API tools faq
paste
Advertisement
6423241

LoopbackDriver_20180131

6423241
Jan 31st, 2018
220
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.69 KB | None | 0 0
raw download clone embed print report
  1. <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE policy PUBLIC "policy-builder-dtd" "C:\netiq\idm\apps\Designer\plugins\com.novell.idm.policybuilder_4.0.0.201711091732\DTD\dirxmlscript4.0.2.dtd"><policy xmlns:es="http://www.novell.com/nxsl/ecmascript">
  2. <rule>
  3. <description>Find Expired Guest Users</description>
  4. <comment xml:space="preserve">This is to find expired guest accounts</comment>
  5. <comment name="author" xml:space="preserve">CNM</comment>
  6. <conditions>
  7. <and>
  8. <if-operation mode="nocase" op="equal">trigger</if-operation>
  9. <if-xml-attr mode="nocase" name="source" op="equal">FindExpiredGuests</if-xml-attr>
  10. </and>
  11. </conditions>
  12. <actions>
  13. <do-trace-message level="3">
  14. <arg-string>
  15. <token-text xml:space="preserve">Now executing 'Find Expired Guests' code</token-text>
  16. </arg-string>
  17. </do-trace-message>
  18. <do-set-local-variable disabled="true" name="lv-now" scope="policy">
  19. <arg-string>
  20. <token-time format="!CTIME" tz="UTC"/>
  21. </arg-string>
  22. </do-set-local-variable>
  23. <do-set-local-variable name="listOfExpiredGuests" scope="policy">
  24. <arg-node-set>
  25. <token-query class-name="User" datastore="src" max-result-count="150000">
  26. <arg-dn>
  27. <token-global-variable name="idv.dit.data.users"/>
  28. </arg-dn>
  29. <arg-match-attr name="OSUaffiliationList">
  30. <arg-value type="string">
  31. <token-text xml:space="preserve">Guest</token-text>
  32. </arg-value>
  33. </arg-match-attr>
  34. </token-query>
  35. </arg-node-set>
  36. </do-set-local-variable>
  37. <do-append-xml-element expression="." name="ExpiredGuests"/>
  38. <do-set-local-variable name="ldap-filter" scope="policy">
  39. <arg-string>
  40. <token-text xml:space="preserve">(&amp;(OSUaffiliationList=Guest)(OSUguestExpires>=</token-text>
  41. <token-convert-time dest-format="YYYYMMdd000000'Z'" src-format="!CTIME" src-tz="UTC">
  42. <token-time format="!CTIME" tz="UTC"/>
  43. </token-convert-time>
  44. <token-text xml:space="preserve">)(OSUguestExpires&lt;=</token-text>
  45. <token-convert-time dest-format="YYYYMMdd235959'Z'" src-format="!CTIME" src-tz="UTC">
  46. <token-time format="!CTIME" tz="UTC"/>
  47. </token-convert-time>
  48. <token-text xml:space="preserve">))</token-text>
  49. </arg-string>
  50. </do-set-local-variable>
  51. <do-clone-xpath dest-expression="ExpiredGuests" disabled="true" src-expression="es:ldapSearch('~NOVLLIBLDAP.host~','~NOVLLIBLDAP.port~','~NOVLLIBLDAP.user~','~NOVLLIBLDAP.password~','~NOVLLIBLDAP.base~','~NOVLLIBLDAP.scope~',$ldap-filter,'cn')"/>
  52. <do-clone-xpath dest-expression="ExpiredGuests" src-expression="es:ldapSearchWithTLS('~NOVLLIBLDAP.host~','~NOVLLIBLDAP.port~','~NOVLLIBLDAP.user~','~NOVLLIBLDAP.password~','~NOVLLIBLDAP.base~','~NOVLLIBLDAP.scope~','~NOVLLIBLDAP.keystore~',$ldap-filter,'cn')"/>
  53. <do-for-each>
  54. <arg-node-set>
  55. <token-xpath expression="*/instance"/>
  56. </arg-node-set>
  57. <arg-actions>
  58. <do-set-local-variable name="userDN" scope="policy">
  59. <arg-string>
  60. <token-xpath expression="$current-node/@src-dn"/>
  61. </arg-string>
  62. </do-set-local-variable>
  63. <do-set-local-variable name="lv-CN" scope="policy">
  64. <arg-string>
  65. <token-parse-dn dest-dn-format="dot" length="-1" src-dn-format="ldap" start="-1">
  66. <token-local-variable name="userDN"/>
  67. </token-parse-dn>
  68. </arg-string>
  69. </do-set-local-variable>
  70. <do-trace-message level="3">
  71. <arg-string>
  72. <token-text xml:space="preserve">user account </token-text>
  73. <token-local-variable name="lv-CN"/>
  74. <token-text xml:space="preserve">flagged inactive (userStatus attribute = 0).</token-text>
  75. </arg-string>
  76. </do-trace-message>
  77. <do-set-src-attr-value class-name="User" name="userStatus">
  78. <arg-dn>
  79. <token-text xml:space="preserve">\IDMTEST1\osumc\users\</token-text>
  80. <token-local-variable name="lv-CN"/>
  81. </arg-dn>
  82. <arg-value type="string">
  83. <token-text xml:space="preserve">0</token-text>
  84. </arg-value>
  85. </do-set-src-attr-value>
  86. <do-add-src-attr-value class-name="User" name="IWS:User Comment">
  87. <arg-dn>
  88. <token-text xml:space="preserve">\IDMTEST1\osumc\users\</token-text>
  89. <token-local-variable name="lv-CN"/>
  90. </arg-dn>
  91. <arg-value type="string">
  92. <token-text xml:space="preserve">Account entered inactive status on </token-text>
  93. <token-time format="!MEDIUM.DATETIME"/>
  94. </arg-value>
  95. </do-add-src-attr-value>
  96. </arg-actions>
  97. </do-for-each>
  98. </actions>
  99. </rule>
  100. <rule>
  101. <description>Veto All</description>
  102. <conditions>
  103. <and/>
  104. </conditions>
  105. <actions>
  106. <do-veto/>
  107. </actions>
  108. </rule>
  109. </policy>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!