Post by firstname.lastname@example.org
I was hoping for a bit of guidance on how to successfully insert an erRole into a user with existing erRoles in ISIM via SDI.
I found this (http://www.pathmaker-group.com/category/ibm-tivoli-directory-integrator/) Which explains how to use For-Each Attribute to lookup users with multi value attributes for erRoles and store as a local variable. I followed the steps to the T and believe this is setup correctly.
I am finding trouble trying to successfully pass this local variable with multi valued erRoles back to the ISIM LDAP. It seems it wants to overwrite my values and insert the new erRole.
Any advice, or if any of you know an easier way to accomplish this would be so much appreciated! This is driving me literally insane! >0
That Pathfinder link is looking up existing roles and then writing to a report file as it iterates (using the for-each loop) through each role. That example is not storing each role through the iteration.
You need to store the existing roles in a new work attribute within the for-each loop - like so (I normally do this in a separate SDI script node):
After that you add the new role(s) using the code above - using the name of the new role you want to add.
In your output connector to ISIM you simply map the work attribute "roles" to "erroles".
I assume that you are using the correct SDI connector when you want to send the work entry through to ISIM - using the JNDI connector refereincing the ISIM event handler. You need to do this to ensure that the provisioning policies/workflows are executed based on the role changes when you send an update to ISIM.
I hope this helps.