Active Directory PT: Evaluating selection criteria for rule 'Exchange: Remove HomeMDB when disabled'.
  1449. [03/20/12 07:46:22.959]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "disabled") = TRUE.
  1450. [03/20/12 07:46:22.959]:Active Directory PT: Rule selected.
  1451. [03/20/12 07:46:22.959]:Active Directory PT: Applying rule 'Exchange: Remove HomeMDB when disabled'.
  1452. [03/20/12 07:46:22.959]:Active Directory PT: Action: do-strip-op-attr("homeMDB").
  1453. [03/20/12 07:46:22.959]:Active Directory PT: Applying to status #2.
  1454. [03/20/12 07:46:22.960]:Active Directory PT: Evaluating selection criteria for rule 'Street Address: Convert LF to CR-LF'.
  1455. [03/20/12 07:46:22.960]:Active Directory PT: Rule selected.
  1456. [03/20/12 07:46:22.960]:Active Directory PT: Applying rule 'Street Address: Convert LF to CR-LF'.
  1457. [03/20/12 07:46:22.960]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("[^\r]\n","\r\n",token-local-variable("current-value"))).
  1458. [03/20/12 07:46:22.960]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Active Directory form'.
  1459. [03/20/12 07:46:22.960]:Active Directory PT: Rule selected.
  1460. [03/20/12 07:46:22.960]:Active Directory PT: Applying rule 'logonHours: Convert to Active Directory form'.
  1461. [03/20/12 07:46:22.960]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2ADLenient($current-value)")).
  1462. [03/20/12 07:46:22.960]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Active Directory form'.
  1463. [03/20/12 07:46:22.961]:Active Directory PT: (if-op-attr 'accountExpires' changing) = FALSE.
  1464. [03/20/12 07:46:22.961]:Active Directory PT: Rule rejected.
  1465. [03/20/12 07:46:22.961]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Active Directory form'.
  1466. [03/20/12 07:46:22.961]:Active Directory PT: Rule selected.
  1467. [03/20/12 07:46:22.961]:Active Directory PT: Applying rule 'lockoutTime: Convert to Active Directory form'.
  1468. [03/20/12 07:46:22.961]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateEpoch2FileTime($current-value)")).
  1469. [03/20/12 07:46:22.961]:Active Directory PT: Evaluating selection criteria for rule 'Add: User - convert multi-valued Telephone to single value'.
  1470. [03/20/12 07:46:22.961]:Active Directory PT: (if-operation equal "add") = FALSE.
  1471. [03/20/12 07:46:22.961]:Active Directory PT: Rule rejected.
  1472. [03/20/12 07:46:22.962]:Active Directory PT: Evaluating selection criteria for rule 'update Active Directory logon name'.
  1473. [03/20/12 07:46:22.962]:Active Directory PT: (if-xpath true "self::status[@level = 'success']/operation-data/windows-2000-logon-name") = FALSE.
  1474. [03/20/12 07:46:22.962]:Active Directory PT: Rule rejected.
  1475. [03/20/12 07:46:22.962]:Active Directory PT: Evaluating selection criteria for rule 'Exchange: Remove HomeMDB when disabled'.
  1476. [03/20/12 07:46:22.962]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "disabled") = TRUE.
  1477. [03/20/12 07:46:22.962]:Active Directory PT: Rule selected.
  1478. [03/20/12 07:46:22.962]:Active Directory PT: Applying rule 'Exchange: Remove HomeMDB when disabled'.
  1479. [03/20/12 07:46:22.962]:Active Directory PT: Action: do-strip-op-attr("homeMDB").
  1480. [03/20/12 07:46:22.962]:Active Directory PT:Policy returned:
  1481. [03/20/12 07:46:22.962]:Active Directory PT:
  1482. <nds dtdversion="3.5" ndsversion="8.x">
  1483. <source>
  1484. <product version="3.6.10.4747">DirXML</product>
  1485. <contact>Novell, Inc.</contact>
  1486. </source>
  1487. <output>
  1488. <instance class-name="DirXML-Driver" event-id="0" qualified-src-dn="O=fdny\CN=AD-TEST\CN=Active Directory" src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" src-entry-id="32944">
  1489. <attr attr-name="Public Key">
  1490. <value timestamp="1332184540#697" type="octet">AQAAAAQAAAAkAHAAAADmACQATAB2AAAAAABDAE4APQBBAEQALQBUAEUAUwBUAC4ATwA9AGYAZABuAHkAAABDAE4APQBBAGMAdABpAHYAZQAgAEQAaQByAGUAYwB0AG8AcgB5AC4AQwBOAD0AQQBEAC0AVABFAFMAVAAuAE8APQBmAGQAbgB5AAAAAQAAAAMAAQBsAEJWBAAxLjAAQkMBAANCQQEAMEJMAgCkAU5ONQC5bOuMRBmQK0mywzIj+acjb7egL2IxWOhKYCqHwHioBUi9s2AbhNtgCN4EPov4LdxnCXXuC0VOAwABAAFNQQgAx2McOp4O1TdkAFBVUlNBRg==</value>
  1491. </attr>
  1492. </instance>
  1493. <status event-id="0" level="success"></status>
  1494. </output>
  1495. </nds>
  1496. [03/20/12 07:46:22.963]:Active Directory PT:Applying policy: %+C%14CPassword(Sub)-Pub Email Notifications%-C.
  1497. [03/20/12 07:46:22.963]:Active Directory PT: Applying to instance #1.
  1498. [03/20/12 07:46:22.964]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail for a failed publish password operation'.
  1499. [03/20/12 07:46:22.964]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1500. [03/20/12 07:46:22.964]:Active Directory PT: (if-operation equal "status") = FALSE.
  1501. [03/20/12 07:46:22.964]:Active Directory PT: Rule rejected.
  1502. [03/20/12 07:46:22.964]:Active Directory PT: Applying to status #2.
  1503. [03/20/12 07:46:22.964]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail for a failed publish password operation'.
  1504. [03/20/12 07:46:22.964]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1505. [03/20/12 07:46:22.964]:Active Directory PT: (if-operation equal "status") = TRUE.
  1506. [03/20/12 07:46:22.964]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-publish-status") = FALSE.
  1507. [03/20/12 07:46:22.965]:Active Directory PT: Rule rejected.
  1508. [03/20/12 07:46:22.965]:Active Directory PT:Policy returned:
  1509. [03/20/12 07:46:22.965]:Active Directory PT:
  1510. <nds dtdversion="3.5" ndsversion="8.x">
  1511. <source>
  1512. <product version="3.6.10.4747">DirXML</product>
  1513. <contact>Novell, Inc.</contact>
  1514. </source>
  1515. <output>
  1516. <instance class-name="DirXML-Driver" event-id="0" qualified-src-dn="O=fdny\CN=AD-TEST\CN=Active Directory" src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" src-entry-id="32944">
  1517. <attr attr-name="Public Key">
  1518. <value timestamp="1332184540#697" type="octet">AQAAAAQAAAAkAHAAAADmACQATAB2AAAAAABDAE4APQBBAEQALQBUAEUAUwBUAC4ATwA9AGYAZABuAHkAAABDAE4APQBBAGMAdABpAHYAZQAgAEQAaQByAGUAYwB0AG8AcgB5AC4AQwBOAD0AQQBEAC0AVABFAFMAVAAuAE8APQBmAGQAbgB5AAAAAQAAAAMAAQBsAEJWBAAxLjAAQkMBAANCQQEAMEJMAgCkAU5ONQC5bOuMRBmQK0mywzIj+acjb7egL2IxWOhKYCqHwHioBUi9s2AbhNtgCN4EPov4LdxnCXXuC0VOAwABAAFNQQgAx2McOp4O1TdkAFBVUlNBRg==</value>
  1519. </attr>
  1520. </instance>
  1521. <status event-id="0" level="success"></status>
  1522. </output>
  1523. </nds>
  1524. [03/20/12 07:46:22.966]:Active Directory PT:Applying policy: %+C%14Clib-CredProv-ConvertPayload-otp-V1%-C.
  1525. [03/20/12 07:46:22.966]:Active Directory PT: Applying to instance #1.
  1526. [03/20/12 07:46:22.966]:Active Directory PT: Evaluating selection criteria for rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  1527. [03/20/12 07:46:22.966]:Active Directory PT: Rule selected.
  1528. [03/20/12 07:46:22.966]:Active Directory PT: Applying rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  1529. [03/20/12 07:46:22.966]:Active Directory PT: Action: do-if().
  1530. [03/20/12 07:46:22.966]:Active Directory PT: Evaluating conditions.
  1531. [03/20/12 07:46:22.966]:Active Directory PT: (if-global-variable 'credprov.enable' not-equal "true") = TRUE.
  1532. [03/20/12 07:46:22.966]:Active Directory PT: Performing if actions.
  1533. [03/20/12 07:46:22.966]:Active Directory PT: Action: do-break().
  1534. [03/20/12 07:46:22.967]:Active Directory PT: Applying to status #2.
  1535. [03/20/12 07:46:22.967]:Active Directory PT: Evaluating selection criteria for rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  1536. [03/20/12 07:46:22.967]:Active Directory PT: Rule selected.
  1537. [03/20/12 07:46:22.967]:Active Directory PT: Applying rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  1538. [03/20/12 07:46:22.967]:Active Directory PT: Action: do-if().
  1539. [03/20/12 07:46:22.967]:Active Directory PT: Evaluating conditions.
  1540. [03/20/12 07:46:22.967]:Active Directory PT: (if-global-variable 'credprov.enable' not-equal "true") = TRUE.
  1541. [03/20/12 07:46:22.967]:Active Directory PT: Performing if actions.
  1542. [03/20/12 07:46:22.967]:Active Directory PT: Action: do-break().
  1543. [03/20/12 07:46:22.967]:Active Directory PT:Policy returned:
  1544. [03/20/12 07:46:22.968]:Active Directory PT:
  1545. <nds dtdversion="3.5" ndsversion="8.x">
  1546. <source>
  1547. <product version="3.6.10.4747">DirXML</product>
  1548. <contact>Novell, Inc.</contact>
  1549. </source>
  1550. <output>
  1551. <instance class-name="DirXML-Driver" event-id="0" qualified-src-dn="O=fdny\CN=AD-TEST\CN=Active Directory" src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" src-entry-id="32944">
  1552. <attr attr-name="Public Key">
  1553. <value timestamp="1332184540#697" type="octet">AQAAAAQAAAAkAHAAAADmACQATAB2AAAAAABDAE4APQBBAEQALQBUAEUAUwBUAC4ATwA9AGYAZABuAHkAAABDAE4APQBBAGMAdABpAHYAZQAgAEQAaQByAGUAYwB0AG8AcgB5AC4AQwBOAD0AQQBEAC0AVABFAFMAVAAuAE8APQBmAGQAbgB5AAAAAQAAAAMAAQBsAEJWBAAxLjAAQkMBAANCQQEAMEJMAgCkAU5ONQC5bOuMRBmQK0mywzIj+acjb7egL2IxWOhKYCqHwHioBUi9s2AbhNtgCN4EPov4LdxnCXXuC0VOAwABAAFNQQgAx2McOp4O1TdkAFBVUlNBRg==</value>
  1554. </attr>
  1555. </instance>
  1556. <status event-id="0" level="success"></status>
  1557. </output>
  1558. </nds>
  1559. [03/20/12 07:46:22.968]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Subscribe-otp-V1%-C.
  1560. [03/20/12 07:46:22.969]:Active Directory PT: Applying to instance #1.
  1561. [03/20/12 07:46:22.969]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  1562. [03/20/12 07:46:22.969]:Active Directory PT: Rule selected.
  1563. [03/20/12 07:46:22.969]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  1564. [03/20/12 07:46:22.969]:Active Directory PT: Action: do-if().
  1565. [03/20/12 07:46:22.969]:Active Directory PT: Evaluating conditions.
  1566. [03/20/12 07:46:22.969]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1567. [03/20/12 07:46:22.969]:Active Directory PT: Performing else actions.
  1568. [03/20/12 07:46:22.969]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.objectClass"))).
  1569. [03/20/12 07:46:22.969]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.objectClass"))
  1570. [03/20/12 07:46:22.970]:Active Directory PT: token-global-variable("drv.acctTrk.objectClass")
  1571. [03/20/12 07:46:22.970]:Active Directory PT: Token Value: {"user"}.
  1572. [03/20/12 07:46:22.970]:Active Directory PT: Arg Value: {"user"}.
  1573. [03/20/12 07:46:22.970]:Active Directory PT: Performing actions for local-variable(current-node) = "user".
  1574. [03/20/12 07:46:22.970]:Active Directory PT: Action: do-if().
  1575. [03/20/12 07:46:22.970]:Active Directory PT: Evaluating conditions.
  1576. [03/20/12 07:46:22.970]:Active Directory PT: Expanded variable reference '$current-node$' to 'user'.
  1577. [03/20/12 07:46:22.970]:Active Directory PT: (if-class-name equal "$current-node$") = FALSE.
  1578. [03/20/12 07:46:22.970]:Active Directory PT: Performing else actions.
  1579. [03/20/12 07:46:22.971]:Active Directory PT: Action: do-if().
  1580. [03/20/12 07:46:22.971]:Active Directory PT: Evaluating conditions.
  1581. [03/20/12 07:46:22.971]:Active Directory PT: (if-local-variable 'pass' not-available) = TRUE.
  1582. [03/20/12 07:46:22.971]:Active Directory PT: Performing if actions.
  1583. [03/20/12 07:46:22.971]:Active Directory PT: Action: do-break().
  1584. [03/20/12 07:46:22.971]:Active Directory PT: Applying to status #2.
  1585. [03/20/12 07:46:22.971]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  1586. [03/20/12 07:46:22.971]:Active Directory PT: Rule selected.
  1587. [03/20/12 07:46:22.971]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  1588. [03/20/12 07:46:22.971]:Active Directory PT: Action: do-if().
  1589. [03/20/12 07:46:22.971]:Active Directory PT: Evaluating conditions.
  1590. [03/20/12 07:46:22.972]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1591. [03/20/12 07:46:22.972]:Active Directory PT: Performing else actions.
  1592. [03/20/12 07:46:22.972]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.objectClass"))).
  1593. [03/20/12 07:46:22.972]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.objectClass"))
  1594. [03/20/12 07:46:22.972]:Active Directory PT: token-global-variable("drv.acctTrk.objectClass")
  1595. [03/20/12 07:46:22.972]:Active Directory PT: Token Value: {"user"}.
  1596. [03/20/12 07:46:22.972]:Active Directory PT: Arg Value: {"user"}.
  1597. [03/20/12 07:46:22.972]:Active Directory PT: Performing actions for local-variable(current-node) = "user".
  1598. [03/20/12 07:46:22.972]:Active Directory PT: Action: do-if().
  1599. [03/20/12 07:46:22.973]:Active Directory PT: Evaluating conditions.
  1600. [03/20/12 07:46:22.973]:Active Directory PT: (if-class-name equal "$current-node$") = FALSE.
  1601. [03/20/12 07:46:22.973]:Active Directory PT: Performing else actions.
  1602. [03/20/12 07:46:22.973]:Active Directory PT: Action: do-if().
  1603. [03/20/12 07:46:22.973]:Active Directory PT: Evaluating conditions.
  1604. [03/20/12 07:46:22.973]:Active Directory PT: (if-local-variable 'pass' not-available) = TRUE.
  1605. [03/20/12 07:46:22.973]:Active Directory PT: Performing if actions.
  1606. [03/20/12 07:46:22.973]:Active Directory PT: Action: do-break().
  1607. [03/20/12 07:46:22.973]:Active Directory PT:Policy returned:
  1608. [03/20/12 07:46:22.973]:Active Directory PT:
  1609. <nds dtdversion="3.5" ndsversion="8.x">
  1610. <source>
  1611. <product version="3.6.10.4747">DirXML</product>
  1612. <contact>Novell, Inc.</contact>
  1613. </source>
  1614. <output>
  1615. <instance class-name="DirXML-Driver" event-id="0" qualified-src-dn="O=fdny\CN=AD-TEST\CN=Active Directory" src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" src-entry-id="32944">
  1616. <attr attr-name="Public Key">
  1617. <value timestamp="1332184540#697" type="octet">AQAAAAQAAAAkAHAAAADmACQATAB2AAAAAABDAE4APQBBAEQALQBUAEUAUwBUAC4ATwA9AGYAZABuAHkAAABDAE4APQBBAGMAdABpAHYAZQAgAEQAaQByAGUAYwB0AG8AcgB5AC4AQwBOAD0AQQBEAC0AVABFAFMAVAAuAE8APQBmAGQAbgB5AAAAAQAAAAMAAQBsAEJWBAAxLjAAQkMBAANCQQEAMEJMAgCkAU5ONQC5bOuMRBmQK0mywzIj+acjb7egL2IxWOhKYCqHwHioBUi9s2AbhNtgCN4EPov4LdxnCXXuC0VOAwABAAFNQQgAx2McOp4O1TdkAFBVUlNBRg==</value>
  1618. </attr>
  1619. </instance>
  1620. <status event-id="0" level="success"></status>
  1621. </output>
  1622. </nds>
  1623. [03/20/12 07:46:22.974]:Active Directory PT:
  1624. <nds dtdversion="3.5" ndsversion="8.x">
  1625. <source>
  1626. <product version="3.6.10.4747">DirXML</product>
  1627. <contact>Novell, Inc.</contact>
  1628. </source>
  1629. <output>
  1630. <instance class-name="DirXML-Driver" event-id="0" qualified-src-dn="O=fdny\CN=AD-TEST\CN=Active Directory" src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory" src-entry-id="32944">
  1631. <attr attr-name="Public Key">
  1632. <value timestamp="1332184540#697" type="octet">AQAAAAQAAAAkAHAAAADmACQATAB2AAAAAABDAE4APQBBAEQALQBUAEUAUwBUAC4ATwA9AGYAZABuAHkAAABDAE4APQBBAGMAdABpAHYAZQAgAEQAaQByAGUAYwB0AG8AcgB5AC4AQwBOAD0AQQBEAC0AVABFAFMAVAAuAE8APQBmAGQAbgB5AAAAAQAAAAMAAQBsAEJWBAAxLjAAQkMBAANCQQEAMEJMAgCkAU5ONQC5bOuMRBmQK0mywzIj+acjb7egL2IxWOhKYCqHwHioBUi9s2AbhNtgCN4EPov4LdxnCXXuC0VOAwABAAFNQQgAx2McOp4O1TdkAFBVUlNBRg==</value>
  1633. </attr>
  1634. </instance>
  1635. <status event-id="0" level="success"></status>
  1636. </output>
  1637. </nds>
  1638. [03/20/12 07:46:22.975]:Active Directory PT:Receiving DOM document from application.
  1639. [03/20/12 07:46:22.975]:Active Directory PT:
  1640. <nds dtdversion="3.5" ndsversion="8.x">
  1641. <input>
  1642. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1643. </input>
  1644. </nds>
  1645. [03/20/12 07:46:22.976]:Active Directory PT:Applying input transformation policies.
  1646. [03/20/12 07:46:22.976]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Publish-itp-V1%-C.
  1647. [03/20/12 07:46:22.976]:Active Directory PT: Applying to check-password #1.
  1648. [03/20/12 07:46:22.976]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  1649. [03/20/12 07:46:22.976]:Active Directory PT: Rule selected.
  1650. [03/20/12 07:46:22.976]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  1651. [03/20/12 07:46:22.976]:Active Directory PT: Action: do-if().
  1652. [03/20/12 07:46:22.976]:Active Directory PT: Evaluating conditions.
  1653. [03/20/12 07:46:22.977]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1654. [03/20/12 07:46:22.977]:Active Directory PT: Performing else actions.
  1655. [03/20/12 07:46:22.977]:Active Directory PT: Action: do-if().
  1656. [03/20/12 07:46:22.977]:Active Directory PT: Evaluating conditions.
  1657. [03/20/12 07:46:22.977]:Active Directory PT: (if-class-name available) = FALSE.
  1658. [03/20/12 07:46:22.977]:Active Directory PT: Performing else actions.
  1659. [03/20/12 07:46:22.977]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  1660. [03/20/12 07:46:22.977]:Active Directory PT: (if-operation equal "add-association") = FALSE.
  1661. [03/20/12 07:46:22.977]:Active Directory PT: Rule rejected.
  1662. [03/20/12 07:46:22.977]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  1663. [03/20/12 07:46:22.978]:Active Directory PT: (if-operation match "modify|delete|move|rename") = FALSE.
  1664. [03/20/12 07:46:22.978]:Active Directory PT: Rule rejected.
  1665. [03/20/12 07:46:22.978]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  1666. [03/20/12 07:46:22.978]:Active Directory PT: (if-operation match "add|modify|delete|rename|move|status") = FALSE.
  1667. [03/20/12 07:46:22.978]:Active Directory PT: Rule rejected.
  1668. [03/20/12 07:46:22.978]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  1669. [03/20/12 07:46:22.978]:Active Directory PT: (if-operation match "add|modify|delete|rename|move") = FALSE.
  1670. [03/20/12 07:46:22.978]:Active Directory PT: Rule rejected.
  1671. [03/20/12 07:46:22.978]:Active Directory PT:Policy returned:
  1672. [03/20/12 07:46:22.978]:Active Directory PT:
  1673. <nds dtdversion="3.5" ndsversion="8.x">
  1674. <input>
  1675. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1676. </input>
  1677. </nds>
  1678. [03/20/12 07:46:22.979]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccounts-itp-V1%-C.
  1679. [03/20/12 07:46:22.979]:Active Directory PT: Applying to check-password #1.
  1680. [03/20/12 07:46:22.979]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  1681. [03/20/12 07:46:22.979]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1682. [03/20/12 07:46:22.979]:Active Directory PT: Rule rejected.
  1683. [03/20/12 07:46:22.979]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  1684. [03/20/12 07:46:22.979]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  1685. [03/20/12 07:46:22.980]:Active Directory PT: Rule rejected.
  1686. [03/20/12 07:46:22.980]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  1687. [03/20/12 07:46:22.980]:Active Directory PT: (if-operation match "delete|remove-association") = FALSE.
  1688. [03/20/12 07:46:22.980]:Active Directory PT: (if-operation equal "status") = FALSE.
  1689. [03/20/12 07:46:22.980]:Active Directory PT: Rule rejected.
  1690. [03/20/12 07:46:22.980]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  1691. [03/20/12 07:46:22.980]:Active Directory PT: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  1692. [03/20/12 07:46:22.980]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  1693. [03/20/12 07:46:22.980]:Active Directory PT: (if-operation equal "status") = FALSE.
  1694. [03/20/12 07:46:22.980]:Active Directory PT: Rule rejected.
  1695. [03/20/12 07:46:22.981]:Active Directory PT:Policy returned:
  1696. [03/20/12 07:46:22.981]:Active Directory PT:
  1697. <nds dtdversion="3.5" ndsversion="8.x">
  1698. <input>
  1699. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1700. </input>
  1701. </nds>
  1702. [03/20/12 07:46:22.981]:Active Directory PT:Applying policy: %+C%14Citp%-C.
  1703. [03/20/12 07:46:22.981]:Active Directory PT: Applying to check-password #1.
  1704. [03/20/12 07:46:22.981]:Active Directory PT: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  1705. [03/20/12 07:46:22.981]:Active Directory PT: Rule selected.
  1706. [03/20/12 07:46:22.981]:Active Directory PT: Applying rule 'streetAddress: Convert CR-LF to LF'.
  1707. [03/20/12 07:46:22.981]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  1708. [03/20/12 07:46:22.982]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  1709. [03/20/12 07:46:22.982]:Active Directory PT: Rule selected.
  1710. [03/20/12 07:46:22.982]:Active Directory PT: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  1711. [03/20/12 07:46:22.982]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  1712. [03/20/12 07:46:22.982]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  1713. [03/20/12 07:46:22.982]:Active Directory PT: Rule selected.
  1714. [03/20/12 07:46:22.982]:Active Directory PT: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  1715. [03/20/12 07:46:22.982]:Active Directory PT: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  1716. [03/20/12 07:46:22.982]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  1717. [03/20/12 07:46:22.983]:Active Directory PT: Rule selected.
  1718. [03/20/12 07:46:22.983]:Active Directory PT: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  1719. [03/20/12 07:46:22.983]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  1720. [03/20/12 07:46:22.983]:Active Directory PT:Policy returned:
  1721. [03/20/12 07:46:22.983]:Active Directory PT:
  1722. <nds dtdversion="3.5" ndsversion="8.x">
  1723. <input>
  1724. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1725. </input>
  1726. </nds>
  1727. [03/20/12 07:46:22.983]:Active Directory PT:Applying policy: %+C%14Citp-EntitlementsImpl%-C.
  1728. [03/20/12 07:46:22.983]:Active Directory PT: Applying to check-password #1.
  1729. [03/20/12 07:46:22.983]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  1730. [03/20/12 07:46:22.984]:Active Directory PT: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  1731. [03/20/12 07:46:22.984]:Active Directory PT: Rule rejected.
  1732. [03/20/12 07:46:22.984]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  1733. [03/20/12 07:46:22.984]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  1734. [03/20/12 07:46:22.984]:Active Directory PT: Rule rejected.
  1735. [03/20/12 07:46:22.984]:Active Directory PT:Policy returned:
  1736. [03/20/12 07:46:22.984]:Active Directory PT:
  1737. <nds dtdversion="3.5" ndsversion="8.x">
  1738. <input>
  1739. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1740. </input>
  1741. </nds>
  1742. [03/20/12 07:46:22.985]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Sub Email Notifications%-C.
  1743. [03/20/12 07:46:22.985]:Active Directory PT: Applying to check-password #1.
  1744. [03/20/12 07:46:22.985]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  1745. [03/20/12 07:46:22.985]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1746. [03/20/12 07:46:22.985]:Active Directory PT: (if-operation equal "status") = FALSE.
  1747. [03/20/12 07:46:22.985]:Active Directory PT: Rule rejected.
  1748. [03/20/12 07:46:22.985]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  1749. [03/20/12 07:46:22.985]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  1750. [03/20/12 07:46:22.985]:Active Directory PT: (if-operation equal "status") = FALSE.
  1751. [03/20/12 07:46:22.986]:Active Directory PT: Rule rejected.
  1752. [03/20/12 07:46:22.986]:Active Directory PT:Policy returned:
  1753. [03/20/12 07:46:22.986]:Active Directory PT:
  1754. <nds dtdversion="3.5" ndsversion="8.x">
  1755. <input>
  1756. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1757. </input>
  1758. </nds>
  1759. [03/20/12 07:46:22.986]:Active Directory PT:Applying policy: %+C%14Clib-Audit-SendEntitlementsEvents-itp-V1%-C.
  1760. [03/20/12 07:46:22.986]:Active Directory PT: Applying to check-password #1.
  1761. [03/20/12 07:46:22.986]:Active Directory PT: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  1762. [03/20/12 07:46:22.986]:Active Directory PT: (if-operation equal "status") = FALSE.
  1763. [03/20/12 07:46:22.986]:Active Directory PT: Rule rejected.
  1764. [03/20/12 07:46:22.986]:Active Directory PT: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  1765. [03/20/12 07:46:22.987]:Active Directory PT: (if-operation equal "status") = FALSE.
  1766. [03/20/12 07:46:22.987]:Active Directory PT: (if-operation equal "status") = FALSE.
  1767. [03/20/12 07:46:22.987]:Active Directory PT: Rule rejected.
  1768. [03/20/12 07:46:22.987]:Active Directory PT: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  1769. [03/20/12 07:46:22.987]:Active Directory PT: (if-operation equal "status") = FALSE.
  1770. [03/20/12 07:46:22.987]:Active Directory PT: Rule rejected.
  1771. [03/20/12 07:46:22.987]:Active Directory PT: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  1772. [03/20/12 07:46:22.987]:Active Directory PT: (if-operation equal "status") = FALSE.
  1773. [03/20/12 07:46:22.987]:Active Directory PT: Rule rejected.
  1774. [03/20/12 07:46:22.987]:Active Directory PT: Evaluating selection criteria for rule 'Generate Audit Event'.
  1775. [03/20/12 07:46:22.988]:Active Directory PT: (if-operation equal "status") = FALSE.
  1776. [03/20/12 07:46:22.988]:Active Directory PT: Rule rejected.
  1777. [03/20/12 07:46:22.988]:Active Directory PT:Policy returned:
  1778. [03/20/12 07:46:22.988]:Active Directory PT:
  1779. <nds dtdversion="3.5" ndsversion="8.x">
  1780. <input>
  1781. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1782. </input>
  1783. </nds>
  1784. [03/20/12 07:46:22.988]:Active Directory PT:Applying schema mapping policies to input.
  1785. [03/20/12 07:46:22.988]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  1786. [03/20/12 07:46:22.988]:Active Directory PT:Resolving association references.
  1787. [03/20/12 07:46:22.989]:Active Directory PT:Applying event transformation policies.
  1788. [03/20/12 07:46:22.989]:Active Directory PT:Applying policy: %+C%14Cpub-etp-EntitlementsImpl%-C.
  1789. [03/20/12 07:46:22.989]:Active Directory PT: Applying to check-password #1.
  1790. [03/20/12 07:46:22.989]:Active Directory PT: Evaluating selection criteria for rule 'Disallow user account delete when using entitlements'.
  1791. [03/20/12 07:46:22.989]:Active Directory PT: (if-operation equal "delete") = FALSE.
  1792. [03/20/12 07:46:22.989]:Active Directory PT: Rule rejected.
  1793. [03/20/12 07:46:22.989]:Active Directory PT: Evaluating selection criteria for rule 'Strip Login Disabled from operation (Disable Option)'.
  1794. [03/20/12 07:46:22.989]:Active Directory PT: (if-global-variable 'drv.entitlement.UserAccount' equal "true") = FALSE.
  1795. [03/20/12 07:46:22.989]:Active Directory PT: Rule rejected.
  1796. [03/20/12 07:46:22.989]:Active Directory PT:Policy returned:
  1797. [03/20/12 07:46:22.990]:Active Directory PT:
  1798. <nds dtdversion="3.5" ndsversion="8.x">
  1799. <input>
  1800. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1801. </input>
  1802. </nds>
  1803. [03/20/12 07:46:22.990]:Active Directory PT:Applying policy: %+C%14Cpub-etp-HandleMovesAndRenames%-C.
  1804. [03/20/12 07:46:22.990]:Active Directory PT: Applying to check-password #1.
  1805. [03/20/12 07:46:22.990]:Active Directory PT: Evaluating selection criteria for rule 'break if not a move or rename'.
  1806. [03/20/12 07:46:22.990]:Active Directory PT: (if-operation not-match "move|rename") = TRUE.
  1807. [03/20/12 07:46:22.990]:Active Directory PT: Rule selected.
  1808. [03/20/12 07:46:22.990]:Active Directory PT: Applying rule 'break if not a move or rename'.
  1809. [03/20/12 07:46:22.990]:Active Directory PT: Action: do-break().
  1810. [03/20/12 07:46:22.990]:Active Directory PT:Policy returned:
  1811. [03/20/12 07:46:22.991]:Active Directory PT:
  1812. <nds dtdversion="3.5" ndsversion="8.x">
  1813. <input>
  1814. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1815. </input>
  1816. </nds>
  1817. [03/20/12 07:46:22.991]:Active Directory PT:Applying publisher filter.
  1818. [03/20/12 07:46:22.991]:Active Directory PT:Publisher processing check-password for .
  1819. [03/20/12 07:46:22.991]:Active Directory PT:Applying command transformation policies.
  1820. [03/20/12 07:46:22.991]:Active Directory PT:Applying policy: %+C%14Cpub-ctp-UserNameMap%-C.
  1821. [03/20/12 07:46:22.991]:Active Directory PT: Applying to check-password #1.
  1822. [03/20/12 07:46:22.991]:Active Directory PT: Evaluating selection criteria for rule 'consider user objects when name mapping is enabled'.
  1823. [03/20/12 07:46:22.992]:Active Directory PT: (if-class-name not-equal "User") = TRUE.
  1824. [03/20/12 07:46:22.992]:Active Directory PT: Rule selected.
  1825. [03/20/12 07:46:22.992]:Active Directory PT: Applying rule 'consider user objects when name mapping is enabled'.
  1826. [03/20/12 07:46:22.992]:Active Directory PT: Action: do-break().
  1827. [03/20/12 07:46:22.992]:Active Directory PT:Policy returned:
  1828. [03/20/12 07:46:22.992]:Active Directory PT:
  1829. <nds dtdversion="3.5" ndsversion="8.x">
  1830. <input>
  1831. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1832. </input>
  1833. </nds>
  1834. [03/20/12 07:46:22.992]:Active Directory PT:Applying policy: %+C%14Cpub-ctp%-C.
  1835. [03/20/12 07:46:22.992]:Active Directory PT: Applying to check-password #1.
  1836. [03/20/12 07:46:22.992]:Active Directory PT: Evaluating selection criteria for rule 'set cached context value on merge'.
  1837. [03/20/12 07:46:22.993]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1838. [03/20/12 07:46:22.993]:Active Directory PT: Rule rejected.
  1839. [03/20/12 07:46:22.993]:Active Directory PT: Evaluating selection criteria for rule 'Set Equivalent To Me when adding object to a group'.
  1840. [03/20/12 07:46:22.993]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  1841. [03/20/12 07:46:22.993]:Active Directory PT: Rule rejected.
  1842. [03/20/12 07:46:22.993]:Active Directory PT: Evaluating selection criteria for rule 'Remove Equivalent To Me when removing object from a group'.
  1843. [03/20/12 07:46:22.993]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  1844. [03/20/12 07:46:22.993]:Active Directory PT: Rule rejected.
  1845. [03/20/12 07:46:22.993]:Active Directory PT: Evaluating selection criteria for rule 'remove managed attributes when object disassociated'.
  1846. [03/20/12 07:46:22.993]:Active Directory PT: (if-operation equal "remove-association") = FALSE.
  1847. [03/20/12 07:46:22.994]:Active Directory PT: Rule rejected.
  1848. [03/20/12 07:46:22.994]:Active Directory PT: Evaluating selection criteria for rule 'Prevent unassociated users from being removed from groups'.
  1849. [03/20/12 07:46:22.994]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1850. [03/20/12 07:46:22.994]:Active Directory PT: Rule rejected.
  1851. [03/20/12 07:46:22.994]:Active Directory PT:Policy returned:
  1852. [03/20/12 07:46:22.994]:Active Directory PT:
  1853. <nds dtdversion="3.5" ndsversion="8.x">
  1854. <input>
  1855. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1856. </input>
  1857. </nds>
  1858. [03/20/12 07:46:22.994]:Active Directory PT:Applying XSLT policy: %+C%14Cpub-cts%-C.
  1859. [03/20/12 07:46:22.995]:Active Directory PT:Policy returned:
  1860. [03/20/12 07:46:22.995]:Active Directory PT:
  1861. <nds dtdversion="3.5" ndsversion="8.x">
  1862. <input>
  1863. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1864. </input>
  1865. </nds>
  1866. [03/20/12 07:46:22.995]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Default Password Policy%-C.
  1867. [03/20/12 07:46:22.995]:Active Directory PT: Applying to check-password #1.
  1868. [03/20/12 07:46:22.995]:Active Directory PT: Evaluating selection criteria for rule 'On User add, provide default password of @Dirxml1 if no password exists'.
  1869. [03/20/12 07:46:22.995]:Active Directory PT: (if-operation equal "add") = FALSE.
  1870. [03/20/12 07:46:22.995]:Active Directory PT: Rule rejected.
  1871. [03/20/12 07:46:22.996]:Active Directory PT:Policy returned:
  1872. [03/20/12 07:46:22.996]:Active Directory PT:
  1873. <nds dtdversion="3.5" ndsversion="8.x">
  1874. <input>
  1875. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1876. </input>
  1877. </nds>
  1878. [03/20/12 07:46:22.996]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Check Password GCV%-C.
  1879. [03/20/12 07:46:22.996]:Active Directory PT: Applying to check-password #1.
  1880. [03/20/12 07:46:22.996]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to Identity Manager data store when adding a object'.
  1881. [03/20/12 07:46:22.996]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  1882. [03/20/12 07:46:22.996]:Active Directory PT: Rule rejected.
  1883. [03/20/12 07:46:22.997]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the Identity Manager data store'.
  1884. [03/20/12 07:46:22.997]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  1885. [03/20/12 07:46:22.997]:Active Directory PT: Rule rejected.
  1886. [03/20/12 07:46:22.997]:Active Directory PT:Policy returned:
  1887. [03/20/12 07:46:22.997]:Active Directory PT:
  1888. <nds dtdversion="3.5" ndsversion="8.x">
  1889. <input>
  1890. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1891. </input>
  1892. </nds>
  1893. [03/20/12 07:46:22.997]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish Distribution Password%-C.
  1894. [03/20/12 07:46:22.997]:Active Directory PT: Applying to check-password #1.
  1895. [03/20/12 07:46:22.997]:Active Directory PT: Evaluating selection criteria for rule 'Add nspmDistributionAttribute attribute to add operation'.
  1896. [03/20/12 07:46:22.998]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  1897. [03/20/12 07:46:22.998]:Active Directory PT: Rule rejected.
  1898. [03/20/12 07:46:22.998]:Active Directory PT: Evaluating selection criteria for rule 'Change modify-password operations to a modify'.
  1899. [03/20/12 07:46:22.998]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  1900. [03/20/12 07:46:22.998]:Active Directory PT: Rule rejected.
  1901. [03/20/12 07:46:22.998]:Active Directory PT:Policy returned:
  1902. [03/20/12 07:46:22.998]:Active Directory PT:
  1903. <nds dtdversion="3.5" ndsversion="8.x">
  1904. <input>
  1905. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1906. </input>
  1907. </nds>
  1908. [03/20/12 07:46:22.998]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish NDS Password%-C.
  1909. [03/20/12 07:46:22.999]:Active Directory PT: Applying to check-password #1.
  1910. [03/20/12 07:46:22.999]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to NDS password'.
  1911. [03/20/12 07:46:22.999]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  1912. [03/20/12 07:46:22.999]:Active Directory PT: Rule rejected.
  1913. [03/20/12 07:46:22.999]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the NDS password'.
  1914. [03/20/12 07:46:22.999]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  1915. [03/20/12 07:46:22.999]:Active Directory PT: Rule rejected.
  1916. [03/20/12 07:46:22.999]:Active Directory PT:Policy returned:
  1917. [03/20/12 07:46:22.999]:Active Directory PT:
  1918. <nds dtdversion="3.5" ndsversion="8.x">
  1919. <input>
  1920. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1921. </input>
  1922. </nds>
  1923. [03/20/12 07:46:23.000]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Add Password Payload%-C.
  1924. [03/20/12 07:46:23.000]:Active Directory PT: Applying to check-password #1.
  1925. [03/20/12 07:46:23.000]:Active Directory PT: Evaluating selection criteria for rule 'Add operation-data element to password operations'.
  1926. [03/20/12 07:46:23.000]:Active Directory PT: (if-operation equal "add") = FALSE.
  1927. [03/20/12 07:46:23.000]:Active Directory PT: (if-operation equal "add") = FALSE.
  1928. [03/20/12 07:46:23.000]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  1929. [03/20/12 07:46:23.001]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1930. [03/20/12 07:46:23.001]:Active Directory PT: Rule rejected.
  1931. [03/20/12 07:46:23.001]:Active Directory PT: Evaluating selection criteria for rule 'Add payload data to password operations'.
  1932. [03/20/12 07:46:23.001]:Active Directory PT: (if-operation equal "addPayloadToPassword") = FALSE.
  1933. [03/20/12 07:46:23.001]:Active Directory PT: (if-operation equal "add") = FALSE.
  1934. [03/20/12 07:46:23.001]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  1935. [03/20/12 07:46:23.001]:Active Directory PT: (if-operation equal "modify") = FALSE.
  1936. [03/20/12 07:46:23.001]:Active Directory PT: Rule rejected.
  1937. [03/20/12 07:46:23.001]:Active Directory PT:Policy returned:
  1938. [03/20/12 07:46:23.001]:Active Directory PT:
  1939. <nds dtdversion="3.5" ndsversion="8.x">
  1940. <input>
  1941. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1942. </input>
  1943. </nds>
  1944. [03/20/12 07:46:23.002]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccountsOnAdds-pub-ctp-V1%-C.
  1945. [03/20/12 07:46:23.002]:Active Directory PT: Applying to check-password #1.
  1946. [03/20/12 07:46:23.002]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard policy if disabled'.
  1947. [03/20/12 07:46:23.002]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  1948. [03/20/12 07:46:23.002]:Active Directory PT: Rule rejected.
  1949. [03/20/12 07:46:23.002]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add operation add Dirxml-Accounts'.
  1950. [03/20/12 07:46:23.002]:Active Directory PT: (if-operation equal "add") = FALSE.
  1951. [03/20/12 07:46:23.002]:Active Directory PT: Rule rejected.
  1952. [03/20/12 07:46:23.002]:Active Directory PT:Policy returned:
  1953. [03/20/12 07:46:23.003]:Active Directory PT:
  1954. <nds dtdversion="3.5" ndsversion="8.x">
  1955. <input>
  1956. <check-password event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty."><!-- content suppressed --></check-password>
  1957. </input>
  1958. </nds>
  1959. [03/20/12 07:46:23.003]:Active Directory PT:Filtering out notification-only attributes.
  1960. [03/20/12 07:46:23.003]:Active Directory PT:Pumping XDS to eDirectory.
  1961. [03/20/12 07:46:23.003]:Active Directory PT:Performing operation check-password for .
  1962. [03/20/12 07:46:23.065]:Active Directory PT:Fixing up association references.
  1963. [03/20/12 07:46:23.065]:Active Directory PT:Applying schema mapping policies to output.
  1964. [03/20/12 07:46:23.065]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  1965. [03/20/12 07:46:23.065]:Active Directory PT:Applying output transformation policies.
  1966. [03/20/12 07:46:23.066]:Active Directory PT:Applying policy: %+C%14Cotp%-C.
  1967. [03/20/12 07:46:23.066]:Active Directory PT: Applying to status #1.
  1968. [03/20/12 07:46:23.066]:Active Directory PT: Evaluating selection criteria for rule 'Street Address: Convert LF to CR-LF'.
  1969. [03/20/12 07:46:23.066]:Active Directory PT: Rule selected.
  1970. [03/20/12 07:46:23.066]:Active Directory PT: Applying rule 'Street Address: Convert LF to CR-LF'.
  1971. [03/20/12 07:46:23.066]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("[^\r]\n","\r\n",token-local-variable("current-value"))).
  1972. [03/20/12 07:46:23.066]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Active Directory form'.
  1973. [03/20/12 07:46:23.066]:Active Directory PT: Rule selected.
  1974. [03/20/12 07:46:23.066]:Active Directory PT: Applying rule 'logonHours: Convert to Active Directory form'.
  1975. [03/20/12 07:46:23.067]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2ADLenient($current-value)")).
  1976. [03/20/12 07:46:23.067]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Active Directory form'.
  1977. [03/20/12 07:46:23.067]:Active Directory PT: (if-op-attr 'accountExpires' changing) = FALSE.
  1978. [03/20/12 07:46:23.067]:Active Directory PT: Rule rejected.
  1979. [03/20/12 07:46:23.067]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Active Directory form'.
  1980. [03/20/12 07:46:23.067]:Active Directory PT: Rule selected.
  1981. [03/20/12 07:46:23.067]:Active Directory PT: Applying rule 'lockoutTime: Convert to Active Directory form'.
  1982. [03/20/12 07:46:23.067]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateEpoch2FileTime($current-value)")).
  1983. [03/20/12 07:46:23.068]:Active Directory PT: Evaluating selection criteria for rule 'Add: User - convert multi-valued Telephone to single value'.
  1984. [03/20/12 07:46:23.068]:Active Directory PT: (if-operation equal "add") = FALSE.
  1985. [03/20/12 07:46:23.068]:Active Directory PT: Rule rejected.
  1986. [03/20/12 07:46:23.068]:Active Directory PT: Evaluating selection criteria for rule 'update Active Directory logon name'.
  1987. [03/20/12 07:46:23.068]:Active Directory PT: (if-xpath true "self::status[@level = 'success']/operation-data/windows-2000-logon-name") = FALSE.
  1988. [03/20/12 07:46:23.068]:Active Directory PT: Rule rejected.
  1989. [03/20/12 07:46:23.068]:Active Directory PT: Evaluating selection criteria for rule 'Exchange: Remove HomeMDB when disabled'.
  1990. [03/20/12 07:46:23.068]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "disabled") = TRUE.
  1991. [03/20/12 07:46:23.068]:Active Directory PT: Rule selected.
  1992. [03/20/12 07:46:23.069]:Active Directory PT: Applying rule 'Exchange: Remove HomeMDB when disabled'.
  1993. [03/20/12 07:46:23.069]:Active Directory PT: Action: do-strip-op-attr("homeMDB").
  1994. [03/20/12 07:46:23.069]:Active Directory PT:Policy returned:
  1995. [03/20/12 07:46:23.069]:Active Directory PT:
  1996. <nds dtdversion="3.5" ndsversion="8.x">
  1997. <source>
  1998. <product version="3.6.10.4747">DirXML</product>
  1999. <contact>Novell, Inc.</contact>
  2000. </source>
  2001. <output>
  2002. <status event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty." level="error">Code(-9046) Invalid password specified for &lt;check-password>.</status>
  2003. </output>
  2004. </nds>
  2005. [03/20/12 07:46:23.069]:Active Directory PT:Applying policy: %+C%14CPassword(Sub)-Pub Email Notifications%-C.
