Chat now with support
Chat mit Support

Identity Manager 9.2 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Creating and editing reports in the Report Editor

NOTE: Reports with historical data changes analyze data changes in a One Identity Manager History Database. If the One Identity Manager History Database is linked by an ID to the One Identity Manager database’s TimeTrace, you must log in to the Report Editor through an application server that has this ID in its configuration file (web.config). For more information about connecting to the One Identity Manager History Database through an application server and the required configuration, see the One Identity Manager Data Archiving Administration Guide.

Create and edit reports with the Report Editor program. Reports are stored in the database DialogReport table. The following steps are required to create a report:

  1. Defining report properties, data sources, and report parameters.

  2. Designing the report form with the Report Designer.

Predefined reports supplied with One Identity Manager by default, automatically customized during schema installation. If customizations are required to the default reports:

  1. Create a copy of the report.

  2. Edit the required report properties.

  3. Use the customized report from now on.

When you add or copy a report, the property dialog opens first, which you use to enter the general data for the report, the data source required and an parameters for the report definition. Then a new report form is created in the edit view with the Report Designer. This forms the basis of the report design. Using the Report Designer’s toolbar, you can place the controls you want on the report form.

NOTE: Use the online help from Stimulsoft StimulReport.Net (www.stimulsoft.com) as a basis for the report design.

To create a new report

  • In the Report Editor, select the Report > New menu item.

To copy a report

  • In the Report Editor, select the report in the report list and then, in the context menu, click Copy.

    This creates a new report and the property dialog opens. The properties in the new report are take from the original.

To edit a report

  1. In the Report Editor, select the report in the report list and open it by double-clicking or clicking Edit in the context menu.

    This opens the report form in the Report Designer.

  2. To open the property dialog, select the Report > Edit menu item.

To edit the report properties without loading the report in the Report Designer

  • In the Report Editor, select the report in the report list and then Edit properties from the context menu.

    This opens the property dialog.

NOTE: After you have customized a report, you can mark it by setting change labels. These change labels are offered in the Database Transporter as export criteria when a customer transport package is created.

Detailed information about this topic

Editing general report properties

You can edit the general properties of a report in the properties dialog. The properties dialog opens immediately when a report is added or copied. If you want tot edit the properties of an existing report, you must open the properties dialog first.

To edit general report properties

  1. In the Report Editor, select the report in the report list and then Edit properties from the context menu.

    This opens the property dialog.

  2. Select the Properties tab in the properties dialog.

  3. Edit the general properties.

  4. Save the changes.

Table 150: General report properties
Property Meaning

Name

Report name Label custom reports with the CCC_ prefix.

Display name

Display name of the report. The display name is available when the report is created as ReportAlias. It can, for example, be used to compose the title of the report or the file name when you export a report in the Web Portal. Translate the given text using the button.

The report display name can contain variables, permitted are system variables such as report parameters. The variables are passed using a percent character.

Example:

Name of report %variable%

Max. runtime [sec]

Maximum number of seconds available to generate the report If this period is exceeded, the report stops generating.

Description

Report description. Translate the given text using the button.

Filter criteria

Filter criteria for displaying the report in the web front-end.

Base table

Basis table for the report.

Category

Category for classifying reports. Permitted values are the Common, Mail, Attestation, and Dashboard categories.

Preprocessor condition

Preprocessor conditions can be added to reports. In this case, a report is only available if the preprocessor condition is fulfilled.

Custom properties > Spare field no. 01 ... Spare field no. 10

Additional company-specific information. Use the Designer to customize display names, formats, and templates for the input fields.

Extended properties > Report

UID for finding the report in the database.

Related topics

Creating and editing data sources

For each report you need to create a data source from which to read the report data to be displayed. Normally one data source is sufficient for one report. However, you can define several data sources for each report. You can test the results while processing a data source.

Table 151: Data sources for reports

Data source

Usage

SQL

Data queries with the SQL query module are run directly on the database without checking user access permissions. This means that a column to be used in the report is displayed even though the user may not have access permission to it.

View

You can use the View query module to create data queries using predefined database views and thus control user access permissions.

Object

Data queries with the Object query module are created using the object layer and therefore take user access permissions fully into account.

Single object history

Use data queries with the Single object history query module when you want to create reports about a single object, for example, one identity, with its history data.

Multiple object history

Use data queries with the Multiple object history query module to create reports about multiple objects with historical data that can be further restricted by a particular criterion. This could be all identities with a certain last name.

Historical assignments

Use data queries with the Historical assignments query module to create reports with historical data from object assignments, for example, identity role memberships. This type is used for queries through foreign key relations as well as through assignment tables (many-to-many tables) and child relations.

Front-end simulation result

You can apply the Front-end simulation result query module to all parts of a simulation apart from rule violation analysis.

Front-end simulation result for compliance

You can use the Front-end Simulation Result for Compliance query module to publish the rule violation analysis in the report.

To edit a data source

  1. In the Report Editor, select the report in the report list and then Edit properties from the context menu.

    This opens the property dialog.

  2. Select the Data source tab in the properties dialog.

  3. Select the data source from the Defined queries list.

    - OR -

    Click Add.

    This creates a new data source.

  4. Edit the data source properties.

  5. Save the changes.

To test a data query

  1. In the Report Editor, select the report in the report list and then Edit properties from the context menu.

    This opens the property dialog.

  2. Select the Data source tab in the properties dialog.

  3. Select the data source from the Defined queries list.

  4. Click the button next to Query module.

    The result of a data source is shown in a separate dialog.

NOTE: When a data query is copied to the clipboard, a database query is generated in SQL syntax, which you can run on the database with an appropriate SQL query tool. To copy the data query, use the button next to Query module.

To delete a data source

  1. In the Report Editor, select the report in the report list and then Edit properties from the context menu.

    This opens the property dialog.

  2. Select the Data source tab in the properties dialog.

  3. Select the data source from the Defined queries list.

  4. Click Delete.

  5. Save the changes.

Detailed information about this topic

Data retrieval using SQL queries

Data queries with the SQL query module are run directly on the database without checking user access permissions. This means that a column to be used in the report is displayed even though the user may not have access permission to it.

Table 152: Data source SQL properties
Property Meaning

Name

Name of the data source.

Description

Description of data source.

Max. lines

Maximum number of result lines for this query.

NOTE: The report only displays results up to this maximum even if the number of results exceeds it. In the default, no error messages or tips are displayed. Any possible messages must be customized in the report.

Parent query

Not used.

Query module

Select the SQL query module.

Query

Full database query SQL syntax. The query must contain all the columns used in the report. You can also use SQL parameters in the query. Add these parameters subsequently to the report by entering them on the Parameters tab.

Syntax for parameters:

@<parameter name>

Syntax for parameters of Date data type and a scope (time period from/until):

@<parameter name>Start

@<parameter name>End

Example of usage in the SQL query:

and StartDate between @<parameter name>Start and @<parameter name>End

Example:

The query should return the identities (Person table) assigned to an department. The department (UID_Department) is found with the object key (XObjectKey). This is passed as a parameter to the report. The identity‘s first name (firstname), last name (lastname) and department name (departmentname) are queried.

Select Firstname, Lastname, Departmentname

from person join Department

on person.uid_Department = department.uid_Department

where Department.XObjectKey = @ObjectKeyBase

Related topics
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen