Sun Identity Manager 8.1 Business Administrator's Guide

Assigning Users to Organizations

Each user is a static member of one organization, and can be a dynamic member of more than one organization.

You define organizational memberships using either of the following methods:

Note –

For more information about creating and working with rules in Identity Manager, see Chapter 5, Working with Rules, in Sun Identity Manager Deployment Reference.

Select a User Members Rule from the User Members Rule menu on the Create Organization page. The following figure shows an example User Members Rule.

Figure showing the Create Organization: User Members
Rule Selections.

The following example illustrates the syntax for a sample User Members Rule used to dynamically control an organization’s user membership.

Note –

Before creating a User Members Rule, you should be aware of the following:

Example 6–1 Sample User Members Rule

<Rule name=’Get Team Players’ authType=’UserMembersRule’>
  <defvar name=’Team players’>
      <defvar name=’player names’>
  <dolist name=’users’>
    <invoke class=’com.waveset.ui.FormUtil’ name=’getResourceObjects’>
        <s>OU=Pro Ball Team,DC=dev-ad,DC=waveset,DC=com</s>
    <append name=’player names’> 
    <ref>player names</ref>
    <ref>Team players</ref>

Note –

You can configure several properties in Waveset. properties to control the rule-driven User Members list cache, which can affect memory and performance. For information, see Tracing Rule-Driven Members Caches in Sun Identity Manager 8.1 System Administrator’s Guide.