Sample 2: linkusers.cfg

<?xml version =”1.0” encoding=”UTF-8”?\>
<!--

    Copyright 2004 Sun Microsystems, Inc.
    All rights reserved
    Use is subject to license terms.
--\>
<!--
    This xml file is used to link Windows
    and Sun Directory Server users from
    the command line.  It is passed to the 
    \qidsync resync\q script as the -f option.
--\>
<!--
    The following parameters allowLinkingOutOfScope:
    if true, then Windows users can be
    linked to Sun Directory Server users
    that are outside of the users\q Synchronization
    User List. Default is false.
--\>
<UserLinkingOperationList allowLinkingOutOfScope="false"\>


<!--
    UserLinkingOperation encapsulates the configuration
    of a single SUL to link. It includes the SUL ID
    and a list of attributes to match.
    A separate UserLinkingOperation must
    be specified for each SUL being linked.
--\>
<UserLinkingOperation parent.attr="UserLinkingOperation" sulid="SUL1"\>


<!--
    UserMatchingCriteria encapsulates a 
    list of attributes that must match for a user to be linked. --\>
<!--
    For two users to match using this UserMatchingCriteria,
    they must have the same givenName and the same sn. --\>
<UserMatchingCriteria parent.attr="UserMatchingCriteria"\> <AttributeMap parent.attr="AttributeMap"\> <AttributeDescription parent.attr="SunAttribute" name="sn"/\> <AttributeDescription parent.attr="WindowsAttribute" name="sn"/\> </AttributeMap\> <AttributeMap parent.attr="AttributeMap"\> <AttributeDescription parent.attr="SunAttribute" name="givenName"/\ <AttributeDescription parent.attr="WindowsAttribute" name="givenName"/\> </AttributeMap\></UserMatchingCriteria\>

<!--
    Multiple UserMatchingCriteria can be specified for a single SUL.
    They are treated as a logical OR.  In this example, 
    the givenName\qs and sn\qs must match (see above)) OR
    (the employee(Number|ID) must match),
    for the user to be linked.  Notice that attribute
    that is specified, employeeNumber,
    is the name of the DS attribute. --\>
<!--
    This UserMatchingCriteria is commented out because
    employeeNumber is not an indexed attribute in DS.
    All attributes used in a UserMatchingCriteria
     should be indexed.
    <UserMatchingCriteria parent.attr="UserMatchingCriteria"\>
      <AttributeMap parent.attr="AttributeMap"\>
         <AttributeDescription parent.attr=
         "SunAttribute" name="employeeNumber"/\>
           <AttributeDescription parent.attr=
           "WindowsAttribute" name="employeeID"/\>
       </AttributeMap\>
    </UserMatchingCriteria\>
--\>
</UserLinkingOperation\>
<!--
    When multiple SULs are linked, a separate UserLinkingOperation 
    is specified for each.
    As shown here, each UserLinkingOperation can use different
    UserMatchingCriteria: in this example, users in SUL2 are
    only linked if their sn and employeeNumber match.
    Note: this UserLinkingOperation is currently 
    commented out because the example configuration
    only has a single SUL.
  <UserLinkingOperation parent.attr="UserLinkingOperation" sulid="SUL2"\>
    <UserMatchingCriteria parent.attr="UserMatchingCriteria"\>
      <AttributeMap parent.attr="AttributeMap"\>
          <AttributeDescription parent.attr="SunAttribute" name="sn"/\>
          <AttributeDescription parent.attr="WindowsAttribute" name="sn"/\>
       </AttributeMap\>
          <AttributeMap parent.attr="AttributeMap"\>
            <AttributeDescription parent.attr=
            "SunAttribute" name="employeeNumber"/\>
             <AttributeDescription parent.attr=
             "WindowsAttribute" name="employeeID"/\>
       </AttributeMap\>
    </UserMatchingCriteria\>
</UserLinkingOperation\>
--\>
</UserLinkingOperationList\>