PX-100.01 Enforce AD Groups and Attributes true AD Policies PX-100.01 Enforce AD Groups and Attributes for account creations, transfers and terminations. false 100 SUBMITTED_TASK false PolicyXpress SUBMITTED_TASK TASK_COMPLETED MoveADAccount SUBMITTED_TASK TASK_COMPLETED CreateADAccount ]]> get userprincipalname element.type.sql.query.data element.execute.prepared.statement.get 11 {'JDBC'} select DISTINCT OFFICE from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' loginscript element.type.sql.query.data element.execute.prepared.statement.get 12 {'JDBC'} select DISTINCT LOGIN_SCRIPT from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' homedirectoryletter element.type.sql.query.data element.execute.prepared.statement.get 13 {'JDBC'} select DISTINCT DRIVER_LETTER from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' homedirectory element.type.sql.query.data element.execute.prepared.statement.get 14 {'JDBC'} select DISTINCT HOME_SHARE from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' profilepath element.type.sql.query.data element.execute.prepared.statement.get 15 {'JDBC'} select DISTINCT PROFILE_PATH from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' Get group1new element.type.sql.query.data element.execute.prepared.statement.get 16 {'JDBC'} select DISTINCT GROUP1 from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' Get group2new element.type.sql.query.data element.execute.prepared.statement.get 17 {'JDBC'} select DISTINCT GROUP2 from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' Get group3new element.type.sql.query.data element.execute.prepared.statement.get 18 {'JDBC'} select DISTINCT GROUP3 from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' Get group4new element.type.sql.query.data element.execute.prepared.statement.get 19 {'JDBC'} select DISTINCT GROUP4 from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' Get group5new element.type.sql.query.data element.execute.prepared.statement.get 20 {'JDBC'} select DISTINCT GROUP5 from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' \\ element.type.constant element.constant.get 23 \\ \ element.type.constant element.constant.get 24 \ FinalHomeDirectory element.type.variable.value element.variable.get 25 FinalHomeDirectory FinalLoginScript element.type.variable.value element.variable.get 26 FinalLoginScript cn element.type.constant element.constant.get 27 cn= ou element.type.constant element.constant.get 28 ou= NativeGroup element.type.constant element.constant.get 29 NativeGroup= Container_ADSOrgUnit element.type.constant element.constant.get 30 Container_ADSOrgUnit= Replace cn in group1new element.type.string.parser element.string.manipulation.replace.all 31 {'Get group1new'} {'cn'} {'NativeGroup'} Final replaced string cn ou in group1new element.type.string.parser element.string.manipulation.replace.all 32 {'Replace cn in group1new'} {'ou'} {'Container_ADSOrgUnit'} Replace cn in group2new element.type.string.parser element.string.manipulation.replace.all 33 {'Get group2new'} {'cn'} {'NativeGroup'} FinalTerminalPath element.type.variable.value element.variable.get 75 FinalTerminalPath Group5new Final string element.type.string.parser element.string.manipulation.replace.all 68 {'Replace CN in group5new'} {'cap OU'} {'Container_ADSOrgUnit'} OfficeServer_VBscript element.type.constant element.constant.get 69 officeserver01.abc.com HomeDirectory_VBScript element.type.variable.value element.variable.get 70 HomeDirectory_VBScript homedrive element.type.variable.value element.variable.get 71 homedrive stop_variable element.type.variable.value element.variable.get 72 stop_variable Database group list to add element.type.iterator element.iterator.next.value 73 {'group1new'} {'group2new'} {'group3new'} {'group4new'} {'group5new'} Get AD group membership element.type.accounts.values.by.identifier element.accounts.attribute.get 74 ActiveDirectory {'AD Account ID'} groupMembership get terminal_letter element.type.sql.query.data element.execute.prepared.statement.get 21 {'JDBC'} select DISTINCT TERM_LETTER from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' get terminalpath element.type.sql.query.data element.execute.prepared.statement.get 22 {'JDBC'} select DISTINCT TERM_PATH from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' Final replaced string cn ou in group2new element.type.string.parser element.string.manipulation.replace.all 34 {'Replace cn in group2new'} {'ou'} {'Container_ADSOrgUnit'} Replace cn in group3new element.type.string.parser element.string.manipulation.replace.all 35 {'Get