  2006. [03/20/12 07:46:23.069]:Active Directory PT: Applying to status #1.
  2007. [03/20/12 07:46:23.070]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail for a failed publish password operation'.
  2008. [03/20/12 07:46:23.070]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  2009. [03/20/12 07:46:23.070]:Active Directory PT: (if-operation equal "status") = TRUE.
  2010. [03/20/12 07:46:23.070]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-publish-status") = FALSE.
  2011. [03/20/12 07:46:23.070]:Active Directory PT: Rule rejected.
  2012. [03/20/12 07:46:23.070]:Active Directory PT:Policy returned:
  2013. [03/20/12 07:46:23.070]:Active Directory PT:
  2014. <nds dtdversion="3.5" ndsversion="8.x">
  2015. <source>
  2016. <product version="3.6.10.4747">DirXML</product>
  2017. <contact>Novell, Inc.</contact>
  2018. </source>
  2019. <output>
  2020. <status event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty." level="error">Code(-9046) Invalid password specified for &lt;check-password>.</status>
  2021. </output>
  2022. </nds>
  2023. [03/20/12 07:46:23.071]:Active Directory PT:Applying policy: %+C%14Clib-CredProv-ConvertPayload-otp-V1%-C.
  2024. [03/20/12 07:46:23.071]:Active Directory PT: Applying to status #1.
  2025. [03/20/12 07:46:23.071]:Active Directory PT: Evaluating selection criteria for rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  2026. [03/20/12 07:46:23.071]:Active Directory PT: Rule selected.
  2027. [03/20/12 07:46:23.071]:Active Directory PT: Applying rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  2028. [03/20/12 07:46:23.071]:Active Directory PT: Action: do-if().
  2029. [03/20/12 07:46:23.071]:Active Directory PT: Evaluating conditions.
  2030. [03/20/12 07:46:23.071]:Active Directory PT: (if-global-variable 'credprov.enable' not-equal "true") = TRUE.
  2031. [03/20/12 07:46:23.071]:Active Directory PT: Performing if actions.
  2032. [03/20/12 07:46:23.072]:Active Directory PT: Action: do-break().
  2033. [03/20/12 07:46:23.072]:Active Directory PT:Policy returned:
  2034. [03/20/12 07:46:23.072]:Active Directory PT:
  2035. <nds dtdversion="3.5" ndsversion="8.x">
  2036. <source>
  2037. <product version="3.6.10.4747">DirXML</product>
  2038. <contact>Novell, Inc.</contact>
  2039. </source>
  2040. <output>
  2041. <status event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty." level="error">Code(-9046) Invalid password specified for &lt;check-password>.</status>
  2042. </output>
  2043. </nds>
  2044. [03/20/12 07:46:23.072]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Subscribe-otp-V1%-C.
  2045. [03/20/12 07:46:23.072]:Active Directory PT: Applying to status #1.
  2046. [03/20/12 07:46:23.072]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  2047. [03/20/12 07:46:23.072]:Active Directory PT: Rule selected.
  2048. [03/20/12 07:46:23.073]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  2049. [03/20/12 07:46:23.073]:Active Directory PT: Action: do-if().
  2050. [03/20/12 07:46:23.073]:Active Directory PT: Evaluating conditions.
  2051. [03/20/12 07:46:23.073]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  2052. [03/20/12 07:46:23.073]:Active Directory PT: Performing else actions.
  2053. [03/20/12 07:46:23.073]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.objectClass"))).
  2054. [03/20/12 07:46:23.073]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.objectClass"))
  2055. [03/20/12 07:46:23.073]:Active Directory PT: token-global-variable("drv.acctTrk.objectClass")
  2056. [03/20/12 07:46:23.073]:Active Directory PT: Token Value: {"user"}.
  2057. [03/20/12 07:46:23.073]:Active Directory PT: Arg Value: {"user"}.
  2058. [03/20/12 07:46:23.074]:Active Directory PT: Performing actions for local-variable(current-node) = "user".
  2059. [03/20/12 07:46:23.074]:Active Directory PT: Action: do-if().
  2060. [03/20/12 07:46:23.074]:Active Directory PT: Evaluating conditions.
  2061. [03/20/12 07:46:23.074]:Active Directory PT: (if-class-name equal "$current-node$") = FALSE.
  2062. [03/20/12 07:46:23.074]:Active Directory PT: Performing else actions.
  2063. [03/20/12 07:46:23.074]:Active Directory PT: Action: do-if().
  2064. [03/20/12 07:46:23.074]:Active Directory PT: Evaluating conditions.
  2065. [03/20/12 07:46:23.074]:Active Directory PT: (if-local-variable 'pass' not-available) = TRUE.
  2066. [03/20/12 07:46:23.074]:Active Directory PT: Performing if actions.
  2067. [03/20/12 07:46:23.074]:Active Directory PT: Action: do-break().
  2068. [03/20/12 07:46:23.074]:Active Directory PT:Policy returned:
  2069. [03/20/12 07:46:23.075]:Active Directory PT:
  2070. <nds dtdversion="3.5" ndsversion="8.x">
  2071. <source>
  2072. <product version="3.6.10.4747">DirXML</product>
  2073. <contact>Novell, Inc.</contact>
  2074. </source>
  2075. <output>
  2076. <status event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty." level="error">Code(-9046) Invalid password specified for &lt;check-password>.</status>
  2077. </output>
  2078. </nds>
  2079. [03/20/12 07:46:23.075]:Active Directory PT:
  2080. <nds dtdversion="3.5" ndsversion="8.x">
  2081. <source>
  2082. <product version="3.6.10.4747">DirXML</product>
  2083. <contact>Novell, Inc.</contact>
  2084. </source>
  2085. <output>
  2086. <status event-id="This check-password result is expected. It is the result of the shim verifying that the driver object password is non-empty." level="error">Code(-9046) Invalid password specified for &lt;check-password>.</status>
  2087. </output>
  2088. </nds>
  2089. [03/20/12 07:46:23.077]:Active Directory PT:Remote Interface Driver: Opening connection...
  2090. [03/20/12 07:46:23.875]:Active Directory ST:SubscriptionShim.execute() returned:
  2091. [03/20/12 07:46:23.875]:Active Directory ST:
  2092. <nds dtdversion="3.5" ndsversion="8.x">
  2093. <output>
  2094. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2095. </output>
  2096. </nds>
  2097. [03/20/12 07:46:23.875]:Active Directory ST:Requesting 30 second retry delay.
  2098. [03/20/12 07:46:23.875]:Active Directory ST:
  2099. DirXML Log Event -------------------
  2100. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2101. Channel: Subscriber
  2102. Status: Retry
  2103. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2104. [03/20/12 07:46:23.876]:Active Directory ST:Received state change event.
  2105. [03/20/12 07:46:23.876]:Active Directory ST:Transitioned from state '%+C%14CStarting%-C' to state '%+C%14CRunning%-C'.
  2106. [03/20/12 07:46:23.876]:Active Directory ST:Successfully processed state change event.
  2107. [03/20/12 07:46:23.876]:Active Directory ST:Submitting identification query to subscriber shim:
  2108. [03/20/12 07:46:23.877]:Active Directory ST:
  2109. <nds dtdversion="3.5" ndsversion="8.x">
  2110. <source>
  2111. <product version="3.6.10.4747">DirXML</product>
  2112. <contact>Novell, Inc.</contact>
  2113. </source>
  2114. <input>
  2115. <query event-id="query-driver-ident" scope="entry">
  2116. <search-class class-name="__driver_identification_class__"/>
  2117. <read-attr/>
  2118. </query>
  2119. </input>
  2120. </nds>
  2121. [03/20/12 07:46:23.877]:Active Directory PT:Remote Interface Driver: Closing connection...
  2122. [03/20/12 07:46:23.877]:Active Directory PT:Remote Interface Driver: Connection closed
  2123. [03/20/12 07:46:23.877]:Active Directory PT:Remote Interface Driver: Opening connection...
  2124. [03/20/12 07:46:24.881]:Active Directory ST:SubscriptionShim.execute() returned:
  2125. [03/20/12 07:46:24.882]:Active Directory ST:
  2126. <nds dtdversion="3.5" ndsversion="8.x">
  2127. <output>
  2128. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2129. </output>
  2130. </nds>
  2131. [03/20/12 07:46:24.882]:Active Directory ST:Requesting 30 second retry delay.
  2132. [03/20/12 07:46:24.882]:Active Directory ST:
  2133. DirXML Log Event -------------------
  2134. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2135. Channel: Subscriber
  2136. Status: Retry
  2137. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2138. [03/20/12 07:46:38.883]:Active Directory PT:Remote Interface Driver: Closing connection...
  2139. [03/20/12 07:46:38.883]:Active Directory PT:Remote Interface Driver: Connection closed
  2140. [03/20/12 07:46:38.884]:Active Directory PT:Remote Interface Driver: Opening connection...
  2141. [03/20/12 07:46:53.888]:Active Directory PT:Remote Interface Driver: Closing connection...
  2142. [03/20/12 07:46:53.888]:Active Directory PT:Remote Interface Driver: Connection closed
  2143. [03/20/12 07:46:53.889]:Active Directory PT:Remote Interface Driver: Opening connection...
  2144. [03/20/12 07:46:54.942]:Active Directory ST:Submitting identification query to subscriber shim:
  2145. [03/20/12 07:46:54.942]:Active Directory ST:
  2146. <nds dtdversion="3.5" ndsversion="8.x">
  2147. <source>
  2148. <product version="3.6.10.4747">DirXML</product>
  2149. <contact>Novell, Inc.</contact>
  2150. </source>
  2151. <input>
  2152. <query event-id="query-driver-ident" scope="entry">
  2153. <search-class class-name="__driver_identification_class__"/>
  2154. <read-attr/>
  2155. </query>
  2156. </input>
  2157. </nds>
  2158. [03/20/12 07:46:54.943]:Active Directory PT:Remote Interface Driver: Closing connection...
  2159. [03/20/12 07:46:54.943]:Active Directory PT:Remote Interface Driver: Connection closed
  2160. [03/20/12 07:46:54.944]:Active Directory PT:Remote Interface Driver: Opening connection...
  2161. [03/20/12 07:46:55.949]:Active Directory ST:SubscriptionShim.execute() returned:
  2162. [03/20/12 07:46:55.949]:Active Directory ST:
  2163. <nds dtdversion="3.5" ndsversion="8.x">
  2164. <output>
  2165. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2166. </output>
  2167. </nds>
  2168. [03/20/12 07:46:55.950]:Active Directory ST:Requesting 30 second retry delay.
  2169. [03/20/12 07:46:55.950]:Active Directory ST:
  2170. DirXML Log Event -------------------
  2171. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2172. Channel: Subscriber
  2173. Status: Retry
  2174. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2175. [03/20/12 07:47:09.952]:Active Directory PT:Remote Interface Driver: Closing connection...
  2176. [03/20/12 07:47:09.952]:Active Directory PT:Remote Interface Driver: Connection closed
  2177. [03/20/12 07:47:09.953]:Active Directory PT:Remote Interface Driver: Opening connection...
  2178. [03/20/12 07:47:24.955]:Active Directory PT:Remote Interface Driver: Closing connection...
  2179. [03/20/12 07:47:24.955]:Active Directory PT:Remote Interface Driver: Connection closed
  2180. [03/20/12 07:47:24.959]:Active Directory PT:Remote Interface Driver: Opening connection...
  2181. [03/20/12 07:47:26.001]:Active Directory ST:Submitting identification query to subscriber shim:
  2182. [03/20/12 07:47:26.001]:Active Directory ST:
  2183. <nds dtdversion="3.5" ndsversion="8.x">
  2184. <source>
  2185. <product version="3.6.10.4747">DirXML</product>
  2186. <contact>Novell, Inc.</contact>
  2187. </source>
  2188. <input>
  2189. <query event-id="query-driver-ident" scope="entry">
  2190. <search-class class-name="__driver_identification_class__"/>
  2191. <read-attr/>
  2192. </query>
  2193. </input>
  2194. </nds>
  2195. [03/20/12 07:47:26.002]:Active Directory PT:Remote Interface Driver: Closing connection...
  2196. [03/20/12 07:47:26.002]:Active Directory PT:Remote Interface Driver: Connection closed
  2197. [03/20/12 07:47:26.003]:Active Directory PT:Remote Interface Driver: Opening connection...
  2198. [03/20/12 07:47:27.008]:Active Directory ST:SubscriptionShim.execute() returned:
  2199. [03/20/12 07:47:27.009]:Active Directory ST:
  2200. <nds dtdversion="3.5" ndsversion="8.x">
  2201. <output>
  2202. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2203. </output>
  2204. </nds>
  2205. [03/20/12 07:47:27.009]:Active Directory ST:Requesting 30 second retry delay.
  2206. [03/20/12 07:47:27.009]:Active Directory ST:
  2207. DirXML Log Event -------------------
  2208. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2209. Channel: Subscriber
  2210. Status: Retry
  2211. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2212. [03/20/12 07:47:41.007]:Active Directory PT:Remote Interface Driver: Closing connection...
  2213. [03/20/12 07:47:41.007]:Active Directory PT:Remote Interface Driver: Connection closed
  2214. [03/20/12 07:47:41.008]:Active Directory PT:Remote Interface Driver: Opening connection...
  2215. [03/20/12 07:47:56.011]:Active Directory PT:Remote Interface Driver: Closing connection...
  2216. [03/20/12 07:47:56.011]:Active Directory PT:Remote Interface Driver: Connection closed
  2217. [03/20/12 07:47:56.012]:Active Directory PT:Remote Interface Driver: Opening connection...
  2218. [03/20/12 07:47:57.066]:Active Directory ST:Submitting identification query to subscriber shim:
  2219. [03/20/12 07:47:57.066]:Active Directory ST:
  2220. <nds dtdversion="3.5" ndsversion="8.x">
  2221. <source>
  2222. <product version="3.6.10.4747">DirXML</product>
  2223. <contact>Novell, Inc.</contact>
  2224. </source>
  2225. <input>
  2226. <query event-id="query-driver-ident" scope="entry">
  2227. <search-class class-name="__driver_identification_class__"/>
  2228. <read-attr/>
  2229. </query>
  2230. </input>
  2231. </nds>
  2232. [03/20/12 07:47:57.067]:Active Directory PT:Remote Interface Driver: Closing connection...
  2233. [03/20/12 07:47:57.067]:Active Directory PT:Remote Interface Driver: Connection closed
  2234. [03/20/12 07:47:57.068]:Active Directory PT:Remote Interface Driver: Opening connection...
  2235. [03/20/12 07:47:58.072]:Active Directory ST:SubscriptionShim.execute() returned:
  2236. [03/20/12 07:47:58.072]:Active Directory ST:
  2237. <nds dtdversion="3.5" ndsversion="8.x">
  2238. <output>
  2239. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2240. </output>
  2241. </nds>
  2242. [03/20/12 07:47:58.073]:Active Directory ST:Requesting 30 second retry delay.
  2243. [03/20/12 07:47:58.073]:Active Directory ST:
  2244. DirXML Log Event -------------------
  2245. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2246. Channel: Subscriber
  2247. Status: Retry
  2248. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2249. [03/20/12 07:48:12.073]:Active Directory PT:Remote Interface Driver: Closing connection...
  2250. [03/20/12 07:48:12.073]:Active Directory PT:Remote Interface Driver: Connection closed
  2251. [03/20/12 07:48:12.073]:Active Directory PT:Remote Interface Driver: Opening connection...
  2252. [03/20/12 07:48:27.073]:Active Directory PT:Remote Interface Driver: Closing connection...
  2253. [03/20/12 07:48:27.073]:Active Directory PT:Remote Interface Driver: Connection closed
  2254. [03/20/12 07:48:27.083]:Active Directory PT:Remote Interface Driver: Opening connection...
  2255. [03/20/12 07:48:28.144]:Active Directory ST:Submitting identification query to subscriber shim:
  2256. [03/20/12 07:48:28.145]:Active Directory ST:
  2257. <nds dtdversion="3.5" ndsversion="8.x">
  2258. <source>
  2259. <product version="3.6.10.4747">DirXML</product>
  2260. <contact>Novell, Inc.</contact>
  2261. </source>
  2262. <input>
  2263. <query event-id="query-driver-ident" scope="entry">
  2264. <search-class class-name="__driver_identification_class__"/>
  2265. <read-attr/>
  2266. </query>
  2267. </input>
  2268. </nds>
  2269. [03/20/12 07:48:28.145]:Active Directory PT:Remote Interface Driver: Closing connection...
  2270. [03/20/12 07:48:28.145]:Active Directory PT:Remote Interface Driver: Connection closed
  2271. [03/20/12 07:48:28.146]:Active Directory PT:Remote Interface Driver: Opening connection...
  2272. [03/20/12 07:48:29.147]:Active Directory ST:SubscriptionShim.execute() returned:
  2273. [03/20/12 07:48:29.147]:Active Directory ST:
  2274. <nds dtdversion="3.5" ndsversion="8.x">
  2275. <output>
  2276. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2277. </output>
  2278. </nds>
  2279. [03/20/12 07:48:29.148]:Active Directory ST:Requesting 30 second retry delay.
  2280. [03/20/12 07:48:29.148]:Active Directory ST:
  2281. DirXML Log Event -------------------
  2282. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2283. Channel: Subscriber
  2284. Status: Retry
  2285. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2286. [03/20/12 07:48:43.147]:Active Directory PT:Remote Interface Driver: Closing connection...
  2287. [03/20/12 07:48:43.147]:Active Directory PT:Remote Interface Driver: Connection closed
  2288. [03/20/12 07:48:43.166]:Active Directory PT:Remote Interface Driver: Opening connection...
  2289. [03/20/12 07:48:58.170]:Active Directory PT:Remote Interface Driver: Closing connection...
  2290. [03/20/12 07:48:58.170]:Active Directory PT:Remote Interface Driver: Connection closed
  2291. [03/20/12 07:48:58.171]:Active Directory PT:Remote Interface Driver: Opening connection...
  2292. [03/20/12 07:48:59.218]:Active Directory ST:Submitting identification query to subscriber shim:
  2293. [03/20/12 07:48:59.218]:Active Directory ST:
  2294. <nds dtdversion="3.5" ndsversion="8.x">
  2295. <source>
  2296. <product version="3.6.10.4747">DirXML</product>
  2297. <contact>Novell, Inc.</contact>
  2298. </source>
  2299. <input>
  2300. <query event-id="query-driver-ident" scope="entry">
  2301. <search-class class-name="__driver_identification_class__"/>
  2302. <read-attr/>
  2303. </query>
  2304. </input>
  2305. </nds>
  2306. [03/20/12 07:48:59.219]:Active Directory PT:Remote Interface Driver: Closing connection...
  2307. [03/20/12 07:48:59.219]:Active Directory PT:Remote Interface Driver: Connection closed
  2308. [03/20/12 07:48:59.219]:Active Directory PT:Remote Interface Driver: Opening connection...
  2309. [03/20/12 07:49:00.221]:Active Directory ST:SubscriptionShim.execute() returned:
  2310. [03/20/12 07:49:00.222]:Active Directory ST:
  2311. <nds dtdversion="3.5" ndsversion="8.x">
  2312. <output>
  2313. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2314. </output>
  2315. </nds>
  2316. [03/20/12 07:49:00.222]:Active Directory ST:Requesting 30 second retry delay.
  2317. [03/20/12 07:49:00.222]:Active Directory ST:
  2318. DirXML Log Event -------------------
  2319. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2320. Channel: Subscriber
  2321. Status: Retry
  2322. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2323. [03/20/12 07:49:14.224]:Active Directory PT:Remote Interface Driver: Closing connection...
  2324. [03/20/12 07:49:14.224]:Active Directory PT:Remote Interface Driver: Connection closed
  2325. [03/20/12 07:49:14.224]:Active Directory PT:Remote Interface Driver: Opening connection...
  2326. [03/20/12 07:49:29.228]:Active Directory PT:Remote Interface Driver: Closing connection...
  2327. [03/20/12 07:49:29.228]:Active Directory PT:Remote Interface Driver: Connection closed
  2328. [03/20/12 07:49:29.228]:Active Directory PT:Remote Interface Driver: Opening connection...
  2329. [03/20/12 07:49:30.287]:Active Directory ST:Submitting identification query to subscriber shim:
  2330. [03/20/12 07:49:30.287]:Active Directory ST:
  2331. <nds dtdversion="3.5" ndsversion="8.x">
  2332. <source>
  2333. <product version="3.6.10.4747">DirXML</product>
  2334. <contact>Novell, Inc.</contact>
  2335. </source>
  2336. <input>
  2337. <query event-id="query-driver-ident" scope="entry">
  2338. <search-class class-name="__driver_identification_class__"/>
  2339. <read-attr/>
  2340. </query>
  2341. </input>
  2342. </nds>
  2343. [03/20/12 07:49:30.288]:Active Directory PT:Remote Interface Driver: Closing connection...
  2344. [03/20/12 07:49:30.288]:Active Directory PT:Remote Interface Driver: Connection closed
  2345. [03/20/12 07:49:30.288]:Active Directory PT:Remote Interface Driver: Opening connection...
  2346. [03/20/12 07:49:31.290]:Active Directory ST:SubscriptionShim.execute() returned:
  2347. [03/20/12 07:49:31.291]:Active Directory ST:
  2348. <nds dtdversion="3.5" ndsversion="8.x">
  2349. <output>
  2350. <status event-id="query-driver-ident" level="retry" type="remoteloader">No connection to remote loader</status>
  2351. </output>
  2352. </nds>
  2353. [03/20/12 07:49:31.291]:Active Directory ST:Requesting 30 second retry delay.
  2354. [03/20/12 07:49:31.291]:Active Directory ST:
  2355. DirXML Log Event -------------------
  2356. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  2357. Channel: Subscriber
  2358. Status: Retry
  2359. Message: Code(-9006) The driver returned a "retry" status indicating that the operation should be retried later. Detail from driver: No connection to remote loader
  2360. [03/20/12 07:49:45.292]:Active Directory PT:Remote Interface Driver: Closing connection...
  2361. [03/20/12 07:49:45.292]:Active Directory PT:Remote Interface Driver: Connection closed
  2362. [03/20/12 07:49:45.292]:Active Directory PT:Remote Interface Driver: Opening connection...
  2363. [03/20/12 07:49:45.294]:Active Directory PT:Remote Interface Driver: Connection established...
  2364. [03/20/12 07:49:45.294]:Active Directory PT:Remote Interface Driver: Sending...
  2365. [03/20/12 07:49:45.294]:Active Directory PT:
  2366. <handshake version="1.0">
  2367. <password><!-- content suppressed --></password>
  2368. </handshake>
  2369. [03/20/12 07:49:45.294]:Active Directory PT:Remote Interface Driver: Document sent.
  2370. [03/20/12 07:49:45.295]:Active Directory :Remote Interface Driver: Waiting for receive...
  2371. [03/20/12 07:49:45.301]:Active Directory :Remote Interface Driver: Received.
  2372. [03/20/12 07:49:45.301]:Active Directory :
  2373. <handshake version="1.0">
  2374. <password><!-- content suppressed --></password>
  2375. </handshake>
  2376. [03/20/12 07:49:45.301]:Active Directory :Remote Interface Driver: Received document for subscriber channel
  2377. [03/20/12 07:49:45.301]:Active Directory PT:Receiving DOM document from application.
  2378. [03/20/12 07:49:45.301]:Active Directory PT:
  2379. <nds dtdversion="3.5" ndsversion="8.x">
  2380. <input>
  2381. <check-password><!-- content suppressed --></check-password>
  2382. </input>
  2383. </nds>
  2384. [03/20/12 07:49:45.302]:Active Directory PT:Applying input transformation policies.
  2385. [03/20/12 07:49:45.302]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Publish-itp-V1%-C.
  2386. [03/20/12 07:49:45.302]:Active Directory PT: Applying to check-password #1.
  2387. [03/20/12 07:49:45.302]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  2388. [03/20/12 07:49:45.303]:Active Directory PT: Rule selected.
  2389. [03/20/12 07:49:45.303]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  2390. [03/20/12 07:49:45.303]:Active Directory PT: Action: do-if().
  2391. [03/20/12 07:49:45.303]:Active Directory PT: Evaluating conditions.
  2392. [03/20/12 07:49:45.303]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  2393. [03/20/12 07:49:45.303]:Active Directory PT: Performing else actions.
  2394. [03/20/12 07:49:45.303]:Active Directory PT: Action: do-if().
  2395. [03/20/12 07:49:45.303]:Active Directory PT: Evaluating conditions.
  2396. [03/20/12 07:49:45.304]:Active Directory PT: (if-class-name available) = FALSE.
  2397. [03/20/12 07:49:45.304]:Active Directory PT: Performing else actions.
  2398. [03/20/12 07:49:45.304]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  2399. [03/20/12 07:49:45.304]:Active Directory PT: (if-operation equal "add-association") = FALSE.
  2400. [03/20/12 07:49:45.304]:Active Directory PT: Rule rejected.
  2401. [03/20/12 07:49:45.304]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  2402. [03/20/12 07:49:45.305]:Active Directory PT: (if-operation match "modify|delete|move|rename") = FALSE.
  2403. [03/20/12 07:49:45.305]:Active Directory PT: Rule rejected.
  2404. [03/20/12 07:49:45.305]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  2405. [03/20/12 07:49:45.305]:Active Directory PT: (if-operation match "add|modify|delete|rename|move|status") = FALSE.
  2406. [03/20/12 07:49:45.305]:Active Directory PT: Rule rejected.
  2407. [03/20/12 07:49:45.305]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  2408. [03/20/12 07:49:45.306]:Active Directory PT: (if-operation match "add|modify|delete|rename|move") = FALSE.
  2409. [03/20/12 07:49:45.306]:Active Directory PT: Rule rejected.
  2410. [03/20/12 07:49:45.306]:Active Directory PT:Policy returned:
  2411. [03/20/12 07:49:45.306]:Active Directory PT:
  2412. <nds dtdversion="3.5" ndsversion="8.x">
  2413. <input>
  2414. <check-password><!-- content suppressed --></check-password>
  2415. </input>
  2416. </nds>
  2417. [03/20/12 07:49:45.306]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccounts-itp-V1%-C.
  2418. [03/20/12 07:49:45.306]:Active Directory PT: Applying to check-password #1.
  2419. [03/20/12 07:49:45.307]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  2420. [03/20/12 07:49:45.307]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  2421. [03/20/12 07:49:45.307]:Active Directory PT: Rule rejected.
  2422. [03/20/12 07:49:45.307]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  2423. [03/20/12 07:49:45.307]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  2424. [03/20/12 07:49:45.307]:Active Directory PT: Rule rejected.
  2425. [03/20/12 07:49:45.308]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  2426. [03/20/12 07:49:45.308]:Active Directory PT: (if-operation match "delete|remove-association") = FALSE.
  2427. [03/20/12 07:49:45.308]:Active Directory PT: (if-operation equal "status") = FALSE.
  2428. [03/20/12 07:49:45.308]:Active Directory PT: Rule rejected.
  2429. [03/20/12 07:49:45.308]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  2430. [03/20/12 07:49:45.308]:Active Directory PT: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  2431. [03/20/12 07:49:45.309]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  2432. [03/20/12 07:49:45.309]:Active Directory PT: (if-operation equal "status") = FALSE.
  2433. [03/20/12 07:49:45.309]:Active Directory PT: Rule rejected.
  2434. [03/20/12 07:49:45.309]:Active Directory PT:Policy returned:
  2435. [03/20/12 07:49:45.309]:Active Directory PT:
  2436. <nds dtdversion="3.5" ndsversion="8.x">
  2437. <input>
  2438. <check-password><!-- content suppressed --></check-password>
  2439. </input>
  2440. </nds>
  2441. [03/20/12 07:49:45.309]:Active Directory PT:Applying policy: %+C%14Citp%-C.
  2442. [03/20/12 07:49:45.309]:Active Directory PT: Applying to check-password #1.
  2443. [03/20/12 07:49:45.310]:Active Directory PT: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  2444. [03/20/12 07:49:45.310]:Active Directory PT: Rule selected.
  2445. [03/20/12 07:49:45.310]:Active Directory PT: Applying rule 'streetAddress: Convert CR-LF to LF'.
  2446. [03/20/12 07:49:45.310]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  2447. [03/20/12 07:49:45.310]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  2448. [03/20/12 07:49:45.310]:Active Directory PT: Rule selected.
  2449. [03/20/12 07:49:45.311]:Active Directory PT: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  2450. [03/20/12 07:49:45.311]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  2451. [03/20/12 07:49:45.311]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  2452. [03/20/12 07:49:45.311]:Active Directory PT: Rule selected.
  2453. [03/20/12 07:49:45.311]:Active Directory PT: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  2454. [03/20/12 07:49:45.311]:Active Directory PT: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  2455. [03/20/12 07:49:45.312]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  2456. [03/20/12 07:49:45.312]:Active Directory PT: Rule selected.
  2457. [03/20/12 07:49:45.312]:Active Directory PT: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  2458. [03/20/12 07:49:45.312]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  2459. [03/20/12 07:49:45.312]:Active Directory PT:Policy returned:
  2460. [03/20/12 07:49:45.313]:Active Directory PT:
  2461. <nds dtdversion="3.5" ndsversion="8.x">
  2462. <input>
  2463. <check-password><!-- content suppressed --></check-password>
  2464. </input>
  2465. </nds>
  2466. [03/20/12 07:49:45.313]:Active Directory PT:Applying policy: %+C%14Citp-EntitlementsImpl%-C.
  2467. [03/20/12 07:49:45.313]:Active Directory PT: Applying to check-password #1.
  2468. [03/20/12 07:49:45.313]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  2469. [03/20/12 07:49:45.313]:Active Directory PT: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  2470. [03/20/12 07:49:45.313]:Active Directory PT: Rule rejected.
  2471. [03/20/12 07:49:45.314]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  2472. [03/20/12 07:49:45.314]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  2473. [03/20/12 07:49:45.314]:Active Directory PT: Rule rejected.
  2474. [03/20/12 07:49:45.314]:Active Directory PT:Policy returned:
  2475. [03/20/12 07:49:45.314]:Active Directory PT:
  2476. <nds dtdversion="3.5" ndsversion="8.x">
  2477. <input>
  2478. <check-password><!-- content suppressed --></check-password>
  2479. </input>
  2480. </nds>
  2481. [03/20/12 07:49:45.314]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Sub Email Notifications%-C.
  2482. [03/20/12 07:49:45.315]:Active Directory PT: Applying to check-password #1.
  2483. [03/20/12 07:49:45.315]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  2484. [03/20/12 07:49:45.315]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  2485. [03/20/12 07:49:45.315]:Active Directory PT: (if-operation equal "status") = FALSE.
  2486. [03/20/12 07:49:45.315]:Active Directory PT: Rule rejected.
  2487. [03/20/12 07:49:45.315]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  2488. [03/20/12 07:49:45.316]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  2489. [03/20/12 07:49:45.316]:Active Directory PT: (if-operation equal "status") = FALSE.
  2490. [03/20/12 07:49:45.316]:Active Directory PT: Rule rejected.
  2491. [03/20/12 07:49:45.316]:Active Directory PT:Policy returned:
  2492. [03/20/12 07:49:45.316]:Active Directory PT:
  2493. <nds dtdversion="3.5" ndsversion="8.x">
  2494. <input>
  2495. <check-password><!-- content suppressed --></check-password>
  2496. </input>
  2497. </nds>
  2498. [03/20/12 07:49:45.316]:Active Directory PT:Applying policy: %+C%14Clib-Audit-SendEntitlementsEvents-itp-V1%-C.
  2499. [03/20/12 07:49:45.317]:Active Directory PT: Applying to check-password #1.
  2500. [03/20/12 07:49:45.317]:Active Directory PT: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  2501. [03/20/12 07:49:45.317]:Active Directory PT: (if-operation equal "status") = FALSE.
  2502. [03/20/12 07:49:45.317]:Active Directory PT: Rule rejected.
  2503. [03/20/12 07:49:45.317]:Active Directory PT: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  2504. [03/20/12 07:49:45.317]:Active Directory PT: (if-operation equal "status") = FALSE.
  2505. [03/20/12 07:49:45.318]:Active Directory PT: (if-operation equal "status") = FALSE.
  2506. [03/20/12 07:49:45.318]:Active Directory PT: Rule rejected.
  2507. [03/20/12 07:49:45.318]:Active Directory PT: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  2508. [03/20/12 07:49:45.318]:Active Directory PT: (if-operation equal "status") = FALSE.
  2509. [03/20/12 07:49:45.318]:Active Directory PT: Rule rejected.
  2510. [03/20/12 07:49:45.318]:Active Directory PT: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  2511. [03/20/12 07:49:45.318]:Active Directory PT: (if-operation equal "status") = FALSE.
  2512. [03/20/12 07:49:45.319]:Active Directory PT: Rule rejected.
  2513. [03/20/12 07:49:45.319]:Active Directory PT: Evaluating selection criteria for rule 'Generate Audit Event'.
  2514. [03/20/12 07:49:45.319]:Active Directory PT: (if-operation equal "status") = FALSE.
  2515. [03/20/12 07:49:45.319]:Active Directory PT: Rule rejected.
  2516. [03/20/12 07:49:45.319]:Active Directory PT:Policy returned:
  2517. [03/20/12 07:49:45.319]:Active Directory PT:
  2518. <nds dtdversion="3.5" ndsversion="8.x">
  2519. <input>
  2520. <check-password><!-- content suppressed --></check-password>
  2521. </input>
  2522. </nds>
  2523. [03/20/12 07:49:45.319]:Active Directory PT:Applying schema mapping policies to input.
  2524. [03/20/12 07:49:45.320]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  2525. [03/20/12 07:49:45.320]:Active Directory PT:Resolving association references.
  2526. [03/20/12 07:49:45.320]:Active Directory PT:Applying event transformation policies.
  2527. [03/20/12 07:49:45.320]:Active Directory PT:Applying policy: %+C%14Cpub-etp-EntitlementsImpl%-C.
  2528. [03/20/12 07:49:45.320]:Active Directory PT: Applying to check-password #1.
  2529. [03/20/12 07:49:45.320]:Active Directory PT: Evaluating selection criteria for rule 'Disallow user account delete when using entitlements'.
  2530. [03/20/12 07:49:45.321]:Active Directory PT: (if-operation equal "delete") = FALSE.
  2531. [03/20/12 07:49:45.321]:Active Directory PT: Rule rejected.
  2532. [03/20/12 07:49:45.321]:Active Directory PT: Evaluating selection criteria for rule 'Strip Login Disabled from operation (Disable Option)'.
  2533. [03/20/12 07:49:45.321]:Active Directory PT: (if-global-variable 'drv.entitlement.UserAccount' equal "true") = FALSE.
  2534. [03/20/12 07:49:45.321]:Active Directory PT: Rule rejected.
  2535. [03/20/12 07:49:45.321]:Active Directory PT:Policy returned:
  2536. [03/20/12 07:49:45.321]:Active Directory PT:
  2537. <nds dtdversion="3.5" ndsversion="8.x">
  2538. <input>
  2539. <check-password><!-- content suppressed --></check-password>
  2540. </input>
  2541. </nds>
  2542. [03/20/12 07:49:45.322]:Active Directory PT:Applying policy: %+C%14Cpub-etp-HandleMovesAndRenames%-C.
  2543. [03/20/12 07:49:45.322]:Active Directory PT: Applying to check-password #1.
  2544. [03/20/12 07:49:45.322]:Active Directory PT: Evaluating selection criteria for rule 'break if not a move or rename'.
  2545. [03/20/12 07:49:45.322]:Active Directory PT: (if-operation not-match "move|rename") = TRUE.
  2546. [03/20/12 07:49:45.322]:Active Directory PT: Rule selected.
  2547. [03/20/12 07:49:45.322]:Active Directory PT: Applying rule 'break if not a move or rename'.
  2548. [03/20/12 07:49:45.323]:Active Directory PT: Action: do-break().
  2549. [03/20/12 07:49:45.323]:Active Directory PT:Policy returned:
  2550. [03/20/12 07:49:45.323]:Active Directory PT:
  2551. <nds dtdversion="3.5" ndsversion="8.x">
  2552. <input>
  2553. <check-password><!-- content suppressed --></check-password>
  2554. </input>
  2555. </nds>
  2556. [03/20/12 07:49:45.323]:Active Directory PT:Applying publisher filter.
  2557. [03/20/12 07:49:45.323]:Active Directory PT:Publisher processing check-password for .
  2558. [03/20/12 07:49:45.323]:Active Directory PT:Applying command transformation policies.
  2559. [03/20/12 07:49:45.324]:Active Directory PT:Applying policy: %+C%14Cpub-ctp-UserNameMap%-C.
  2560. [03/20/12 07:49:45.324]:Active Directory PT: Applying to check-password #1.
  2561. [03/20/12 07:49:45.324]:Active Directory PT: Evaluating selection criteria for rule 'consider user objects when name mapping is enabled'.
  2562. [03/20/12 07:49:45.324]:Active Directory PT: (if-class-name not-equal "User") = TRUE.
  2563. [03/20/12 07:49:45.324]:Active Directory PT: Rule selected.
  2564. [03/20/12 07:49:45.324]:Active Directory PT: Applying rule 'consider user objects when name mapping is enabled'.
  2565. [03/20/12 07:49:45.324]:Active Directory PT: Action: do-break().
  2566. [03/20/12 07:49:45.325]:Active Directory PT:Policy returned:
  2567. [03/20/12 07:49:45.325]:Active Directory PT:
  2568. <nds dtdversion="3.5" ndsversion="8.x">
  2569. <input>
  2570. <check-password><!-- content suppressed --></check-password>
  2571. </input>
  2572. </nds>
  2573. [03/20/12 07:49:45.325]:Active Directory PT:Applying policy: %+C%14Cpub-ctp%-C.
  2574. [03/20/12 07:49:45.325]:Active Directory PT: Applying to check-password #1.
  2575. [03/20/12 07:49:45.325]:Active Directory PT: Evaluating selection criteria for rule 'set cached context value on merge'.
  2576. [03/20/12 07:49:45.325]:Active Directory PT: (if-operation equal "modify") = FALSE.
  2577. [03/20/12 07:49:45.325]:Active Directory PT: Rule rejected.
  2578. [03/20/12 07:49:45.326]:Active Directory PT: Evaluating selection criteria for rule 'Set Equivalent To Me when adding object to a group'.
  2579. [03/20/12 07:49:45.326]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  2580. [03/20/12 07:49:45.326]:Active Directory PT: Rule rejected.
  2581. [03/20/12 07:49:45.326]:Active Directory PT: Evaluating selection criteria for rule 'Remove Equivalent To Me when removing object from a group'.
  2582. [03/20/12 07:49:45.326]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  2583. [03/20/12 07:49:45.326]:Active Directory PT: Rule rejected.
  2584. [03/20/12 07:49:45.326]:Active Directory PT: Evaluating selection criteria for rule 'remove managed attributes when object disassociated'.
  2585. [03/20/12 07:49:45.327]:Active Directory PT: (if-operation equal "remove-association") = FALSE.
  2586. [03/20/12 07:49:45.327]:Active Directory PT: Rule rejected.
  2587. [03/20/12 07:49:45.327]:Active Directory PT: Evaluating selection criteria for rule 'Prevent unassociated users from being removed from groups'.
  2588. [03/20/12 07:49:45.327]:Active Directory PT: (if-operation equal "modify") = FALSE.
  2589. [03/20/12 07:49:45.327]:Active Directory PT: Rule rejected.
  2590. [03/20/12 07:49:45.327]:Active Directory PT:Policy returned:
  2591. [03/20/12 07:49:45.327]:Active Directory PT:
  2592. <nds dtdversion="3.5" ndsversion="8.x">
  2593. <input>
  2594. <check-password><!-- content suppressed --></check-password>
  2595. </input>
  2596. </nds>
  2597. [03/20/12 07:49:45.328]:Active Directory PT:Applying XSLT policy: %+C%14Cpub-cts%-C.
  2598. [03/20/12 07:49:45.328]:Active Directory PT:Policy returned:
  2599. [03/20/12 07:49:45.328]:Active Directory PT:
  2600. <nds dtdversion="3.5" ndsversion="8.x">
  2601. <input>
  2602. <check-password><!-- content suppressed --></check-password>
  2603. </input>
  2604. </nds>
  2605. [03/20/12 07:49:45.329]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Default Password Policy%-C.
  2606. [03/20/12 07:49:45.329]:Active Directory PT: Applying to check-password #1.
  2607. [03/20/12 07:49:45.329]:Active Directory PT: Evaluating selection criteria for rule 'On User add, provide default password of @Dirxml1 if no password exists'.
  2608. [03/20/12 07:49:45.329]:Active Directory PT: (if-operation equal "add") = FALSE.
  2609. [03/20/12 07:49:45.329]:Active Directory PT: Rule rejected.
  2610. [03/20/12 07:49:45.329]:Active Directory PT:Policy returned:
  2611. [03/20/12 07:49:45.330]:Active Directory PT:
  2612. <nds dtdversion="3.5" ndsversion="8.x">
  2613. <input>
  2614. <check-password><!-- content suppressed --></check-password>
  2615. </input>
  2616. </nds>
  2617. [03/20/12 07:49:45.330]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Check Password GCV%-C.
  2618. [03/20/12 07:49:45.330]:Active Directory PT: Applying to check-password #1.
  2619. [03/20/12 07:49:45.330]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to Identity Manager data store when adding a object'.
  2620. [03/20/12 07:49:45.330]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  2621. [03/20/12 07:49:45.331]:Active Directory PT: Rule rejected.
  2622. [03/20/12 07:49:45.331]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the Identity Manager data store'.
  2623. [03/20/12 07:49:45.331]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  2624. [03/20/12 07:49:45.331]:Active Directory PT: Rule rejected.
  2625. [03/20/12 07:49:45.331]:Active Directory PT:Policy returned:
  2626. [03/20/12 07:49:45.331]:Active Directory PT:
  2627. <nds dtdversion="3.5" ndsversion="8.x">
  2628. <input>
  2629. <check-password><!-- content suppressed --></check-password>
  2630. </input>
  2631. </nds>
  2632. [03/20/12 07:49:45.331]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish Distribution Password%-C.
  2633. [03/20/12 07:49:45.332]:Active Directory PT: Applying to check-password #1.
  2634. [03/20/12 07:49:45.332]:Active Directory PT: Evaluating selection criteria for rule 'Add nspmDistributionAttribute attribute to add operation'.
  2635. [03/20/12 07:49:45.332]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  2636. [03/20/12 07:49:45.332]:Active Directory PT: Rule rejected.
  2637. [03/20/12 07:49:45.332]:Active Directory PT: Evaluating selection criteria for rule 'Change modify-password operations to a modify'.
  2638. [03/20/12 07:49:45.333]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  2639. [03/20/12 07:49:45.333]:Active Directory PT: Rule rejected.
  2640. [03/20/12 07:49:45.333]:Active Directory PT:Policy returned:
  2641. [03/20/12 07:49:45.333]:Active Directory PT:
  2642. <nds dtdversion="3.5" ndsversion="8.x">
  2643. <input>
  2644. <check-password><!-- content suppressed --></check-password>
  2645. </input>
  2646. </nds>
  2647. [03/20/12 07:49:45.333]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish NDS Password%-C.
  2648. [03/20/12 07:49:45.333]:Active Directory PT: Applying to check-password #1.
  2649. [03/20/12 07:49:45.334]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to NDS password'.
  2650. [03/20/12 07:49:45.334]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  2651. [03/20/12 07:49:45.334]:Active Directory PT: Rule rejected.
  2652. [03/20/12 07:49:45.334]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the NDS password'.
  2653. [03/20/12 07:49:45.334]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  2654. [03/20/12 07:49:45.334]:Active Directory PT: Rule rejected.
  2655. [03/20/12 07:49:45.335]:Active Directory PT:Policy returned:
  2656. [03/20/12 07:49:45.335]:Active Directory PT:
  2657. <nds dtdversion="3.5" ndsversion="8.x">
  2658. <input>
  2659. <check-password><!-- content suppressed --></check-password>
  2660. </input>
  2661. </nds>
  2662. [03/20/12 07:49:45.335]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Add Password Payload%-C.
  2663. [03/20/12 07:49:45.335]:Active Directory PT: Applying to check-password #1.
  2664. [03/20/12 07:49:45.335]:Active Directory PT: Evaluating selection criteria for rule 'Add operation-data element to password operations'.
  2665. [03/20/12 07:49:45.335]:Active Directory PT: (if-operation equal "add") = FALSE.
  2666. [03/20/12 07:49:45.336]:Active Directory PT: (if-operation equal "add") = FALSE.
  2667. [03/20/12 07:49:45.336]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  2668. [03/20/12 07:49:45.336]:Active Directory PT: (if-operation equal "modify") = FALSE.
  2669. [03/20/12 07:49:45.336]:Active Directory PT: Rule rejected.
  2670. [03/20/12 07:49:45.336]:Active Directory PT: Evaluating selection criteria for rule 'Add payload data to password operations'.
  2671. [03/20/12 07:49:45.336]:Active Directory PT: (if-operation equal "addPayloadToPassword") = FALSE.
  2672. [03/20/12 07:49:45.336]:Active Directory PT: (if-operation equal "add") = FALSE.
  2673. [03/20/12 07:49:45.337]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  2674. [03/20/12 07:49:45.337]:Active Directory PT: (if-operation equal "modify") = FALSE.
  2675. [03/20/12 07:49:45.337]:Active Directory PT: Rule rejected.
  2676. [03/20/12 07:49:45.337]:Active Directory PT:Policy returned:
  2677. [03/20/12 07:49:45.337]:Active Directory PT:
  2678. <nds dtdversion="3.5" ndsversion="8.x">
  2679. <input>
  2680. <check-password><!-- content suppressed --></check-password>
  2681. </input>
  2682. </nds>
  2683. [03/20/12 07:49:45.337]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccountsOnAdds-pub-ctp-V1%-C.
  2684. [03/20/12 07:49:45.338]:Active Directory PT: Applying to check-password #1.
  2685. [03/20/12 07:49:45.338]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard policy if disabled'.
  2686. [03/20/12 07:49:45.338]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  2687. [03/20/12 07:49:45.338]:Active Directory PT: Rule rejected.
  2688. [03/20/12 07:49:45.338]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add operation add Dirxml-Accounts'.
  2689. [03/20/12 07:49:45.338]:Active Directory PT: (if-operation equal "add") = FALSE.
  2690. [03/20/12 07:49:45.338]:Active Directory PT: Rule rejected.
  2691. [03/20/12 07:49:45.339]:Active Directory PT:Policy returned:
  2692. [03/20/12 07:49:45.339]:Active Directory PT:
  2693. <nds dtdversion="3.5" ndsversion="8.x">
  2694. <input>
  2695. <check-password><!-- content suppressed --></check-password>
  2696. </input>
  2697. </nds>
  2698. [03/20/12 07:49:45.339]:Active Directory PT:Filtering out notification-only attributes.
  2699. [03/20/12 07:49:45.339]:Active Directory PT:Pumping XDS to eDirectory.
  2700. [03/20/12 07:49:45.339]:Active Directory PT:Performing operation check-password for .
  2701. [03/20/12 07:49:45.340]:Active Directory PT:Fixing up association references.
  2702. [03/20/12 07:49:45.340]:Active Directory PT:Applying schema mapping policies to output.
  2703. [03/20/12 07:49:45.340]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  2704. [03/20/12 07:49:45.340]:Active Directory PT:Applying output transformation policies.
  2705. [03/20/12 07:49:45.340]:Active Directory PT:Applying policy: %+C%14Cotp%-C.
  2706. [03/20/12 07:49:45.341]:Active Directory PT: Applying to status #1.
  2707. [03/20/12 07:49:45.341]:Active Directory PT: Evaluating selection criteria for rule 'Street Address: Convert LF to CR-LF'.
  2708. [03/20/12 07:49:45.341]:Active Directory PT: Rule selected.
  2709. [03/20/12 07:49:45.341]:Active Directory PT: Applying rule 'Street Address: Convert LF to CR-LF'.
  2710. [03/20/12 07:49:45.341]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("[^\r]\n","\r\n",token-local-variable("current-value"))).
  2711. [03/20/12 07:49:45.341]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Active Directory form'.
  2712. [03/20/12 07:49:45.342]:Active Directory PT: Rule selected.
  2713. [03/20/12 07:49:45.342]:Active Directory PT: Applying rule 'logonHours: Convert to Active Directory form'.
  2714. [03/20/12 07:49:45.342]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2ADLenient($current-value)")).
  2715. [03/20/12 07:49:45.342]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Active Directory form'.
  2716. [03/20/12 07:49:45.342]:Active Directory PT: (if-op-attr 'accountExpires' changing) = FALSE.
  2717. [03/20/12 07:49:45.342]:Active Directory PT: Rule rejected.
  2718. [03/20/12 07:49:45.343]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Active Directory form'.
  2719. [03/20/12 07:49:45.343]:Active Directory PT: Rule selected.
  2720. [03/20/12 07:49:45.343]:Active Directory PT: Applying rule 'lockoutTime: Convert to Active Directory form'.
  2721. [03/20/12 07:49:45.343]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateEpoch2FileTime($current-value)")).
  2722. [03/20/12 07:49:45.343]:Active Directory PT: Evaluating selection criteria for rule 'Add: User - convert multi-valued Telephone to single value'.
  2723. [03/20/12 07:49:45.343]:Active Directory PT: (if-operation equal "add") = FALSE.
  2724. [03/20/12 07:49:45.344]:Active Directory PT: Rule rejected.
  2725. [03/20/12 07:49:45.344]:Active Directory PT: Evaluating selection criteria for rule 'update Active Directory logon name'.
  2726. [03/20/12 07:49:45.344]:Active Directory PT: (if-xpath true "self::status[@level = 'success']/operation-data/windows-2000-logon-name") = FALSE.
  2727. [03/20/12 07:49:45.344]:Active Directory PT: Rule rejected.
  2728. [03/20/12 07:49:45.344]:Active Directory PT: Evaluating selection criteria for rule 'Exchange: Remove HomeMDB when disabled'.
  2729. [03/20/12 07:49:45.344]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "disabled") = TRUE.
  2730. [03/20/12 07:49:45.345]:Active Directory PT: Rule selected.
  2731. [03/20/12 07:49:45.345]:Active Directory PT: Applying rule 'Exchange: Remove HomeMDB when disabled'.
  2732. [03/20/12 07:49:45.345]:Active Directory PT: Action: do-strip-op-attr("homeMDB").
  2733. [03/20/12 07:49:45.345]:Active Directory PT:Policy returned:
  2734. [03/20/12 07:49:45.345]:Active Directory PT:
  2735. <nds dtdversion="3.5" ndsversion="8.x">
  2736. <source>
  2737. <product version="3.6.10.4747">DirXML</product>
  2738. <contact>Novell, Inc.</contact>
  2739. </source>
  2740. <output>
  2741. <status event-id="0" level="success"></status>
  2742. </output>
  2743. </nds>
  2744. [03/20/12 07:49:45.346]:Active Directory PT:Applying policy: %+C%14CPassword(Sub)-Pub Email Notifications%-C.
  2745. [03/20/12 07:49:45.346]:Active Directory PT: Applying to status #1.
  2746. [03/20/12 07:49:45.346]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail for a failed publish password operation'.
  2747. [03/20/12 07:49:45.346]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  2748. [03/20/12 07:49:45.346]:Active Directory PT: (if-operation equal "status") = TRUE.
  2749. [03/20/12 07:49:45.346]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-publish-status") = FALSE.
  2750. [03/20/12 07:49:45.347]:Active Directory PT: Rule rejected.
  2751. [03/20/12 07:49:45.347]:Active Directory PT:Policy returned:
  2752. [03/20/12 07:49:45.347]:Active Directory PT:
  2753. <nds dtdversion="3.5" ndsversion="8.x">
  2754. <source>
  2755. <product version="3.6.10.4747">DirXML</product>
  2756. <contact>Novell, Inc.</contact>
  2757. </source>
  2758. <output>
  2759. <status event-id="0" level="success"></status>
  2760. </output>
  2761. </nds>
  2762. [03/20/12 07:49:45.347]:Active Directory PT:Applying policy: %+C%14Clib-CredProv-ConvertPayload-otp-V1%-C.
  2763. [03/20/12 07:49:45.347]:Active Directory PT: Applying to status #1.
  2764. [03/20/12 07:49:45.348]:Active Directory PT: Evaluating selection criteria for rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  2765. [03/20/12 07:49:45.348]:Active Directory PT: Rule selected.
  2766. [03/20/12 07:49:45.348]:Active Directory PT: Applying rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  2767. [03/20/12 07:49:45.348]:Active Directory PT: Action: do-if().
  2768. [03/20/12 07:49:45.348]:Active Directory PT: Evaluating conditions.
  2769. [03/20/12 07:49:45.349]:Active Directory PT: (if-global-variable 'credprov.enable' not-equal "true") = TRUE.
  2770. [03/20/12 07:49:45.349]:Active Directory PT: Performing if actions.
  2771. [03/20/12 07:49:45.349]:Active Directory PT: Action: do-break().
  2772. [03/20/12 07:49:45.349]:Active Directory PT:Policy returned:
  2773. [03/20/12 07:49:45.349]:Active Directory PT:
  2774. <nds dtdversion="3.5" ndsversion="8.x">
  2775. <source>
  2776. <product version="3.6.10.4747">DirXML</product>
  2777. <contact>Novell, Inc.</contact>
  2778. </source>
  2779. <output>
  2780. <status event-id="0" level="success"></status>
  2781. </output>
  2782. </nds>
  2783. [03/20/12 07:49:45.349]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Subscribe-otp-V1%-C.
  2784. [03/20/12 07:49:45.350]:Active Directory PT: Applying to status #1.
  2785. [03/20/12 07:49:45.350]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  2786. [03/20/12 07:49:45.350]:Active Directory PT: Rule selected.
  2787. [03/20/12 07:49:45.350]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  2788. [03/20/12 07:49:45.350]:Active Directory PT: Action: do-if().
  2789. [03/20/12 07:49:45.350]:Active Directory PT: Evaluating conditions.
  2790. [03/20/12 07:49:45.351]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  2791. [03/20/12 07:49:45.351]:Active Directory PT: Performing else actions.
  2792. [03/20/12 07:49:45.351]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.objectClass"))).
  2793. [03/20/12 07:49:45.351]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.objectClass"))
  2794. [03/20/12 07:49:45.351]:Active Directory PT: token-global-variable("drv.acctTrk.objectClass")
  2795. [03/20/12 07:49:45.351]:Active Directory PT: Token Value: {"user"}.
  2796. [03/20/12 07:49:45.352]:Active Directory PT: Arg Value: {"user"}.
  2797. [03/20/12 07:49:45.352]:Active Directory PT: Performing actions for local-variable(current-node) = "user".
  2798. [03/20/12 07:49:45.352]:Active Directory PT: Action: do-if().
  2799. [03/20/12 07:49:45.352]:Active Directory PT: Evaluating conditions.
  2800. [03/20/12 07:49:45.352]:Active Directory PT: (if-class-name equal "$current-node$") = FALSE.
  2801. [03/20/12 07:49:45.352]:Active Directory PT: Performing else actions.
  2802. [03/20/12 07:49:45.352]:Active Directory PT: Action: do-if().
  2803. [03/20/12 07:49:45.353]:Active Directory PT: Evaluating conditions.
  2804. [03/20/12 07:49:45.353]:Active Directory PT: (if-local-variable 'pass' not-available) = TRUE.
  2805. [03/20/12 07:49:45.353]:Active Directory PT: Performing if actions.
  2806. [03/20/12 07:49:45.353]:Active Directory PT: Action: do-break().
  2807. [03/20/12 07:49:45.353]:Active Directory PT:Policy returned:
  2808. [03/20/12 07:49:45.353]:Active Directory PT:
  2809. <nds dtdversion="3.5" ndsversion="8.x">
  2810. <source>
  2811. <product version="3.6.10.4747">DirXML</product>
  2812. <contact>Novell, Inc.</contact>
  2813. </source>
  2814. <output>
  2815. <status event-id="0" level="success"></status>
  2816. </output>
  2817. </nds>
  2818. [03/20/12 07:49:45.354]:Active Directory PT:
  2819. <nds dtdversion="3.5" ndsversion="8.x">
  2820. <source>
  2821. <product version="3.6.10.4747">DirXML</product>
  2822. <contact>Novell, Inc.</contact>
  2823. </source>
  2824. <output>
  2825. <status event-id="0" level="success"></status>
  2826. </output>
  2827. </nds>
  2828. [03/20/12 07:49:45.354]:Active Directory PT:Remote Interface Driver: Sending...
  2829. [03/20/12 07:49:45.354]:Active Directory PT:
  2830. <nds dtdversion="3.5" ndsversion="8.x">
  2831. <output>
  2832. <status level="success"/>
  2833. </output>
  2834. </nds>
  2835. [03/20/12 07:49:45.355]:Active Directory PT:Remote Interface Driver: Document sent.
  2836. [03/20/12 07:49:45.355]:Active Directory PT:Remote Interface Driver: Sending...
  2837. [03/20/12 07:49:45.355]:Active Directory PT:
  2838. <top>
  2839. <driver-init>
  2840. <nds dtdversion="3.5" ndsversion="8.x">
  2841. <source>
  2842. <product version="3.6.10.4747">DirXML</product>
  2843. <contact>Novell, Inc.</contact>
  2844. </source>
  2845. <input>
  2846. <init-params src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory">
  2847. <authentication-info>
  2848. <server>10.237.48.38</server>
  2849. <user>edir2adlab/Administrator</user>
  2850. <password><!-- content suppressed --></password>
  2851. </authentication-info>
  2852. <driver-options>
  2853. <auth-options display-name="Show authentication options">hide</auth-options>
  2854. <auth-method display-name="Authentication Method">Negotiate</auth-method>
  2855. <signing display-name="Digitally sign communications">no</signing>
  2856. <sealing display-name="Digitally sign and seal communications">no</sealing>
  2857. <use-ssl display-name="Use SSL for encryption">no</use-ssl>
  2858. <impersonation display-name="Logon and impersonate">yes</impersonation>
  2859. <xchg-options display-name="Show Exchange Management Options">hide</xchg-options>
  2860. <xchg-prov display-name="Enable Exchange mailbox provisioning">disabled</xchg-prov>
  2861. <exch-api-type display-name="Exchange Management interface type (use-cdoexm/use-post-cdoexm)">use-post-cdoexm</exch-api-type>
  2862. <exch-move display-name="Allow Exchange mailbox move (yes/no)">yes</exch-move>
  2863. <exch-delete display-name="Allow Exchange mailbox delete (yes/no)">yes</exch-delete>
  2864. <access-options display-name="Show access options">hide</access-options>
  2865. <pollingInterval display-name="Driver Polling Interval">1</pollingInterval>
  2866. <pub-heartbeat-interval display-name="Publisher heartbeat interval">1</pub-heartbeat-interval>
  2867. <pub-password-expire-time display-name="Password Sync Timeout (minutes)">5</pub-password-expire-time>
  2868. <search-domain-scope display-name="Search domain scope">yes</search-domain-scope>
  2869. <retry-ldap-auth-unknown display-name="Retry LDAP Auth unknown error">no</retry-ldap-auth-unknown>
  2870. <enable-incremental-values display-name="Enable DirSync Incremental Values">no</enable-incremental-values>
  2871. </driver-options>
  2872. </init-params>
  2873. </input>
  2874. </nds>
  2875. </driver-init>
  2876. <subscriber-init>
  2877. <nds dtdversion="3.5" ndsversion="8.x">
  2878. <source>
  2879. <product version="3.6.10.4747">DirXML</product>
  2880. <contact>Novell, Inc.</contact>
  2881. </source>
  2882. <input>
  2883. <init-params src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory">
  2884. <authentication-info>
  2885. <server>10.237.48.38</server>
  2886. <user>edir2adlab/Administrator</user>
  2887. <password><!-- content suppressed --></password>
  2888. </authentication-info>
  2889. <driver-filter>
  2890. <allow-class class-name="group">
  2891. <allow-attr attr-name="description"/>
  2892. <allow-attr attr-name="displayName"/>
  2893. <allow-attr attr-name="L"/>
  2894. <allow-attr attr-name="member"/>
  2895. <allow-attr attr-name="managedBy"/>
  2896. </allow-class>
  2897. <allow-class class-name="organizationalUnit">
  2898. <allow-attr attr-name="description"/>
  2899. </allow-class>
  2900. <allow-class class-name="user">
  2901. <allow-attr attr-name="description"/>
  2902. <allow-attr attr-name="facsimileTelephoneNumber"/>
  2903. <allow-attr attr-name="displayName"/>
  2904. <allow-attr attr-name="givenName"/>
  2905. <allow-attr attr-name="initials"/>
  2906. <allow-attr attr-name="mail"/>
  2907. <allow-attr attr-name="physicalDeliveryOfficeName"/>
  2908. <allow-attr attr-name="logonHours"/>
  2909. <allow-attr attr-name="dirxml-uACAccountDisable"/>
  2910. <allow-attr attr-name="accountExpires"/>
  2911. <allow-attr attr-name="l"/>
  2912. <allow-attr attr-name="postalCode"/>
  2913. <allow-attr attr-name="postOfficeBox"/>
  2914. <allow-attr attr-name="st"/>
  2915. <allow-attr attr-name="streetAddress"/>
  2916. <allow-attr attr-name="sn"/>
  2917. <allow-attr attr-name="telephoneNumber"/>
  2918. <allow-attr attr-name="title"/>
  2919. </allow-class>
  2920. </driver-filter>
  2921. </init-params>
  2922. </input>
  2923. </nds>
  2924. </subscriber-init>
  2925. <publisher-init>
  2926. <nds dtdversion="3.5" ndsversion="8.x">
  2927. <source>
  2928. <product version="3.6.10.4747">DirXML</product>
  2929. <contact>Novell, Inc.</contact>
  2930. </source>
  2931. <input>
  2932. <init-params src-dn="\EDIR2ADLAB\fdny\AD-TEST\Active Directory">
  2933. <authentication-info>
  2934. <server>10.237.48.38</server>
  2935. <user>edir2adlab/Administrator</user>
  2936. <password><!-- content suppressed --></password>
  2937. </authentication-info>
  2938. <driver-filter>
  2939. <allow-class class-name="group">
  2940. <allow-attr attr-name="description"/>
  2941. <allow-attr attr-name="displayName"/>
  2942. <allow-attr attr-name="L"/>
  2943. <allow-attr attr-name="member"/>
  2944. <allow-attr attr-name="managedBy"/>
  2945. </allow-class>
  2946. <allow-class class-name="organizationalUnit">
  2947. <allow-attr attr-name="description"/>
  2948. </allow-class>
  2949. <allow-class class-name="user">
  2950. <allow-attr attr-name="sAMAccountName"/>
  2951. <allow-attr attr-name="description"/>
  2952. <allow-attr attr-name="userPrincipalName"/>
  2953. <allow-attr attr-name="facsimileTelephoneNumber"/>
  2954. <allow-attr attr-name="displayName"/>
  2955. <allow-attr attr-name="givenName"/>
  2956. <allow-attr attr-name="initials"/>
  2957. <allow-attr attr-name="mail"/>
  2958. <allow-attr attr-name="physicalDeliveryOfficeName"/>
  2959. <allow-attr attr-name="logonHours"/>
  2960. <allow-attr attr-name="dirxml-uACAccountDisable"/>
  2961. <allow-attr attr-name="accountExpires"/>
  2962. <allow-attr attr-name="l"/>
  2963. <allow-attr attr-name="postalCode"/>
  2964. <allow-attr attr-name="postOfficeBox"/>
  2965. <allow-attr attr-name="st"/>
  2966. <allow-attr attr-name="streetAddress"/>
  2967. <allow-attr attr-name="sn"/>
  2968. <allow-attr attr-name="telephoneNumber"/>
  2969. <allow-attr attr-name="title"/>
  2970. </allow-class>
  2971. </driver-filter>
  2972. <publisher-state>
  2973. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  2974. </publisher-state>
  2975. </init-params>
  2976. </input>
  2977. </nds>
  2978. </publisher-init>
  2979. </top>
  2980. [03/20/12 07:49:45.366]:Active Directory PT:Remote Interface Driver: Document sent.
  2981. [03/20/12 07:49:45.366]:Active Directory :Remote Interface Driver: Waiting for receive...
  2982. [03/20/12 07:49:45.454]:Active Directory :Remote Interface Driver: Received.
  2983. [03/20/12 07:49:45.454]:Active Directory :
  2984. <nds dtdversion="3.5" ndsversion="8.x">
  2985. <output>
  2986. <status event-id="report status" level="success">Remote driver successfully started.</status>
  2987. <init-params event-id="write state">
  2988. <publisher-state>
  2989. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  2990. </publisher-state>
  2991. </init-params>
  2992. </output>
  2993. </nds>
  2994. [03/20/12 07:49:45.455]:Active Directory :Remote Interface Driver: Received document for subscriber channel
  2995. [03/20/12 07:49:45.455]:Active Directory :Remote Interface Driver: Waiting for receive...
  2996. [03/20/12 07:49:45.455]:Active Directory PT:Receiving DOM document from application.
  2997. [03/20/12 07:49:45.455]:Active Directory PT:
  2998. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  2999. <input>
  3000. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3001. <init-params event-id="write state">
  3002. <publisher-state>
  3003. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3004. </publisher-state>
  3005. </init-params>
  3006. </input>
  3007. </nds>
  3008. [03/20/12 07:49:45.456]:Active Directory PT:Applying input transformation policies.
  3009. [03/20/12 07:49:45.456]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Publish-itp-V1%-C.
  3010. [03/20/12 07:49:45.457]:Active Directory PT: Applying to status #1.
  3011. [03/20/12 07:49:45.457]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  3012. [03/20/12 07:49:45.457]:Active Directory PT: Rule selected.
  3013. [03/20/12 07:49:45.457]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  3014. [03/20/12 07:49:45.457]:Active Directory PT: Action: do-if().
  3015. [03/20/12 07:49:45.457]:Active Directory PT: Evaluating conditions.
  3016. [03/20/12 07:49:45.457]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3017. [03/20/12 07:49:45.458]:Active Directory PT: Performing else actions.
  3018. [03/20/12 07:49:45.458]:Active Directory PT: Action: do-if().
  3019. [03/20/12 07:49:45.458]:Active Directory PT: Evaluating conditions.
  3020. [03/20/12 07:49:45.458]:Active Directory PT: (if-class-name available) = FALSE.
  3021. [03/20/12 07:49:45.458]:Active Directory PT: Performing else actions.
  3022. [03/20/12 07:49:45.458]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  3023. [03/20/12 07:49:45.458]:Active Directory PT: (if-operation equal "add-association") = FALSE.
  3024. [03/20/12 07:49:45.459]:Active Directory PT: Rule rejected.
  3025. [03/20/12 07:49:45.459]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  3026. [03/20/12 07:49:45.459]:Active Directory PT: (if-operation match "modify|delete|move|rename") = FALSE.
  3027. [03/20/12 07:49:45.459]:Active Directory PT: Rule rejected.
  3028. [03/20/12 07:49:45.459]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  3029. [03/20/12 07:49:45.459]:Active Directory PT: (if-operation match "add|modify|delete|rename|move|status") = TRUE.
  3030. [03/20/12 07:49:45.460]:Active Directory PT: Rule selected.
  3031. [03/20/12 07:49:45.460]:Active Directory PT: Applying rule 'AccountTracking - add interested properties to current doc for future use.'.
  3032. [03/20/12 07:49:45.460]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.identifiers"))).
  3033. [03/20/12 07:49:45.460]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.identifiers"))
  3034. [03/20/12 07:49:45.460]:Active Directory PT: token-global-variable("drv.acctTrk.identifiers")
  3035. [03/20/12 07:49:45.460]:Active Directory PT: Token Value: {"sAMAccountName","userPrincipalName","LDAPDN","association"}.
  3036. [03/20/12 07:49:45.461]:Active Directory PT: Arg Value: {"sAMAccountName","userPrincipalName","LDAPDN","association"}.
  3037. [03/20/12 07:49:45.461]:Active Directory PT: Performing actions for local-variable(current-node) = "sAMAccountName".
  3038. [03/20/12 07:49:45.461]:Active Directory PT: Action: do-if().
  3039. [03/20/12 07:49:45.461]:Active Directory PT: Evaluating conditions.
  3040. [03/20/12 07:49:45.461]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  3041. [03/20/12 07:49:45.461]:Active Directory PT: Performing else actions.
  3042. [03/20/12 07:49:45.462]:Active Directory PT: Action: do-if().
  3043. [03/20/12 07:49:45.462]:Active Directory PT: Evaluating conditions.
  3044. [03/20/12 07:49:45.462]:Active Directory PT: (if-local-variable 'current-node' equal "association") = FALSE.
  3045. [03/20/12 07:49:45.462]:Active Directory PT: Performing else actions.
  3046. [03/20/12 07:49:45.462]:Active Directory PT: Action: do-if().
  3047. [03/20/12 07:49:45.462]:Active Directory PT: Evaluating conditions.
  3048. [03/20/12 07:49:45.462]:Active Directory PT: Expanded variable reference '$current-node$' to 'sAMAccountName'.
  3049. [03/20/12 07:49:45.463]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  3050. [03/20/12 07:49:45.463]:Active Directory PT: Expanded variable reference '$current-node$' to 'sAMAccountName'.
  3051. [03/20/12 07:49:45.463]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  3052. [03/20/12 07:49:45.463]:Active Directory PT: Performing else actions.
  3053. [03/20/12 07:49:45.463]:Active Directory PT: Performing actions for local-variable(current-node) = "userPrincipalName".
  3054. [03/20/12 07:49:45.464]:Active Directory PT: Action: do-if().
  3055. [03/20/12 07:49:45.464]:Active Directory PT: Evaluating conditions.
  3056. [03/20/12 07:49:45.464]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  3057. [03/20/12 07:49:45.464]:Active Directory PT: Performing else actions.
  3058. [03/20/12 07:49:45.464]:Active Directory PT: Action: do-if().
  3059. [03/20/12 07:49:45.464]:Active Directory PT: Evaluating conditions.
  3060. [03/20/12 07:49:45.464]:Active Directory PT: (if-local-variable 'current-node' equal "association") = FALSE.
  3061. [03/20/12 07:49:45.465]:Active Directory PT: Performing else actions.
  3062. [03/20/12 07:49:45.465]:Active Directory PT: Action: do-if().
  3063. [03/20/12 07:49:45.465]:Active Directory PT: Evaluating conditions.
  3064. [03/20/12 07:49:45.465]:Active Directory PT: Expanded variable reference '$current-node$' to 'userPrincipalName'.
  3065. [03/20/12 07:49:45.465]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  3066. [03/20/12 07:49:45.465]:Active Directory PT: Expanded variable reference '$current-node$' to 'userPrincipalName'.
  3067. [03/20/12 07:49:45.466]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  3068. [03/20/12 07:49:45.466]:Active Directory PT: Performing else actions.
  3069. [03/20/12 07:49:45.466]:Active Directory PT: Performing actions for local-variable(current-node) = "LDAPDN".
  3070. [03/20/12 07:49:45.466]:Active Directory PT: Action: do-if().
  3071. [03/20/12 07:49:45.466]:Active Directory PT: Evaluating conditions.
  3072. [03/20/12 07:49:45.466]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = TRUE.
  3073. [03/20/12 07:49:45.466]:Active Directory PT: Expanded variable reference '$current-node$' to 'LDAPDN'.
  3074. [03/20/12 07:49:45.467]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  3075. [03/20/12 07:49:45.467]:Active Directory PT: (if-src-dn available) = FALSE.
  3076. [03/20/12 07:49:45.467]:Active Directory PT: Performing else actions.
  3077. [03/20/12 07:49:45.467]:Active Directory PT: Action: do-if().
  3078. [03/20/12 07:49:45.467]:Active Directory PT: Evaluating conditions.
  3079. [03/20/12 07:49:45.467]:Active Directory PT: (if-local-variable 'current-node' equal "association") = FALSE.
  3080. [03/20/12 07:49:45.467]:Active Directory PT: Performing else actions.
  3081. [03/20/12 07:49:45.468]:Active Directory PT: Action: do-if().
  3082. [03/20/12 07:49:45.468]:Active Directory PT: Evaluating conditions.
  3083. [03/20/12 07:49:45.468]:Active Directory PT: Expanded variable reference '$current-node$' to 'LDAPDN'.
  3084. [03/20/12 07:49:45.468]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  3085. [03/20/12 07:49:45.468]:Active Directory PT: Expanded variable reference '$current-node$' to 'LDAPDN'.
  3086. [03/20/12 07:49:45.468]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  3087. [03/20/12 07:49:45.469]:Active Directory PT: Performing else actions.
  3088. [03/20/12 07:49:45.469]:Active Directory PT: Performing actions for local-variable(current-node) = "association".
  3089. [03/20/12 07:49:45.469]:Active Directory PT: Action: do-if().
  3090. [03/20/12 07:49:45.469]:Active Directory PT: Evaluating conditions.
  3091. [03/20/12 07:49:45.469]:Active Directory PT: (if-local-variable 'current-node' equal "LDAPDN") = FALSE.
  3092. [03/20/12 07:49:45.469]:Active Directory PT: Performing else actions.
  3093. [03/20/12 07:49:45.469]:Active Directory PT: Action: do-if().
  3094. [03/20/12 07:49:45.470]:Active Directory PT: Evaluating conditions.
  3095. [03/20/12 07:49:45.470]:Active Directory PT: (if-local-variable 'current-node' equal "association") = TRUE.
  3096. [03/20/12 07:49:45.470]:Active Directory PT: Expanded variable reference '$current-node$' to 'association'.
  3097. [03/20/12 07:49:45.470]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  3098. [03/20/12 07:49:45.470]:Active Directory PT: (if-association available) = FALSE.
  3099. [03/20/12 07:49:45.470]:Active Directory PT: Performing else actions.
  3100. [03/20/12 07:49:45.471]:Active Directory PT: Action: do-if().
  3101. [03/20/12 07:49:45.471]:Active Directory PT: Evaluating conditions.
  3102. [03/20/12 07:49:45.471]:Active Directory PT: Expanded variable reference '$current-node$' to 'association'.
  3103. [03/20/12 07:49:45.471]:Active Directory PT: (if-op-property 'AccountTracking-$current-node$' not-available) = TRUE.
  3104. [03/20/12 07:49:45.471]:Active Directory PT: Expanded variable reference '$current-node$' to 'association'.
  3105. [03/20/12 07:49:45.471]:Active Directory PT: (if-op-attr '$current-node$' available) = FALSE.
  3106. [03/20/12 07:49:45.472]:Active Directory PT: Performing else actions.
  3107. [03/20/12 07:49:45.472]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  3108. [03/20/12 07:49:45.472]:Active Directory PT: (if-operation match "add|modify|delete|rename|move") = FALSE.
  3109. [03/20/12 07:49:45.472]:Active Directory PT: Rule rejected.
  3110. [03/20/12 07:49:45.472]:Active Directory PT: Applying to init-params #2.
  3111. [03/20/12 07:49:45.472]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  3112. [03/20/12 07:49:45.473]:Active Directory PT: Rule selected.
  3113. [03/20/12 07:49:45.473]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  3114. [03/20/12 07:49:45.473]:Active Directory PT: Action: do-if().
  3115. [03/20/12 07:49:45.473]:Active Directory PT: Evaluating conditions.
  3116. [03/20/12 07:49:45.473]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3117. [03/20/12 07:49:45.473]:Active Directory PT: Performing else actions.
  3118. [03/20/12 07:49:45.473]:Active Directory PT: Action: do-if().
  3119. [03/20/12 07:49:45.474]:Active Directory PT: Evaluating conditions.
  3120. [03/20/12 07:49:45.474]:Active Directory PT: (if-class-name available) = FALSE.
  3121. [03/20/12 07:49:45.474]:Active Directory PT: Performing else actions.
  3122. [03/20/12 07:49:45.474]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add-association sync the operation-properties to status operations'.
  3123. [03/20/12 07:49:45.474]:Active Directory PT: (if-operation equal "add-association") = FALSE.
  3124. [03/20/12 07:49:45.474]:Active Directory PT: Rule rejected.
  3125. [03/20/12 07:49:45.474]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Query for destination DN using Association'.
  3126. [03/20/12 07:49:45.475]:Active Directory PT: (if-operation match "modify|delete|move|rename") = FALSE.
  3127. [03/20/12 07:49:45.475]:Active Directory PT: Rule rejected.
  3128. [03/20/12 07:49:45.475]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - add interested properties to current doc for future use.'.
  3129. [03/20/12 07:49:45.475]:Active Directory PT: (if-operation match "add|modify|delete|rename|move|status") = FALSE.
  3130. [03/20/12 07:49:45.475]:Active Directory PT: Rule rejected.
  3131. [03/20/12 07:49:45.475]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - Initialize status properties on published events'.
  3132. [03/20/12 07:49:45.476]:Active Directory PT: (if-operation match "add|modify|delete|rename|move") = FALSE.
  3133. [03/20/12 07:49:45.476]:Active Directory PT: Rule rejected.
  3134. [03/20/12 07:49:45.476]:Active Directory PT:Policy returned:
  3135. [03/20/12 07:49:45.476]:Active Directory PT:
  3136. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3137. <input>
  3138. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3139. <init-params event-id="write state">
  3140. <publisher-state>
  3141. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3142. </publisher-state>
  3143. </init-params>
  3144. </input>
  3145. </nds>
  3146. [03/20/12 07:49:45.477]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccounts-itp-V1%-C.
  3147. [03/20/12 07:49:45.477]:Active Directory PT: Applying to status #1.
  3148. [03/20/12 07:49:45.477]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  3149. [03/20/12 07:49:45.477]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3150. [03/20/12 07:49:45.477]:Active Directory PT: Rule rejected.
  3151. [03/20/12 07:49:45.478]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  3152. [03/20/12 07:49:45.478]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  3153. [03/20/12 07:49:45.478]:Active Directory PT: Rule rejected.
  3154. [03/20/12 07:49:45.478]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  3155. [03/20/12 07:49:45.478]:Active Directory PT: (if-operation match "delete|remove-association") = FALSE.
  3156. [03/20/12 07:49:45.478]:Active Directory PT: (if-operation equal "status") = TRUE.
  3157. [03/20/12 07:49:45.479]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  3158. [03/20/12 07:49:45.479]:Active Directory PT: Rule rejected.
  3159. [03/20/12 07:49:45.479]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  3160. [03/20/12 07:49:45.479]:Active Directory PT: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  3161. [03/20/12 07:49:45.479]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  3162. [03/20/12 07:49:45.479]:Active Directory PT: (if-operation equal "status") = TRUE.
  3163. [03/20/12 07:49:45.480]:Active Directory PT: (if-xpath true "./@level='success'") = TRUE.
  3164. [03/20/12 07:49:45.480]:Active Directory PT: (if-op-property 'AccountTracking-Operation' available) = FALSE.
  3165. [03/20/12 07:49:45.480]:Active Directory PT: Rule rejected.
  3166. [03/20/12 07:49:45.480]:Active Directory PT: Applying to init-params #2.
  3167. [03/20/12 07:49:45.480]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled'.
  3168. [03/20/12 07:49:45.480]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3169. [03/20/12 07:49:45.480]:Active Directory PT: Rule rejected.
  3170. [03/20/12 07:49:45.481]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - query DirXML-Accounts Attribute'.
  3171. [03/20/12 07:49:45.481]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  3172. [03/20/12 07:49:45.481]:Active Directory PT: Rule rejected.
  3173. [03/20/12 07:49:45.481]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - remove Dirxml-Account values on delete operation'.
  3174. [03/20/12 07:49:45.481]:Active Directory PT: (if-operation match "delete|remove-association") = FALSE.
  3175. [03/20/12 07:49:45.481]:Active Directory PT: (if-operation equal "status") = FALSE.
  3176. [03/20/12 07:49:45.482]:Active Directory PT: Rule rejected.
  3177. [03/20/12 07:49:45.482]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - update DirXMLAccounts attribute'.
  3178. [03/20/12 07:49:45.482]:Active Directory PT: (if-op-property 'AccountTracking-Operation' not-available) = TRUE.
  3179. [03/20/12 07:49:45.482]:Active Directory PT: (if-op-property 'AccountTracking-ObjectDN' available) = FALSE.
  3180. [03/20/12 07:49:45.482]:Active Directory PT: (if-operation equal "status") = FALSE.
  3181. [03/20/12 07:49:45.482]:Active Directory PT: Rule rejected.
  3182. [03/20/12 07:49:45.482]:Active Directory PT:Policy returned:
  3183. [03/20/12 07:49:45.483]:Active Directory PT:
  3184. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3185. <input>
  3186. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3187. <init-params event-id="write state">
  3188. <publisher-state>
  3189. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3190. </publisher-state>
  3191. </init-params>
  3192. </input>
  3193. </nds>
  3194. [03/20/12 07:49:45.483]:Active Directory PT:Applying policy: %+C%14Citp%-C.
  3195. [03/20/12 07:49:45.483]:Active Directory PT: Applying to status #1.
  3196. [03/20/12 07:49:45.484]:Active Directory PT: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  3197. [03/20/12 07:49:45.484]:Active Directory PT: Rule selected.
  3198. [03/20/12 07:49:45.484]:Active Directory PT: Applying rule 'streetAddress: Convert CR-LF to LF'.
  3199. [03/20/12 07:49:45.484]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  3200. [03/20/12 07:49:45.484]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  3201. [03/20/12 07:49:45.484]:Active Directory PT: Rule selected.
  3202. [03/20/12 07:49:45.485]:Active Directory PT: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  3203. [03/20/12 07:49:45.485]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  3204. [03/20/12 07:49:45.485]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  3205. [03/20/12 07:49:45.485]:Active Directory PT: Rule selected.
  3206. [03/20/12 07:49:45.485]:Active Directory PT: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  3207. [03/20/12 07:49:45.485]:Active Directory PT: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  3208. [03/20/12 07:49:45.486]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  3209. [03/20/12 07:49:45.486]:Active Directory PT: Rule selected.
  3210. [03/20/12 07:49:45.486]:Active Directory PT: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  3211. [03/20/12 07:49:45.486]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  3212. [03/20/12 07:49:45.486]:Active Directory PT: Applying to init-params #2.
  3213. [03/20/12 07:49:45.487]:Active Directory PT: Evaluating selection criteria for rule 'streetAddress: Convert CR-LF to LF'.
  3214. [03/20/12 07:49:45.487]:Active Directory PT: Rule selected.
  3215. [03/20/12 07:49:45.487]:Active Directory PT: Applying rule 'streetAddress: Convert CR-LF to LF'.
  3216. [03/20/12 07:49:45.487]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("\r\n","\r",token-local-variable("current-value"))).
  3217. [03/20/12 07:49:45.487]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Login Allowed Time Map form'.
  3218. [03/20/12 07:49:45.487]:Active Directory PT: Rule selected.
  3219. [03/20/12 07:49:45.487]:Active Directory PT: Applying rule 'logonHours: Convert to Login Allowed Time Map form'.
  3220. [03/20/12 07:49:45.488]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2eDir($current-value)")).
  3221. [03/20/12 07:49:45.488]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Identity Vault time format'.
  3222. [03/20/12 07:49:45.488]:Active Directory PT: Rule selected.
  3223. [03/20/12 07:49:45.488]:Active Directory PT: Applying rule 'accountExpires: Convert to Identity Vault time format'.
  3224. [03/20/12 07:49:45.488]:Active Directory PT: Action: do-reformat-op-attr("accountExpires",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  3225. [03/20/12 07:49:45.489]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Identity Vault time format'.
  3226. [03/20/12 07:49:45.489]:Active Directory PT: Rule selected.
  3227. [03/20/12 07:49:45.489]:Active Directory PT: Applying rule 'lockoutTime: Convert to Identity Vault time format'.
  3228. [03/20/12 07:49:45.489]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateFileTime2Epoch($current-value)")).
  3229. [03/20/12 07:49:45.490]:Active Directory PT:Policy returned:
  3230. [03/20/12 07:49:45.490]:Active Directory PT:
  3231. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3232. <input>
  3233. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3234. <init-params event-id="write state">
  3235. <publisher-state>
  3236. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3237. </publisher-state>
  3238. </init-params>
  3239. </input>
  3240. </nds>
  3241. [03/20/12 07:49:45.490]:Active Directory PT:Applying policy: %+C%14Citp-EntitlementsImpl%-C.
  3242. [03/20/12 07:49:45.491]:Active Directory PT: Applying to status #1.
  3243. [03/20/12 07:49:45.491]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  3244. [03/20/12 07:49:45.491]:Active Directory PT: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  3245. [03/20/12 07:49:45.491]:Active Directory PT: Rule rejected.
  3246. [03/20/12 07:49:45.491]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  3247. [03/20/12 07:49:45.491]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  3248. [03/20/12 07:49:45.492]:Active Directory PT: Rule rejected.
  3249. [03/20/12 07:49:45.492]:Active Directory PT: Applying to init-params #2.
  3250. [03/20/12 07:49:45.492]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for group membership entitlements'.
  3251. [03/20/12 07:49:45.492]:Active Directory PT: (if-global-variable 'drv.entitlement.Group' equal "true") = FALSE.
  3252. [03/20/12 07:49:45.492]:Active Directory PT: Rule rejected.
  3253. [03/20/12 07:49:45.492]:Active Directory PT: Evaluating selection criteria for rule 'Check target of add-association for Exchange mailbox entitlements'.
  3254. [03/20/12 07:49:45.493]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "entitlement") = FALSE.
  3255. [03/20/12 07:49:45.493]:Active Directory PT: Rule rejected.
  3256. [03/20/12 07:49:45.493]:Active Directory PT:Policy returned:
  3257. [03/20/12 07:49:45.493]:Active Directory PT:
  3258. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3259. <input>
  3260. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3261. <init-params event-id="write state">
  3262. <publisher-state>
  3263. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3264. </publisher-state>
  3265. </init-params>
  3266. </input>
  3267. </nds>
  3268. [03/20/12 07:49:45.494]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Sub Email Notifications%-C.
  3269. [03/20/12 07:49:45.494]:Active Directory PT: Applying to status #1.
  3270. [03/20/12 07:49:45.494]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  3271. [03/20/12 07:49:45.494]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  3272. [03/20/12 07:49:45.494]:Active Directory PT: (if-operation equal "status") = TRUE.
  3273. [03/20/12 07:49:45.495]:Active Directory PT: (if-xpath true "self::status[@level != 'success'][text() != '']/operation-data/password-subscribe-status/association[text() != '']") = FALSE.
  3274. [03/20/12 07:49:45.495]:Active Directory PT: Rule rejected.
  3275. [03/20/12 07:49:45.495]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  3276. [03/20/12 07:49:45.495]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  3277. [03/20/12 07:49:45.495]:Active Directory PT: (if-operation equal "status") = TRUE.
  3278. [03/20/12 07:49:45.496]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-reset-status") = FALSE.
  3279. [03/20/12 07:49:45.496]:Active Directory PT: Rule rejected.
  3280. [03/20/12 07:49:45.496]:Active Directory PT: Applying to init-params #2.
  3281. [03/20/12 07:49:45.496]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on a failure when subscribing to passwords'.
  3282. [03/20/12 07:49:45.496]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  3283. [03/20/12 07:49:45.496]:Active Directory PT: (if-operation equal "status") = FALSE.
  3284. [03/20/12 07:49:45.497]:Active Directory PT: Rule rejected.
  3285. [03/20/12 07:49:45.497]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail on failure to reset connected system password using the Identity Manager data store password'.
  3286. [03/20/12 07:49:45.497]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  3287. [03/20/12 07:49:45.497]:Active Directory PT: (if-operation equal "status") = FALSE.
  3288. [03/20/12 07:49:45.497]:Active Directory PT: Rule rejected.
  3289. [03/20/12 07:49:45.497]:Active Directory PT:Policy returned:
  3290. [03/20/12 07:49:45.498]:Active Directory PT:
  3291. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3292. <input>
  3293. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3294. <init-params event-id="write state">
  3295. <publisher-state>
  3296. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3297. </publisher-state>
  3298. </init-params>
  3299. </input>
  3300. </nds>
  3301. [03/20/12 07:49:45.498]:Active Directory PT:Applying policy: %+C%14Clib-Audit-SendEntitlementsEvents-itp-V1%-C.
  3302. [03/20/12 07:49:45.498]:Active Directory PT: Applying to status #1.
  3303. [03/20/12 07:49:45.499]:Active Directory PT: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  3304. [03/20/12 07:49:45.499]:Active Directory PT: (if-operation equal "status") = TRUE.
  3305. [03/20/12 07:49:45.499]:Active Directory PT: (if-op-property 'accountAction' equal "accountCreateByEntitlementGrant") = FALSE.
  3306. [03/20/12 07:49:45.499]:Active Directory PT: Rule rejected.
  3307. [03/20/12 07:49:45.500]:Active Directory PT: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  3308. [03/20/12 07:49:45.500]:Active Directory PT: (if-operation equal "status") = TRUE.
  3309. [03/20/12 07:49:45.500]:Active Directory PT: (if-xpath true "./operation-data/entitlement-impl/@state = '0'") = FALSE.
  3310. [03/20/12 07:49:45.500]:Active Directory PT: (if-operation equal "status") = TRUE.
  3311. [03/20/12 07:49:45.500]:Active Directory PT: (if-op-property 'accountAction' equal "accountDeleteByEntitlementRevoke") = FALSE.
  3312. [03/20/12 07:49:45.500]:Active Directory PT: Rule rejected.
  3313. [03/20/12 07:49:45.500]:Active Directory PT: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  3314. [03/20/12 07:49:45.501]:Active Directory PT: (if-operation equal "status") = TRUE.
  3315. [03/20/12 07:49:45.501]:Active Directory PT: (if-op-property 'accountAction' equal "accountDisableByEntitlementRevoke") = FALSE.
  3316. [03/20/12 07:49:45.501]:Active Directory PT: Rule rejected.
  3317. [03/20/12 07:49:45.501]:Active Directory PT: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  3318. [03/20/12 07:49:45.501]:Active Directory PT: (if-operation equal "status") = TRUE.
  3319. [03/20/12 07:49:45.501]:Active Directory PT: (if-op-property 'accountAction' equal "accountEnableByEntitlementGrant") = FALSE.
  3320. [03/20/12 07:49:45.502]:Active Directory PT: Rule rejected.
  3321. [03/20/12 07:49:45.502]:Active Directory PT: Evaluating selection criteria for rule 'Generate Audit Event'.
  3322. [03/20/12 07:49:45.502]:Active Directory PT: (if-operation equal "status") = TRUE.