group3new'} {'cn'} {'NativeGroup'} Final replaced string cn ou in group3new element.type.string.parser element.string.manipulation.replace.all 36 {'Replace cn in group3new'} {'ou'} {'Container_ADSOrgUnit'} Replace cn in group4new element.type.string.parser element.string.manipulation.replace.all 37 {'Get group4new'} {'cn'} {'NativeGroup'} Final replaced string cn ou in group4new element.type.string.parser element.string.manipulation.replace.all 38 {'Replace cn in group4new'} {'ou'} {'Container_ADSOrgUnit'} Replace cn in group5new element.type.string.parser element.string.manipulation.replace.all 39 {'Get group5new'} {'cn'} {'NativeGroup'} Final replaced string cn ou in group5new element.type.string.parser element.string.manipulation.replace.all 40 {'Replace cn in group5new'} {'ou'} {'Container_ADSOrgUnit'} AD Account ID element.type.constant element.constant.get 43 {'domainname'}:{'parse DN'} EnforceADRedoVar element.type.variable.value element.variable.get 44 EnforceADRedoVar get landomain element.type.user.attribute element.user.attribute.get 45 landomain usercontainer element.type.variable.value element.variable.get 46 usercontainer group1new element.type.variable.value element.variable.get 47 group1new landn end Index element.type.string.searcher element.string.index.of 41 {'landn'} ,OU= parse DN element.type.string.parser element.string.manipulation.substring 42 {'landn'} 3 {'landn end Index'} landn element.type.user.attribute element.user.attribute.get 1 landn lanid element.type.user.attribute element.user.attribute.get 0 lanid idmdisabledstate element.type.user.attribute element.user.attribute.get 2 %ENABLED_STATE% domainname element.type.variable.value element.variable.get 3 domainname oldofficename element.type.variable.value element.variable.get 4 oldofficename newofficename element.type.variable.value element.variable.get 5 newofficename userlandn element.type.variable.value element.variable.get 6 userlandn nativedomainDN element.type.variable.value element.variable.get 7 nativedomainDN JDBC element.type.constant element.constant.get 8 jdbc/office Get usercontainer element.type.sql.query.data element.execute.prepared.statement.get 9 {'JDBC'} select DISTINCT USER_CONTAINER from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' and DOMAIN_ABRV='{'domainname'}' domainabbreviation element.type.sql.query.data element.execute.prepared.statement.get 10 {'JDBC'} select DISTINCT DOMAIN_ABRV from OFFICE_DEF where OFFICE_NAME='{'newofficename'}' Replace CN in group2new element.type.string.parser element.string.manipulation.replace.all 61 {'Final replaced string cn ou in group2new'} {'cap CN'} {'NativeGroup'} Group2new Final string element.type.string.parser element.string.manipulation.replace.all 62 {'Replace CN in group2new'} {'cap OU'} {'Container_ADSOrgUnit'} Group1new Final string element.type.string.parser element.string.manipulation.replace.all 60 {'Replace CN in group1new'} {'cap OU'} {'Container_ADSOrgUnit'} Replace CN in group3new element.type.string.parser element.string.manipulation.replace.all 63 {'Final replaced string cn ou in group3new'} {'cap CN'} {'NativeGroup'} Group3new Final string element.type.string.parser element.string.manipulation.replace.all 64 {'Replace CN in group3new'} {'cap OU'} {'Container_ADSOrgUnit'} Replace CN in group4new element.type.string.parser element.string.manipulation.replace.all 65 {'Final replaced string cn ou in group4new'} {'cap CN'} {'NativeGroup'} Group4new Final string element.type.string.parser element.string.manipulation.replace.all 66 {'Replace CN in group4new'} {'cap OU'} {'Container_ADSOrgUnit'} Replace CN in group5new element.type.string.parser element.string.manipulation.replace.all 67 {'Final replaced string cn ou in group5new'} {'cap CN'} {'NativeGroup'} group2new element.type.variable.value element.variable.get 48 group2new group4new element.type.variable.value element.variable.get 50 group4new group3new element.type.variable.value element.variable.get 49 group3new group5new element.type.variable.value element.variable.get 51 group5new Re-write Usercontainer value element.type.string.parser element.string.manipulation.replace.all 52 {'Get usercontainer'} ou= Get Index of : from Account ID element.type.string.searcher element.string.index.of 53 {'AD Account ID'} : Endpoint Name element.type.string.parser element.string.manipulation.substring 54 {'AD Account ID'} 0 {'Get Index of : from Account ID'} cap OU element.type.constant element.constant.get 55 OU= cap CN element.type.constant element.constant.get 56 CN= Re-write Usercontainer value 2 element.type.string.parser