  3323. [03/20/12 07:49:45.502]:Active Directory PT: (if-local-variable 'auditEventID' available) = FALSE.
  3324. [03/20/12 07:49:45.502]:Active Directory PT: Rule rejected.
  3325. [03/20/12 07:49:45.502]:Active Directory PT: Applying to init-params #2.
  3326. [03/20/12 07:49:45.502]:Active Directory PT: Evaluating selection criteria for rule '00031200 - Account Create By Entitlement Grant'.
  3327. [03/20/12 07:49:45.503]:Active Directory PT: (if-operation equal "status") = FALSE.
  3328. [03/20/12 07:49:45.503]:Active Directory PT: Rule rejected.
  3329. [03/20/12 07:49:45.503]:Active Directory PT: Evaluating selection criteria for rule '00031201 - Account Delete By Entitlement Revoke'.
  3330. [03/20/12 07:49:45.503]:Active Directory PT: (if-operation equal "status") = FALSE.
  3331. [03/20/12 07:49:45.503]:Active Directory PT: (if-operation equal "status") = FALSE.
  3332. [03/20/12 07:49:45.503]:Active Directory PT: Rule rejected.
  3333. [03/20/12 07:49:45.503]:Active Directory PT: Evaluating selection criteria for rule '00031202 - Account Disable By Entitlement Revoke'.
  3334. [03/20/12 07:49:45.504]:Active Directory PT: (if-operation equal "status") = FALSE.
  3335. [03/20/12 07:49:45.504]:Active Directory PT: Rule rejected.
  3336. [03/20/12 07:49:45.504]:Active Directory PT: Evaluating selection criteria for rule '00031203 - Account Enable By Entitlement Grant'.
  3337. [03/20/12 07:49:45.504]:Active Directory PT: (if-operation equal "status") = FALSE.
  3338. [03/20/12 07:49:45.504]:Active Directory PT: Rule rejected.
  3339. [03/20/12 07:49:45.504]:Active Directory PT: Evaluating selection criteria for rule 'Generate Audit Event'.
  3340. [03/20/12 07:49:45.504]:Active Directory PT: (if-operation equal "status") = FALSE.
  3341. [03/20/12 07:49:45.505]:Active Directory PT: Rule rejected.
  3342. [03/20/12 07:49:45.505]:Active Directory PT:Policy returned:
  3343. [03/20/12 07:49:45.505]:Active Directory PT:
  3344. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3345. <input>
  3346. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3347. <init-params event-id="write state">
  3348. <publisher-state>
  3349. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3350. </publisher-state>
  3351. </init-params>
  3352. </input>
  3353. </nds>
  3354. [03/20/12 07:49:45.506]:Active Directory PT:Applying schema mapping policies to input.
  3355. [03/20/12 07:49:45.506]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  3356. [03/20/12 07:49:45.506]:Active Directory PT:Resolving association references.
  3357. [03/20/12 07:49:45.506]:Active Directory PT:Reading XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-DriverStorage.
  3358. [03/20/12 07:49:45.507]:Active Directory PT:Writing driver state.
  3359. [03/20/12 07:49:45.507]:Active Directory PT:Writing XML attribute vnd.nds.stream://EDIR2ADLAB/fdny/AD-TEST/Active+Directory#DirXML-DriverStorage.
  3360. [03/20/12 07:49:45.514]:Active Directory PT:Applying event transformation policies.
  3361. [03/20/12 07:49:45.514]:Active Directory PT:Applying policy: %+C%14Cpub-etp-EntitlementsImpl%-C.
  3362. [03/20/12 07:49:45.515]:Active Directory PT: Applying to status #1.
  3363. [03/20/12 07:49:45.515]:Active Directory PT: Evaluating selection criteria for rule 'Disallow user account delete when using entitlements'.
  3364. [03/20/12 07:49:45.515]:Active Directory PT: (if-operation equal "delete") = FALSE.
  3365. [03/20/12 07:49:45.515]:Active Directory PT: Rule rejected.
  3366. [03/20/12 07:49:45.515]:Active Directory PT: Evaluating selection criteria for rule 'Strip Login Disabled from operation (Disable Option)'.
  3367. [03/20/12 07:49:45.515]:Active Directory PT: (if-global-variable 'drv.entitlement.UserAccount' equal "true") = FALSE.
  3368. [03/20/12 07:49:45.516]:Active Directory PT: Rule rejected.
  3369. [03/20/12 07:49:45.516]:Active Directory PT: Applying to init-params #2.
  3370. [03/20/12 07:49:45.516]:Active Directory PT: Evaluating selection criteria for rule 'Disallow user account delete when using entitlements'.
  3371. [03/20/12 07:49:45.516]:Active Directory PT: (if-operation equal "delete") = FALSE.
  3372. [03/20/12 07:49:45.516]:Active Directory PT: Rule rejected.
  3373. [03/20/12 07:49:45.516]:Active Directory PT: Evaluating selection criteria for rule 'Strip Login Disabled from operation (Disable Option)'.
  3374. [03/20/12 07:49:45.516]:Active Directory PT: (if-global-variable 'drv.entitlement.UserAccount' equal "true") = FALSE.
  3375. [03/20/12 07:49:45.517]:Active Directory PT: Rule rejected.
  3376. [03/20/12 07:49:45.517]:Active Directory PT:Policy returned:
  3377. [03/20/12 07:49:45.517]:Active Directory PT:
  3378. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3379. <input>
  3380. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3381. <init-params event-id="write state">
  3382. <publisher-state>
  3383. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3384. </publisher-state>
  3385. </init-params>
  3386. </input>
  3387. </nds>
  3388. [03/20/12 07:49:45.518]:Active Directory PT:Applying policy: %+C%14Cpub-etp-HandleMovesAndRenames%-C.
  3389. [03/20/12 07:49:45.518]:Active Directory PT: Applying to status #1.
  3390. [03/20/12 07:49:45.518]:Active Directory PT: Evaluating selection criteria for rule 'break if not a move or rename'.
  3391. [03/20/12 07:49:45.518]:Active Directory PT: (if-operation not-match "move|rename") = TRUE.
  3392. [03/20/12 07:49:45.518]:Active Directory PT: Rule selected.
  3393. [03/20/12 07:49:45.518]:Active Directory PT: Applying rule 'break if not a move or rename'.
  3394. [03/20/12 07:49:45.519]:Active Directory PT: Action: do-break().
  3395. [03/20/12 07:49:45.519]:Active Directory PT: Applying to init-params #2.
  3396. [03/20/12 07:49:45.519]:Active Directory PT: Evaluating selection criteria for rule 'break if not a move or rename'.
  3397. [03/20/12 07:49:45.519]:Active Directory PT: (if-operation not-match "move|rename") = TRUE.
  3398. [03/20/12 07:49:45.519]:Active Directory PT: Rule selected.
  3399. [03/20/12 07:49:45.519]:Active Directory PT: Applying rule 'break if not a move or rename'.
  3400. [03/20/12 07:49:45.519]:Active Directory PT: Action: do-break().
  3401. [03/20/12 07:49:45.519]:Active Directory PT:Policy returned:
  3402. [03/20/12 07:49:45.520]:Active Directory PT:
  3403. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3404. <input>
  3405. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3406. <init-params event-id="write state">
  3407. <publisher-state>
  3408. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3409. </publisher-state>
  3410. </init-params>
  3411. </input>
  3412. </nds>
  3413. [03/20/12 07:49:45.520]:Active Directory PT:Applying publisher filter.
  3414. [03/20/12 07:49:45.521]:Active Directory PT:Publisher processing status for .
  3415. [03/20/12 07:49:45.521]:Active Directory PT:Applying command transformation policies.
  3416. [03/20/12 07:49:45.521]:Active Directory PT:Applying policy: %+C%14Cpub-ctp-UserNameMap%-C.
  3417. [03/20/12 07:49:45.522]:Active Directory PT: Applying to status #1.
  3418. [03/20/12 07:49:45.522]:Active Directory PT: Evaluating selection criteria for rule 'consider user objects when name mapping is enabled'.
  3419. [03/20/12 07:49:45.522]:Active Directory PT: (if-class-name not-equal "User") = TRUE.
  3420. [03/20/12 07:49:45.522]:Active Directory PT: Rule selected.
  3421. [03/20/12 07:49:45.522]:Active Directory PT: Applying rule 'consider user objects when name mapping is enabled'.
  3422. [03/20/12 07:49:45.522]:Active Directory PT: Action: do-break().
  3423. [03/20/12 07:49:45.522]:Active Directory PT:Policy returned:
  3424. [03/20/12 07:49:45.522]:Active Directory PT:
  3425. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3426. <input>
  3427. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3428. </input>
  3429. </nds>
  3430. [03/20/12 07:49:45.523]:Active Directory PT:Applying policy: %+C%14Cpub-ctp%-C.
  3431. [03/20/12 07:49:45.523]:Active Directory PT: Applying to status #1.
  3432. [03/20/12 07:49:45.523]:Active Directory PT: Evaluating selection criteria for rule 'set cached context value on merge'.
  3433. [03/20/12 07:49:45.523]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3434. [03/20/12 07:49:45.523]:Active Directory PT: Rule rejected.
  3435. [03/20/12 07:49:45.523]:Active Directory PT: Evaluating selection criteria for rule 'Set Equivalent To Me when adding object to a group'.
  3436. [03/20/12 07:49:45.524]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  3437. [03/20/12 07:49:45.524]:Active Directory PT: Rule rejected.
  3438. [03/20/12 07:49:45.524]:Active Directory PT: Evaluating selection criteria for rule 'Remove Equivalent To Me when removing object from a group'.
  3439. [03/20/12 07:49:45.524]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  3440. [03/20/12 07:49:45.524]:Active Directory PT: Rule rejected.
  3441. [03/20/12 07:49:45.524]:Active Directory PT: Evaluating selection criteria for rule 'remove managed attributes when object disassociated'.
  3442. [03/20/12 07:49:45.525]:Active Directory PT: (if-operation equal "remove-association") = FALSE.
  3443. [03/20/12 07:49:45.525]:Active Directory PT: Rule rejected.
  3444. [03/20/12 07:49:45.525]:Active Directory PT: Evaluating selection criteria for rule 'Prevent unassociated users from being removed from groups'.
  3445. [03/20/12 07:49:45.525]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3446. [03/20/12 07:49:45.525]:Active Directory PT: Rule rejected.
  3447. [03/20/12 07:49:45.525]:Active Directory PT:Policy returned:
  3448. [03/20/12 07:49:45.525]:Active Directory PT:
  3449. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3450. <input>
  3451. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3452. </input>
  3453. </nds>
  3454. [03/20/12 07:49:45.526]:Active Directory PT:Applying XSLT policy: %+C%14Cpub-cts%-C.
  3455. [03/20/12 07:49:45.526]:Active Directory PT:Policy returned:
  3456. [03/20/12 07:49:45.526]:Active Directory PT:
  3457. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3458. <input>
  3459. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3460. </input>
  3461. </nds>
  3462. [03/20/12 07:49:45.527]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Default Password Policy%-C.
  3463. [03/20/12 07:49:45.527]:Active Directory PT: Applying to status #1.
  3464. [03/20/12 07:49:45.527]:Active Directory PT: Evaluating selection criteria for rule 'On User add, provide default password of @Dirxml1 if no password exists'.
  3465. [03/20/12 07:49:45.527]:Active Directory PT: (if-operation equal "add") = FALSE.
  3466. [03/20/12 07:49:45.527]:Active Directory PT: Rule rejected.
  3467. [03/20/12 07:49:45.528]:Active Directory PT:Policy returned:
  3468. [03/20/12 07:49:45.528]:Active Directory PT:
  3469. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3470. <input>
  3471. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3472. </input>
  3473. </nds>
  3474. [03/20/12 07:49:45.528]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Check Password GCV%-C.
  3475. [03/20/12 07:49:45.528]:Active Directory PT: Applying to status #1.
  3476. [03/20/12 07:49:45.528]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to Identity Manager data store when adding a object'.
  3477. [03/20/12 07:49:45.528]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  3478. [03/20/12 07:49:45.529]:Active Directory PT: Rule rejected.
  3479. [03/20/12 07:49:45.529]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the Identity Manager data store'.
  3480. [03/20/12 07:49:45.529]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  3481. [03/20/12 07:49:45.529]:Active Directory PT: Rule rejected.
  3482. [03/20/12 07:49:45.529]:Active Directory PT:Policy returned:
  3483. [03/20/12 07:49:45.529]:Active Directory PT:
  3484. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3485. <input>
  3486. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3487. </input>
  3488. </nds>
  3489. [03/20/12 07:49:45.530]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish Distribution Password%-C.
  3490. [03/20/12 07:49:45.530]:Active Directory PT: Applying to status #1.
  3491. [03/20/12 07:49:45.530]:Active Directory PT: Evaluating selection criteria for rule 'Add nspmDistributionAttribute attribute to add operation'.
  3492. [03/20/12 07:49:45.530]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  3493. [03/20/12 07:49:45.530]:Active Directory PT: Rule rejected.
  3494. [03/20/12 07:49:45.531]:Active Directory PT: Evaluating selection criteria for rule 'Change modify-password operations to a modify'.
  3495. [03/20/12 07:49:45.531]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  3496. [03/20/12 07:49:45.531]:Active Directory PT: Rule rejected.
  3497. [03/20/12 07:49:45.531]:Active Directory PT:Policy returned:
  3498. [03/20/12 07:49:45.531]:Active Directory PT:
  3499. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3500. <input>
  3501. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3502. </input>
  3503. </nds>
  3504. [03/20/12 07:49:45.531]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish NDS Password%-C.
  3505. [03/20/12 07:49:45.532]:Active Directory PT: Applying to status #1.
  3506. [03/20/12 07:49:45.532]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to NDS password'.
  3507. [03/20/12 07:49:45.532]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  3508. [03/20/12 07:49:45.532]:Active Directory PT: Rule rejected.
  3509. [03/20/12 07:49:45.532]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the NDS password'.
  3510. [03/20/12 07:49:45.532]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  3511. [03/20/12 07:49:45.533]:Active Directory PT: Rule rejected.
  3512. [03/20/12 07:49:45.533]:Active Directory PT:Policy returned:
  3513. [03/20/12 07:49:45.533]:Active Directory PT:
  3514. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3515. <input>
  3516. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3517. </input>
  3518. </nds>
  3519. [03/20/12 07:49:45.533]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Add Password Payload%-C.
  3520. [03/20/12 07:49:45.533]:Active Directory PT: Applying to status #1.
  3521. [03/20/12 07:49:45.533]:Active Directory PT: Evaluating selection criteria for rule 'Add operation-data element to password operations'.
  3522. [03/20/12 07:49:45.534]:Active Directory PT: (if-operation equal "add") = FALSE.
  3523. [03/20/12 07:49:45.534]:Active Directory PT: (if-operation equal "add") = FALSE.
  3524. [03/20/12 07:49:45.534]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  3525. [03/20/12 07:49:45.534]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3526. [03/20/12 07:49:45.534]:Active Directory PT: Rule rejected.
  3527. [03/20/12 07:49:45.534]:Active Directory PT: Evaluating selection criteria for rule 'Add payload data to password operations'.
  3528. [03/20/12 07:49:45.535]:Active Directory PT: (if-operation equal "addPayloadToPassword") = FALSE.
  3529. [03/20/12 07:49:45.535]:Active Directory PT: (if-operation equal "add") = FALSE.
  3530. [03/20/12 07:49:45.535]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  3531. [03/20/12 07:49:45.535]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3532. [03/20/12 07:49:45.535]:Active Directory PT: Rule rejected.
  3533. [03/20/12 07:49:45.535]:Active Directory PT:Policy returned:
  3534. [03/20/12 07:49:45.535]:Active Directory PT:
  3535. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3536. <input>
  3537. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3538. </input>
  3539. </nds>
  3540. [03/20/12 07:49:45.536]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccountsOnAdds-pub-ctp-V1%-C.
  3541. [03/20/12 07:49:45.536]:Active Directory PT: Applying to status #1.
  3542. [03/20/12 07:49:45.536]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard policy if disabled'.
  3543. [03/20/12 07:49:45.536]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3544. [03/20/12 07:49:45.536]:Active Directory PT: Rule rejected.
  3545. [03/20/12 07:49:45.536]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add operation add Dirxml-Accounts'.
  3546. [03/20/12 07:49:45.537]:Active Directory PT: (if-operation equal "add") = FALSE.
  3547. [03/20/12 07:49:45.537]:Active Directory PT: Rule rejected.
  3548. [03/20/12 07:49:45.537]:Active Directory PT:Policy returned:
  3549. [03/20/12 07:49:45.537]:Active Directory PT:
  3550. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3551. <input>
  3552. <status event-id="report status" level="success">Remote driver successfully started.</status>
  3553. </input>
  3554. </nds>
  3555. [03/20/12 07:49:45.537]:Active Directory PT:Filtering out notification-only attributes.
  3556. [03/20/12 07:49:45.538]:Active Directory PT:Pumping XDS to eDirectory.
  3557. [03/20/12 07:49:45.538]:Active Directory PT:Performing operation status for .
  3558. [03/20/12 07:49:45.538]:Active Directory PT:
  3559. DirXML Log Event -------------------
  3560. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  3561. Channel: Publisher
  3562. Status: Success
  3563. Message: Remote driver successfully started.
  3564. [03/20/12 07:49:45.538]:Active Directory PT:Applying publisher filter.
  3565. [03/20/12 07:49:45.539]:Active Directory PT:Publisher processing init-params for .
  3566. [03/20/12 07:49:45.539]:Active Directory PT:Applying command transformation policies.
  3567. [03/20/12 07:49:45.539]:Active Directory PT:Applying policy: %+C%14Cpub-ctp-UserNameMap%-C.
  3568. [03/20/12 07:49:45.539]:Active Directory PT: Applying to init-params #1.
  3569. [03/20/12 07:49:45.539]:Active Directory PT: Evaluating selection criteria for rule 'consider user objects when name mapping is enabled'.
  3570. [03/20/12 07:49:45.539]:Active Directory PT: (if-class-name not-equal "User") = TRUE.
  3571. [03/20/12 07:49:45.540]:Active Directory PT: Rule selected.
  3572. [03/20/12 07:49:45.540]:Active Directory PT: Applying rule 'consider user objects when name mapping is enabled'.
  3573. [03/20/12 07:49:45.540]:Active Directory PT: Action: do-break().
  3574. [03/20/12 07:49:45.540]:Active Directory PT:Policy returned:
  3575. [03/20/12 07:49:45.540]:Active Directory PT:
  3576. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3577. <input>
  3578. <init-params event-id="write state">
  3579. <publisher-state>
  3580. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3581. </publisher-state>
  3582. </init-params>
  3583. </input>
  3584. </nds>
  3585. [03/20/12 07:49:45.541]:Active Directory PT:Applying policy: %+C%14Cpub-ctp%-C.
  3586. [03/20/12 07:49:45.541]:Active Directory PT: Applying to init-params #1.
  3587. [03/20/12 07:49:45.541]:Active Directory PT: Evaluating selection criteria for rule 'set cached context value on merge'.
  3588. [03/20/12 07:49:45.541]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3589. [03/20/12 07:49:45.541]:Active Directory PT: Rule rejected.
  3590. [03/20/12 07:49:45.541]:Active Directory PT: Evaluating selection criteria for rule 'Set Equivalent To Me when adding object to a group'.
  3591. [03/20/12 07:49:45.542]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  3592. [03/20/12 07:49:45.542]:Active Directory PT: Rule rejected.
  3593. [03/20/12 07:49:45.542]:Active Directory PT: Evaluating selection criteria for rule 'Remove Equivalent To Me when removing object from a group'.
  3594. [03/20/12 07:49:45.542]:Active Directory PT: (if-class-name equal "Group") = FALSE.
  3595. [03/20/12 07:49:45.542]:Active Directory PT: Rule rejected.
  3596. [03/20/12 07:49:45.542]:Active Directory PT: Evaluating selection criteria for rule 'remove managed attributes when object disassociated'.
  3597. [03/20/12 07:49:45.543]:Active Directory PT: (if-operation equal "remove-association") = FALSE.
  3598. [03/20/12 07:49:45.543]:Active Directory PT: Rule rejected.
  3599. [03/20/12 07:49:45.543]:Active Directory PT: Evaluating selection criteria for rule 'Prevent unassociated users from being removed from groups'.
  3600. [03/20/12 07:49:45.543]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3601. [03/20/12 07:49:45.543]:Active Directory PT: Rule rejected.
  3602. [03/20/12 07:49:45.543]:Active Directory PT:Policy returned:
  3603. [03/20/12 07:49:45.543]:Active Directory PT:
  3604. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3605. <input>
  3606. <init-params event-id="write state">
  3607. <publisher-state>
  3608. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3609. </publisher-state>
  3610. </init-params>
  3611. </input>
  3612. </nds>
  3613. [03/20/12 07:49:45.544]:Active Directory PT:Applying XSLT policy: %+C%14Cpub-cts%-C.
  3614. [03/20/12 07:49:45.544]:Active Directory PT:Policy returned:
  3615. [03/20/12 07:49:45.545]:Active Directory PT:
  3616. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3617. <input>
  3618. <init-params event-id="write state">
  3619. <publisher-state>
  3620. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3621. </publisher-state>
  3622. </init-params>
  3623. </input>
  3624. </nds>
  3625. [03/20/12 07:49:45.545]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Default Password Policy%-C.
  3626. [03/20/12 07:49:45.545]:Active Directory PT: Applying to init-params #1.
  3627. [03/20/12 07:49:45.545]:Active Directory PT: Evaluating selection criteria for rule 'On User add, provide default password of @Dirxml1 if no password exists'.
  3628. [03/20/12 07:49:45.546]:Active Directory PT: (if-operation equal "add") = FALSE.
  3629. [03/20/12 07:49:45.546]:Active Directory PT: Rule rejected.
  3630. [03/20/12 07:49:45.546]:Active Directory PT:Policy returned:
  3631. [03/20/12 07:49:45.546]:Active Directory PT:
  3632. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3633. <input>
  3634. <init-params event-id="write state">
  3635. <publisher-state>
  3636. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3637. </publisher-state>
  3638. </init-params>
  3639. </input>
  3640. </nds>
  3641. [03/20/12 07:49:45.547]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Check Password GCV%-C.
  3642. [03/20/12 07:49:45.547]:Active Directory PT: Applying to init-params #1.
  3643. [03/20/12 07:49:45.547]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to Identity Manager data store when adding a object'.
  3644. [03/20/12 07:49:45.547]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  3645. [03/20/12 07:49:45.547]:Active Directory PT: Rule rejected.
  3646. [03/20/12 07:49:45.547]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the Identity Manager data store'.
  3647. [03/20/12 07:49:45.548]:Active Directory PT: (if-global-variable 'enable-password-publish' equal "false") = FALSE.
  3648. [03/20/12 07:49:45.548]:Active Directory PT: Rule rejected.