element.string.manipulation.replace.all 57 {'Re-write Usercontainer value'} {'cap OU'} get DN from AD account element.type.accounts.values.by.identifier element.accounts.attribute.get 58 ActiveDirectory {'AD Account ID'} distinguishedName Replace CN in group1new element.type.string.parser element.string.manipulation.replace.all 59 {'Final replaced string cn ou in group1new'} {'cap CN'} {'NativeGroup'} msds_userAccountDisabled element.type.user.attribute element.user.attribute.get 76 msds-userAccountDisabled ]]> Entry check 0 msds_userAccountDisabled NOT_EQUALS TRUE lanid NOT_EQUALS landn NOT_EQUALS ]]> Set PX variable value 0 EnforceADRedoVar EQUALS Set EnforceADRedoVar action.name.set.string.variable action.string.variable.value 0 EnforceADRedoVar test varibale value Set FinalHomeDirectory action.name.set.string.variable action.string.variable.value 1 FinalHomeDirectory {'\\'}{'homedirectory'}{'\'}{'lanid'} Set FinalTerminalPath action.name.set.string.variable action.string.variable.value 2 FinalTerminalPath {'\\'}{'get terminalpath'}{'\'}{'lanid'} Set HomeDirectory_VBScript action.name.set.string.variable action.string.variable.value 3 HomeDirectory_VBScript {'homedirectory'} Set FinalLoginScript action.name.set.string.variable action.string.variable.value 4 FinalLoginScript {'loginscript'} Set nativedomainDN action.name.set.string.variable action.string.variable.value 5 nativedomainDN ,EndPoint={'Endpoint Name'},Namespace=ActiveDirectory,Domain=im,Server=Server Set usercontainer variable action.name.set.string.variable action.string.variable.value 6 usercontainer {'Re-write Usercontainer value 2'} Set userlandn action.name.set.string.variable action.string.variable.value 7 userlandn {'landn'} set homedrive variable action.name.set.string.variable action.string.variable.value 8 homedrive {'homedirectoryletter'} clear lanoffice action.name.set.user.values action.user.attribute.remove 9 lanoffice {'oldofficename'} clear landomain action.name.set.user.values action.user.attribute.remove 10 landomain {'domainname'} Set group1new append nativedomainDN action.name.set.string.variable action.string.variable.value 11 group1new {'Group1new Final string'}{'nativedomainDN'} Set group2new append nativedomainDN action.name.set.string.variable action.string.variable.value 12 group2new {'Group2new Final string'}{'nativedomainDN'} Set group3new append nativedomainDN action.name.set.string.variable action.string.variable.value 13 group3new {'Group3new Final string'}{'nativedomainDN'} Set group4new append nativedomainDN action.name.set.string.variable action.string.variable.value 14 group4new {'Group4new Final string'}{'nativedomainDN'} Set group5new append nativedomainDN action.name.set.string.variable action.string.variable.value 15 group5new {'Group5new Final string'}{'nativedomainDN'} Redo Policy action.name.change.process.flow action.flow.change.redo.policy 16 clear landn action.name.set.user.values action.user.attribute.remove 0 landn {'landn'} SendMail action.name.send.mail action.mail.mail 1 Manager_Tech01@abc.com LAN Variables <html> <body> AD Account ID: {'AD Account ID'} <br> cap CN: {'cap CN'} <br> cap OU: {'cap OU'} <br> idmdisabledstate: {'idmdisabledstate'} <br> landn: {'landn'} <br> lanid: {'lanid'} <br> cn: {'cn'} <br> Container_ADSOrgUnit: {'Container_ADSOrgUnit'} <br> Database group list to add: {'Database group list to add'} <br> domainabbreviation: {'domainabbreviation'} <br> domainname: {'domainname'} <br> Endpoint Name: {'Endpoint Name'} <br> EnforceADRedoVar: {'EnforceADRedoVar'} <br> stop_variable: {'stop_variable'} <br> Final replaced string cn ou in group1new: {'Final replaced string cn ou in group1new'} <br> Final replaced string cn ou in group2new: {'Final replaced string cn ou in group2new'} <br> Final replaced string cn ou in group3new: {'Final replaced string cn ou in group3new'} <br> Final replaced string cn ou in group4new: {'Final replaced string cn ou in group4new'} <br> Final replaced string cn ou in group5new: {'Final replaced string cn ou in group5new'} <br> FinalHomeDirectory: {'FinalHomeDirectory'} <br> FinalLoginScript: {'FinalLoginScript'} <br> Get AD group membership: {'Get AD group membership'} <br> get landomain: {'get landomain'} <br> get DN from AD account: {'get DN from AD account'} <br> Get group1new: {'Get group1new'} <br> Get group2new: {'Get group2new'} <br> Get group3new: {'Get group3new'} <br> Get group4new: {'Get group4new'} <br> Get group5new: {'Get group5new'} <br> Get Index of : from Account ID: {'Get Index of : from Account ID'} <br> Get usercontainer: {'Get usercontainer'} <br> get userprincipalname: {'get userprincipalname'} <br> Group1new Final string: {'Group1new Final string'} <br> group1new: {'group1new'} <br> Group2new Final string: {'Group2new Final string'} <br> group2new: {'group2new'} <br> Group3new Final string: {'Group3new Final string'} <br> group3new: {'group3new'} <br> Group4new Final string: {'Group4new Final string'} <br> group4new: {'group4new'} <br> Group5new Final string: {'Group5new Final string'} <br> group5new: {'group5new'} <br> homedirectory: {'homedirectory'} <br> homedirectoryletter: {'homedirectoryletter'} <br> HomeDirectory_VBScript: {'HomeDirectory_VBScript'} <br> homedrive: {'homedrive'} <br> JDBC: {'JDBC'} <br> loginscript: {'loginscript'} <br> nativedomainDN: {'nativedomainDN'} <br> NativeGroup: {'NativeGroup'} <br> newofficename: {'newofficename'} <br> oldofficename: {'oldofficename'} <br> ou: {'ou'} <br> profilepath: {'profilepath'} <br> Re-write Usercontainer value 2: {'Re-write Usercontainer value 2'} <br> Re-write Usercontainer value: {'Re-write Usercontainer value'} <br> Replace CN in group1new: {'Replace CN in group1new'} <br> Replace cn in group2new: {'Replace cn in group2new'} <br> Replace cn in group3new: {'Replace cn in group3new'} <br> Replace CN in group4new: {'Replace CN in group4new'} <br> Replace cn in group5new: {'Replace cn in group5new'} <br> OfficeServer_VBscript: {'OfficeServer_VBscript'} <br> userlandn: {'userlandn'} <br> usercontainer: {'usercontainer'} <br> </body> </html> Account Move to given ou action.name.accounts.move action.account.container.move 2 ActiveDirectory {'AD Account ID'} {'usercontainer'} Set lanoffice action.name.set.user.values action.user.attribute.add 3 lanoffice {'newofficename'} Set landn action.name.set.user.values action.user.attribute.add 4 landn {'get DN from AD account'} Set landomain action.name.set.user.values action.user.attribute.add 5 landomain {'domainname'} set userprincipalname action.name.set.accounts.data action.ace.accounts.set 6 ActiveDirectory {'AD Account ID'} accountID {'lanid'}@{'get userprincipalname'} Adding new groups to AD account 0 Database group list to add CONTAINS NativeGroup EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS newofficename NOT_CONTAINS User Transfer Add new groups AD action.name.set.accounts.data action.ace.accounts.add 0 ActiveDirectory {'AD Account ID'} groupMembership {'Database group list to add'} set landn action.name.set.user.values action.user.attribute.add 1 landn {'get DN from AD account'} Set other variables 1 15 get terminalpath EQUALS homedirectory NOT_EQUALS EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS newofficename NOT_CONTAINS User Transfer homedirectoryletter NOT_EQUALS loginscript NOT_EQUALS profilepath NOT_EQUALS stop_variable EQUALS stop_variable action.name.set.string.variable action.string.variable.value 0 stop_variable stop_variable to stop policy execution second Set Homedirectory action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set HomeDirectoryLetter action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} Set loginscript action.name.set.accounts.data action.ace.accounts.set 3 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} Set profilepath action.name.set.accounts.data action.ace.accounts.set 4 ActiveDirectory {'AD Account ID'} profile {'profilepath'} set home permission action.name.java action.java.main 5 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} set landn action.name.set.user.values action.user.attribute.add 6 landn {'get DN from AD account'} Set other variables 2 15 get terminalpath EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory NOT_EQUALS homedirectoryletter NOT_EQUALS profilepath EQUALS loginscript NOT_EQUALS stop_variable EQUALS Set homedirectory action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set homedriveletter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} Set loginscript action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} set home permissions action.name.java action.java.main 3 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 4 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 5 landn {'get DN from AD account'} Set other variables 3 15 get terminalpath EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory NOT_EQUALS homedirectoryletter NOT_EQUALS profilepath NOT_EQUALS loginscript EQUALS stop_variable EQUALS Set homedirectory action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set homedriveletter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} Set profilepath action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} profile {'profilepath'} set home permission action.name.java action.java.main 3 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 4 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 5 landn {'get DN from AD account'} Set other variables 4 15 homedirectoryletter EQUALS profilepath NOT_EQUALS loginscript NOT_EQUALS stop_variable EQUALS get terminalpath EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS Set profilepath action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} profile {'profilepath'} Set loginscript action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} stop_variable action.name.set.string.variable action.string.variable.value 2 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 3 landn {'get DN from AD account'} Set other variables 5 15 get terminalpath EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory NOT_EQUALS homedirectoryletter NOT_EQUALS profilepath EQUALS loginscript EQUALS stop_variable EQUALS Set homedirectory action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set homedriveletter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} set home permission action.name.java action.java.main 2 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 3 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 4 landn {'get DN from AD account'} Set other variables 6 15 get terminalpath EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath EQUALS loginscript NOT_EQUALS stop_variable EQUALS Set loginscript action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} stop_variable action.name.set.string.variable action.string.variable.value 1 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 2 landn {'get DN from AD account'} Set other variables 7 15 get terminalpath EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath NOT_EQUALS loginscript EQUALS stop_variable EQUALS Set loginscript action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} stop_variable action.name.set.string.variable action.string.variable.value 1 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 2 landn {'get DN from AD account'} Set other variables 8 15 newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath EQUALS loginscript EQUALS stop_variable EQUALS get terminalpath EQUALS stop_variable action.name.set.string.variable action.string.variable.value 0 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 1 landn {'get DN from AD account'} Set other variables 11 25 get terminalpath NOT_EQUALS homedirectory NOT_EQUALS EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS newofficename NOT_CONTAINS User Transfer homedirectoryletter NOT_EQUALS loginscript NOT_EQUALS profilepath NOT_EQUALS stop_variable EQUALS stop_variable action.name.set.string.variable action.string.variable.value 0 stop_variable stop_variable to stop policy execution second Set Homedirectory action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set HomeDirectoryLetter action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} Set loginscript action.name.set.accounts.data action.ace.accounts.set 3 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} Set profilepath action.name.set.accounts.data action.ace.accounts.set 4 ActiveDirectory {'AD Account ID'} profile {'profilepath'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 5 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 6 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set home permission action.name.java action.java.main 7 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} set terminal permissions action.name.java action.java.main 8 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} set landn action.name.set.user.values action.user.attribute.add 9 landn {'get DN from AD account'} Set other variables 12 25 homedirectory NOT_EQUALS homedirectoryletter NOT_EQUALS profilepath EQUALS loginscript NOT_EQUALS stop_variable EQUALS get terminalpath NOT_EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS Set homedirectory action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set homedriveletter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} Set loginscript action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 3 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 4 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set home permissions action.name.java action.java.main 5 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} set terminal permissions action.name.java action.java.main 6 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 7 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 8 landn {'get DN from AD account'} Set other variables 13 25 get terminalpath NOT_EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory NOT_EQUALS homedirectoryletter NOT_EQUALS profilepath NOT_EQUALS loginscript EQUALS stop_variable EQUALS Set homedirectory action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set homedriveletter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} Set profilepath action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} profile {'profilepath'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 3 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 4 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set home permission action.name.java action.java.main 5 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} set terminal permissions action.name.java action.java.main 6 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 7 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 8 landn {'get DN from AD account'} Set other variables 14 25 get terminalpath NOT_EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath NOT_EQUALS loginscript NOT_EQUALS stop_variable EQUALS Set profilepath action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} profile {'profilepath'} Set loginscript action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 3 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set terminal permissions action.name.java action.java.main 4 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 5 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 6 landn {'get DN from AD account'} Set other variables 15 25 get terminalpath NOT_EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory NOT_EQUALS homedirectoryletter NOT_EQUALS profilepath EQUALS loginscript EQUALS stop_variable EQUALS Set homedirectory action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} homedir {'FinalHomeDirectory'} Set homedriveletter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} homedrive {'homedirectoryletter'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 3 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set home permission action.name.java action.java.main 4 com.ca.custom.java.remoteprocessScript {'HomeDirectory_VBScript'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} set terminal permissions action.name.java action.java.main 5 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 6 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 7 landn {'get DN from AD account'} Set other variables 16 25 get terminalpath NOT_EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath EQUALS loginscript NOT_EQUALS stop_variable EQUALS Set loginscript action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set terminal permissions action.name.java action.java.main 3 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 4 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 5 landn {'get DN from AD account'} Set other variables 17 25 get terminalpath NOT_EQUALS newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath NOT_EQUALS loginscript EQUALS stop_variable EQUALS Set loginscript action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} logonScript {'FinalLoginScript'} set Terminal Path action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 2 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set terminal permissions action.name.java action.java.main 3 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 4 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 5 landn {'get DN from AD account'} Set other variables 18 25 newofficename NOT_CONTAINS User Transfer EnforceADRedoVar NOT_EQUALS landn NOT_EQUALS newofficename NOT_EQUALS homedirectory EQUALS homedirectoryletter EQUALS profilepath EQUALS loginscript EQUALS stop_variable EQUALS get terminalpath NOT_EQUALS set Terminal Path action.name.set.accounts.data action.ace.accounts.set 0 ActiveDirectory {'AD Account ID'} wtsHomeDir {'FinalTerminalPath'} set Terminal Letter action.name.set.accounts.data action.ace.accounts.set 1 ActiveDirectory {'AD Account ID'} wtsHomeDirDrive {'get terminal_letter'} set terminal permissions action.name.java action.java.main 2 com.ca.custom.java.remoteprocessScript {'get terminalpath'} {'domainname'} {'lanid'} {'OfficeServer_VBscript'} stop_variable action.name.set.string.variable action.string.variable.value 3 stop_variable stop_variable to stop policy execution second set landn action.name.set.user.values action.user.attribute.add 4 landn {'get DN from AD account'} ]]> exception.behaviour.fail_event exception.behaviour.fail_policy