  3649. [03/20/12 07:49:45.548]:Active Directory PT:Policy returned:
  3650. [03/20/12 07:49:45.548]:Active Directory PT:
  3651. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3652. <input>
  3653. <init-params event-id="write state">
  3654. <publisher-state>
  3655. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3656. </publisher-state>
  3657. </init-params>
  3658. </input>
  3659. </nds>
  3660. [03/20/12 07:49:45.549]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish Distribution Password%-C.
  3661. [03/20/12 07:49:45.549]:Active Directory PT: Applying to init-params #1.
  3662. [03/20/12 07:49:45.549]:Active Directory PT: Evaluating selection criteria for rule 'Add nspmDistributionAttribute attribute to add operation'.
  3663. [03/20/12 07:49:45.549]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  3664. [03/20/12 07:49:45.549]:Active Directory PT: Rule rejected.
  3665. [03/20/12 07:49:45.550]:Active Directory PT: Evaluating selection criteria for rule 'Change modify-password operations to a modify'.
  3666. [03/20/12 07:49:45.550]:Active Directory PT: (if-global-variable 'publish-password-to-dp' equal "true") = FALSE.
  3667. [03/20/12 07:49:45.550]:Active Directory PT: Rule rejected.
  3668. [03/20/12 07:49:45.550]:Active Directory PT:Policy returned:
  3669. [03/20/12 07:49:45.550]:Active Directory PT:
  3670. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3671. <input>
  3672. <init-params event-id="write state">
  3673. <publisher-state>
  3674. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3675. </publisher-state>
  3676. </init-params>
  3677. </input>
  3678. </nds>
  3679. [03/20/12 07:49:45.551]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Publish NDS Password%-C.
  3680. [03/20/12 07:49:45.551]:Active Directory PT: Applying to init-params #1.
  3681. [03/20/12 07:49:45.551]:Active Directory PT: Evaluating selection criteria for rule 'Block publishing passwords to NDS password'.
  3682. [03/20/12 07:49:45.551]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  3683. [03/20/12 07:49:45.551]:Active Directory PT: Rule rejected.
  3684. [03/20/12 07:49:45.551]:Active Directory PT: Evaluating selection criteria for rule 'Block sending modify-password changes to the NDS password'.
  3685. [03/20/12 07:49:45.552]:Active Directory PT: (if-global-variable 'publish-password-to-nds' equal "false") = FALSE.
  3686. [03/20/12 07:49:45.552]:Active Directory PT: Rule rejected.
  3687. [03/20/12 07:49:45.552]:Active Directory PT:Policy returned:
  3688. [03/20/12 07:49:45.552]:Active Directory PT:
  3689. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3690. <input>
  3691. <init-params event-id="write state">
  3692. <publisher-state>
  3693. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3694. </publisher-state>
  3695. </init-params>
  3696. </input>
  3697. </nds>
  3698. [03/20/12 07:49:45.553]:Active Directory PT:Applying policy: %+C%14CPassword(Pub)-Add Password Payload%-C.
  3699. [03/20/12 07:49:45.553]:Active Directory PT: Applying to init-params #1.
  3700. [03/20/12 07:49:45.553]:Active Directory PT: Evaluating selection criteria for rule 'Add operation-data element to password operations'.
  3701. [03/20/12 07:49:45.553]:Active Directory PT: (if-operation equal "add") = FALSE.
  3702. [03/20/12 07:49:45.553]:Active Directory PT: (if-operation equal "add") = FALSE.
  3703. [03/20/12 07:49:45.553]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  3704. [03/20/12 07:49:45.554]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3705. [03/20/12 07:49:45.554]:Active Directory PT: Rule rejected.
  3706. [03/20/12 07:49:45.554]:Active Directory PT: Evaluating selection criteria for rule 'Add payload data to password operations'.
  3707. [03/20/12 07:49:45.554]:Active Directory PT: (if-operation equal "addPayloadToPassword") = FALSE.
  3708. [03/20/12 07:49:45.554]:Active Directory PT: (if-operation equal "add") = FALSE.
  3709. [03/20/12 07:49:45.554]:Active Directory PT: (if-operation equal "modify-password") = FALSE.
  3710. [03/20/12 07:49:45.554]:Active Directory PT: (if-operation equal "modify") = FALSE.
  3711. [03/20/12 07:49:45.555]:Active Directory PT: Rule rejected.
  3712. [03/20/12 07:49:45.555]:Active Directory PT:Policy returned:
  3713. [03/20/12 07:49:45.555]:Active Directory PT:
  3714. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3715. <input>
  3716. <init-params event-id="write state">
  3717. <publisher-state>
  3718. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3719. </publisher-state>
  3720. </init-params>
  3721. </input>
  3722. </nds>
  3723. [03/20/12 07:49:45.555]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-WriteAccountsOnAdds-pub-ctp-V1%-C.
  3724. [03/20/12 07:49:45.556]:Active Directory PT: Applying to init-params #1.
  3725. [03/20/12 07:49:45.556]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard policy if disabled'.
  3726. [03/20/12 07:49:45.556]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3727. [03/20/12 07:49:45.556]:Active Directory PT: Rule rejected.
  3728. [03/20/12 07:49:45.556]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - on add operation add Dirxml-Accounts'.
  3729. [03/20/12 07:49:45.556]:Active Directory PT: (if-operation equal "add") = FALSE.
  3730. [03/20/12 07:49:45.556]:Active Directory PT: Rule rejected.
  3731. [03/20/12 07:49:45.557]:Active Directory PT:Policy returned:
  3732. [03/20/12 07:49:45.557]:Active Directory PT:
  3733. <nds dtdversion="3.5" ndsversion="8.x" remote-interface="yes">
  3734. <input>
  3735. <init-params event-id="write state">
  3736. <publisher-state>
  3737. <cookie>TVNEUwMAAABUOC2qBQbNAQAAAAAAAAAAKAAAAMUhAQAAAAAAAAAAAAAAAADFIQEAAAAAADClPYtvg2hIghkEdsjobxgBAAAAAAAAAAEAAAAAAAAAMKU9i2+DaEiCGQR2yOhvGMUhAQAAAAAA</cookie>
  3738. </publisher-state>
  3739. </init-params>
  3740. </input>
  3741. </nds>
  3742. [03/20/12 07:49:45.557]:Active Directory PT:Filtering out notification-only attributes.
  3743. [03/20/12 07:49:45.558]:Active Directory PT:Pumping XDS to eDirectory.
  3744. [03/20/12 07:49:45.558]:Active Directory PT:
  3745. DirXML Log Event -------------------
  3746. Driver: \EDIR2ADLAB\fdny\AD-TEST\Active Directory
  3747. Channel: Publisher
  3748. Status: Success
  3749. [03/20/12 07:49:45.558]:Active Directory PT:Fixing up association references.
  3750. [03/20/12 07:49:45.558]:Active Directory PT:Applying schema mapping policies to output.
  3751. [03/20/12 07:49:45.558]:Active Directory PT:Applying policy: %+C%14Csmp%-C.
  3752. [03/20/12 07:49:45.559]:Active Directory PT:Applying output transformation policies.
  3753. [03/20/12 07:49:45.559]:Active Directory PT:Applying policy: %+C%14Cotp%-C.
  3754. [03/20/12 07:49:45.559]:Active Directory PT: Applying to status #1.
  3755. [03/20/12 07:49:45.559]:Active Directory PT: Evaluating selection criteria for rule 'Street Address: Convert LF to CR-LF'.
  3756. [03/20/12 07:49:45.559]:Active Directory PT: Rule selected.
  3757. [03/20/12 07:49:45.559]:Active Directory PT: Applying rule 'Street Address: Convert LF to CR-LF'.
  3758. [03/20/12 07:49:45.559]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("[^\r]\n","\r\n",token-local-variable("current-value"))).
  3759. [03/20/12 07:49:45.560]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Active Directory form'.
  3760. [03/20/12 07:49:45.560]:Active Directory PT: Rule selected.
  3761. [03/20/12 07:49:45.560]:Active Directory PT: Applying rule 'logonHours: Convert to Active Directory form'.
  3762. [03/20/12 07:49:45.560]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2ADLenient($current-value)")).
  3763. [03/20/12 07:49:45.560]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Active Directory form'.
  3764. [03/20/12 07:49:45.561]:Active Directory PT: (if-op-attr 'accountExpires' changing) = FALSE.
  3765. [03/20/12 07:49:45.561]:Active Directory PT: Rule rejected.
  3766. [03/20/12 07:49:45.561]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Active Directory form'.
  3767. [03/20/12 07:49:45.561]:Active Directory PT: Rule selected.
  3768. [03/20/12 07:49:45.561]:Active Directory PT: Applying rule 'lockoutTime: Convert to Active Directory form'.
  3769. [03/20/12 07:49:45.561]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateEpoch2FileTime($current-value)")).
  3770. [03/20/12 07:49:45.562]:Active Directory PT: Evaluating selection criteria for rule 'Add: User - convert multi-valued Telephone to single value'.
  3771. [03/20/12 07:49:45.562]:Active Directory PT: (if-operation equal "add") = FALSE.
  3772. [03/20/12 07:49:45.562]:Active Directory PT: Rule rejected.
  3773. [03/20/12 07:49:45.562]:Active Directory PT: Evaluating selection criteria for rule 'update Active Directory logon name'.
  3774. [03/20/12 07:49:45.562]:Active Directory PT: (if-xpath true "self::status[@level = 'success']/operation-data/windows-2000-logon-name") = FALSE.
  3775. [03/20/12 07:49:45.563]:Active Directory PT: Rule rejected.
  3776. [03/20/12 07:49:45.563]:Active Directory PT: Evaluating selection criteria for rule 'Exchange: Remove HomeMDB when disabled'.
  3777. [03/20/12 07:49:45.563]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "disabled") = TRUE.
  3778. [03/20/12 07:49:45.563]:Active Directory PT: Rule selected.
  3779. [03/20/12 07:49:45.563]:Active Directory PT: Applying rule 'Exchange: Remove HomeMDB when disabled'.
  3780. [03/20/12 07:49:45.563]:Active Directory PT: Action: do-strip-op-attr("homeMDB").
  3781. [03/20/12 07:49:45.563]:Active Directory PT: Applying to status #2.
  3782. [03/20/12 07:49:45.564]:Active Directory PT: Evaluating selection criteria for rule 'Street Address: Convert LF to CR-LF'.
  3783. [03/20/12 07:49:45.564]:Active Directory PT: Rule selected.
  3784. [03/20/12 07:49:45.564]:Active Directory PT: Applying rule 'Street Address: Convert LF to CR-LF'.
  3785. [03/20/12 07:49:45.564]:Active Directory PT: Action: do-reformat-op-attr("streetAddress",token-replace-all("[^\r]\n","\r\n",token-local-variable("current-value"))).
  3786. [03/20/12 07:49:45.564]:Active Directory PT: Evaluating selection criteria for rule 'logonHours: Convert to Active Directory form'.
  3787. [03/20/12 07:49:45.564]:Active Directory PT: Rule selected.
  3788. [03/20/12 07:49:45.565]:Active Directory PT: Applying rule 'logonHours: Convert to Active Directory form'.
  3789. [03/20/12 07:49:45.565]:Active Directory PT: Action: do-reformat-op-attr("logonHours",token-xpath("jadutil:translateTimeMap2ADLenient($current-value)")).
  3790. [03/20/12 07:49:45.565]:Active Directory PT: Evaluating selection criteria for rule 'accountExpires: Convert to Active Directory form'.
  3791. [03/20/12 07:49:45.565]:Active Directory PT: (if-op-attr 'accountExpires' changing) = FALSE.
  3792. [03/20/12 07:49:45.565]:Active Directory PT: Rule rejected.
  3793. [03/20/12 07:49:45.566]:Active Directory PT: Evaluating selection criteria for rule 'lockoutTime: Convert to Active Directory form'.
  3794. [03/20/12 07:49:45.566]:Active Directory PT: Rule selected.
  3795. [03/20/12 07:49:45.566]:Active Directory PT: Applying rule 'lockoutTime: Convert to Active Directory form'.
  3796. [03/20/12 07:49:45.566]:Active Directory PT: Action: do-reformat-op-attr("lockoutTime",token-xpath("jadutil:translateEpoch2FileTime($current-value)")).
  3797. [03/20/12 07:49:45.566]:Active Directory PT: Evaluating selection criteria for rule 'Add: User - convert multi-valued Telephone to single value'.
  3798. [03/20/12 07:49:45.566]:Active Directory PT: (if-operation equal "add") = FALSE.
  3799. [03/20/12 07:49:45.567]:Active Directory PT: Rule rejected.
  3800. [03/20/12 07:49:45.567]:Active Directory PT: Evaluating selection criteria for rule 'update Active Directory logon name'.
  3801. [03/20/12 07:49:45.567]:Active Directory PT: (if-xpath true "self::status[@level = 'success']/operation-data/windows-2000-logon-name") = FALSE.
  3802. [03/20/12 07:49:45.567]:Active Directory PT: Rule rejected.
  3803. [03/20/12 07:49:45.567]:Active Directory PT: Evaluating selection criteria for rule 'Exchange: Remove HomeMDB when disabled'.
  3804. [03/20/12 07:49:45.567]:Active Directory PT: (if-global-variable 'drv.exchMailboxMethod' equal "disabled") = TRUE.
  3805. [03/20/12 07:49:45.568]:Active Directory PT: Rule selected.
  3806. [03/20/12 07:49:45.568]:Active Directory PT: Applying rule 'Exchange: Remove HomeMDB when disabled'.
  3807. [03/20/12 07:49:45.568]:Active Directory PT: Action: do-strip-op-attr("homeMDB").
  3808. [03/20/12 07:49:45.568]:Active Directory PT:Policy returned:
  3809. [03/20/12 07:49:45.568]:Active Directory PT:
  3810. <nds dtdversion="3.5" ndsversion="8.x">
  3811. <source>
  3812. <product version="3.6.10.4747">DirXML</product>
  3813. <contact>Novell, Inc.</contact>
  3814. </source>
  3815. <output>
  3816. <status event-id="report status" level="success"></status>
  3817. <status event-id="write state" level="success"><application>DirXML</application>
  3818. <module>Active Directory</module>
  3819. <object-dn></object-dn>
  3820. <component>Publisher</component>
  3821. </status>
  3822. </output>
  3823. </nds>
  3824. [03/20/12 07:49:45.569]:Active Directory PT:Applying policy: %+C%14CPassword(Sub)-Pub Email Notifications%-C.
  3825. [03/20/12 07:49:45.569]:Active Directory PT: Applying to status #1.
  3826. [03/20/12 07:49:45.569]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail for a failed publish password operation'.
  3827. [03/20/12 07:49:45.569]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  3828. [03/20/12 07:49:45.570]:Active Directory PT: (if-operation equal "status") = TRUE.
  3829. [03/20/12 07:49:45.570]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-publish-status") = FALSE.
  3830. [03/20/12 07:49:45.570]:Active Directory PT: Rule rejected.
  3831. [03/20/12 07:49:45.570]:Active Directory PT: Applying to status #2.
  3832. [03/20/12 07:49:45.570]:Active Directory PT: Evaluating selection criteria for rule 'Send e-mail for a failed publish password operation'.
  3833. [03/20/12 07:49:45.570]:Active Directory PT: (if-global-variable 'notify-user-on-password-dist-failure' equal "true") = TRUE.
  3834. [03/20/12 07:49:45.571]:Active Directory PT: (if-operation equal "status") = TRUE.
  3835. [03/20/12 07:49:45.571]:Active Directory PT: (if-xpath true "self::status[@level != 'success']/operation-data/password-publish-status") = FALSE.
  3836. [03/20/12 07:49:45.571]:Active Directory PT: Rule rejected.
  3837. [03/20/12 07:49:45.571]:Active Directory PT:Policy returned:
  3838. [03/20/12 07:49:45.572]:Active Directory PT:
  3839. <nds dtdversion="3.5" ndsversion="8.x">
  3840. <source>
  3841. <product version="3.6.10.4747">DirXML</product>
  3842. <contact>Novell, Inc.</contact>
  3843. </source>
  3844. <output>
  3845. <status event-id="report status" level="success"></status>
  3846. <status event-id="write state" level="success"><application>DirXML</application>
  3847. <module>Active Directory</module>
  3848. <object-dn></object-dn>
  3849. <component>Publisher</component>
  3850. </status>
  3851. </output>
  3852. </nds>
  3853. [03/20/12 07:49:45.573]:Active Directory PT:Applying policy: %+C%14Clib-CredProv-ConvertPayload-otp-V1%-C.
  3854. [03/20/12 07:49:45.573]:Active Directory PT: Applying to status #1.
  3855. [03/20/12 07:49:45.573]:Active Directory PT: Evaluating selection criteria for rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  3856. [03/20/12 07:49:45.573]:Active Directory PT: Rule selected.
  3857. [03/20/12 07:49:45.573]:Active Directory PT: Applying rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  3858. [03/20/12 07:49:45.574]:Active Directory PT: Action: do-if().
  3859. [03/20/12 07:49:45.574]:Active Directory PT: Evaluating conditions.
  3860. [03/20/12 07:49:45.574]:Active Directory PT: (if-global-variable 'credprov.enable' not-equal "true") = TRUE.
  3861. [03/20/12 07:49:45.574]:Active Directory PT: Performing if actions.
  3862. [03/20/12 07:49:45.574]:Active Directory PT: Action: do-break().
  3863. [03/20/12 07:49:45.574]:Active Directory PT: Applying to status #2.
  3864. [03/20/12 07:49:45.574]:Active Directory PT: Evaluating selection criteria for rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  3865. [03/20/12 07:49:45.575]:Active Directory PT: Rule selected.
  3866. [03/20/12 07:49:45.575]:Active Directory PT: Applying rule 'Is credential provisioning enabled? Are there any custom payloads?'.
  3867. [03/20/12 07:49:45.575]:Active Directory PT: Action: do-if().
  3868. [03/20/12 07:49:45.575]:Active Directory PT: Evaluating conditions.
  3869. [03/20/12 07:49:45.575]:Active Directory PT: (if-global-variable 'credprov.enable' not-equal "true") = TRUE.
  3870. [03/20/12 07:49:45.575]:Active Directory PT: Performing if actions.
  3871. [03/20/12 07:49:45.575]:Active Directory PT: Action: do-break().
  3872. [03/20/12 07:49:45.576]:Active Directory PT:Policy returned:
  3873. [03/20/12 07:49:45.576]:Active Directory PT:
  3874. <nds dtdversion="3.5" ndsversion="8.x">
  3875. <source>
  3876. <product version="3.6.10.4747">DirXML</product>
  3877. <contact>Novell, Inc.</contact>
  3878. </source>
  3879. <output>
  3880. <status event-id="report status" level="success"></status>
  3881. <status event-id="write state" level="success"><application>DirXML</application>
  3882. <module>Active Directory</module>
  3883. <object-dn></object-dn>
  3884. <component>Publisher</component>
  3885. </status>
  3886. </output>
  3887. </nds>
  3888. [03/20/12 07:49:45.576]:Active Directory PT:Applying policy: %+C%14Clib-AccountTracking-Subscribe-otp-V1%-C.
  3889. [03/20/12 07:49:45.577]:Active Directory PT: Applying to status #1.
  3890. [03/20/12 07:49:45.577]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  3891. [03/20/12 07:49:45.577]:Active Directory PT: Rule selected.
  3892. [03/20/12 07:49:45.577]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  3893. [03/20/12 07:49:45.577]:Active Directory PT: Action: do-if().
  3894. [03/20/12 07:49:45.577]:Active Directory PT: Evaluating conditions.
  3895. [03/20/12 07:49:45.578]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3896. [03/20/12 07:49:45.578]:Active Directory PT: Performing else actions.
  3897. [03/20/12 07:49:45.578]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.objectClass"))).
  3898. [03/20/12 07:49:45.578]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.objectClass"))
  3899. [03/20/12 07:49:45.578]:Active Directory PT: token-global-variable("drv.acctTrk.objectClass")
  3900. [03/20/12 07:49:45.578]:Active Directory PT: Token Value: {"user"}.
  3901. [03/20/12 07:49:45.578]:Active Directory PT: Arg Value: {"user"}.
  3902. [03/20/12 07:49:45.579]:Active Directory PT: Performing actions for local-variable(current-node) = "user".
  3903. [03/20/12 07:49:45.579]:Active Directory PT: Action: do-if().
  3904. [03/20/12 07:49:45.579]:Active Directory PT: Evaluating conditions.
  3905. [03/20/12 07:49:45.579]:Active Directory PT: (if-class-name equal "$current-node$") = FALSE.
  3906. [03/20/12 07:49:45.579]:Active Directory PT: Performing else actions.
  3907. [03/20/12 07:49:45.579]:Active Directory PT: Action: do-if().
  3908. [03/20/12 07:49:45.579]:Active Directory PT: Evaluating conditions.
  3909. [03/20/12 07:49:45.580]:Active Directory PT: (if-local-variable 'pass' not-available) = TRUE.
  3910. [03/20/12 07:49:45.580]:Active Directory PT: Performing if actions.
  3911. [03/20/12 07:49:45.580]:Active Directory PT: Action: do-break().
  3912. [03/20/12 07:49:45.580]:Active Directory PT: Applying to status #2.
  3913. [03/20/12 07:49:45.580]:Active Directory PT: Evaluating selection criteria for rule 'AccountTracking - disregard if disabled or wrong object class'.
  3914. [03/20/12 07:49:45.580]:Active Directory PT: Rule selected.
  3915. [03/20/12 07:49:45.580]:Active Directory PT: Applying rule 'AccountTracking - disregard if disabled or wrong object class'.
  3916. [03/20/12 07:49:45.581]:Active Directory PT: Action: do-if().
  3917. [03/20/12 07:49:45.581]:Active Directory PT: Evaluating conditions.
  3918. [03/20/12 07:49:45.581]:Active Directory PT: (if-global-variable 'drv.acctTrk.enable' not-equal "true") = FALSE.
  3919. [03/20/12 07:49:45.581]:Active Directory PT: Performing else actions.
  3920. [03/20/12 07:49:45.581]:Active Directory PT: Action: do-for-each(arg-node-set(token-global-variable("drv.acctTrk.objectClass"))).
  3921. [03/20/12 07:49:45.581]:Active Directory PT: arg-node-set(token-global-variable("drv.acctTrk.objectClass"))
  3922. [03/20/12 07:49:45.582]:Active Directory PT: token-global-variable("drv.acctTrk.objectClass")
  3923. [03/20/12 07:49:45.582]:Active Directory PT: Token Value: {"user"}.
  3924. [03/20/12 07:49:45.582]:Active Directory PT: Arg Value: {"user"}.
  3925. [03/20/12 07:49:45.582]:Active Directory PT: Performing actions for local-variable(current-node) = "user".
  3926. [03/20/12 07:49:45.582]:Active Directory PT: Action: do-if().
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!