Chat now with support
Chat mit Support

Identity Manager 9.0 LTS - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Applications for configuring the user interface

In the default version of One Identity Manager, the applications and the predefined navigation for the One Identity Manager tools, the Manager, the Designer, and the Launchpad are also supplied. Predefined configurations are maintained by the schema installation and cannot be edited apart from a few properties. It is not usually necessary to define your own applications. You might possibly need your own applications for a customer specific web interface.

In the Designer, the available programs are shown in the Base data > Security settings > Programs category.

Table 60: Predefined programs
Product Meaning

Default

Default for front-ends without special usage, for example Job Queue Info or Report Editor. Required to determine the authentication module.

Designer

Application for the Designer.

Manager

Application for the Manager.

Launchpad

Application for the Launchpad.

WebDesigner

Application for installing the Web Portal.

WebDesignerEditor

Program for the Web Designer to configure and extend the Web Portal.

Application server

Program for installing the application server.

API Designer

Application for the Web Portal configuration.

OperationsSupportWebPortal

Application for installing the Operations Support Web Portal.

PasswordReset

Application for installing the Password Reset Portal.

Job Server

Application for configuring Job servers.

Program properties

Table 61: Program properties
Property Meaning

Program

Name of the program.

Remarks

Comments about the program.

Start menu item

If the given start menu item is available to a system user in a program’s navigation menu, the program navigates straight to this position in the menu when it starts up. You can specify, for example, a home page for a system user with this feature. This function is mainly used by web interfaces.

Configuration data

Configuration data is used to determine a system user by the dynamic authentication module. You can also adapt the configuration data for the default programs that are supplied. For more information, see the One Identity Manager Authorization and Authentication Guide.

Minimum Version

Minimum version of the program that can run with the version of the database in use. This input is used solely as information, the version number is not verified.

Engine based

Specifies whether menu navigation and forms can be assigned to the program.

Processing status

The processing status is used for creating custom configuration packages.

Authentication module

Authentication module used by the program. For more information about One Identity Manager authentication modules, see the One Identity Manager Authorization and Authentication Guide.

ClosedEnabling authentication modules in the Designer

Form

Forms displayed in the program.

ClosedDisplaying forms in the Designer

Menu

Menus displayed in the program.

ClosedDisplaying menu items in the Designer

System users

System users that use the program.

ClosedDisplaying system users in the Designer

Permissions group

Permissions groups whose permissions are also valid for this program. For more information about permissions groups in One Identity Manager, see the One Identity Manager Authorization and Authentication Guide.

ClosedDisplaying permissions groups in the Designer
Related topics

Icons and images for configuring the user interface

When you are configuring the One Identity Manager tools’ user interfaces you can add icons and images for displaying in different parts of them. The default version of One Identity Manager supplies the icons and images that you can use for configuring the user interface and to create reports. Predefined configurations are maintained by the schema installation and cannot be edited apart from a few properties.

Icons are required to be in PNG format with sizes of 16x16 pixels, 24x24 and 32x32 pixels for the graphical interface.

Icons are required for the following use cases.

Table 62: Meaning of the icons
State Usage

Normal

Icons showing an enabled state. These icons must exist in the One Identity Manager database.

Inverted

Icons that show and enabled state on a black background. These icons can be converted automatically.

Disabled

Icons showing a disabled state. These icons must exist in the One Identity Manager database.

To add an icon

  1. In the Designer, select the Base data > General > Icons category.

  2. Select the Object > New menu item.

  3. Give the icon a name.

  4. Upload the icon using .

  5. Select the Database > Save to database and click Save.

To add images for reports

  1. In the Designer, select the Base data > General > Large images category.

  2. Select the Object > New menu item.

  3. Give the image a name.

  4. Load the image using the button.

  5. Save the image with the button.

    The image is displayed with certain important image properties.

  6. Select the Database > Save to database and click Save.

NOTE: If you edit icons or images that are used in a web application, you must compile the API and the web application afterward with the Database Compiler.

Using predefined database queries

Due to security issues, you cannot run any direct database queries from the user interface or from web applications. Direct database queries, such as those required on forms, must take the form of predefined database queries in One Identity Manager. Database queries are always run with the permissions of the current user. Predefined database queries must be assigned to a permissions group.

A wizard in the Web Designer helps you to create database queries for the Web Designer Web Portal and to link them with at least one permissions group. You can add more predefined database queries with the Designer.

You will find examples on the installation medium in the QBM\dvd\AddOn\ApiSamples directory.

To create predefined database queries

  1. In the Designer, select the Base data > Advanced > Predefined SQL category.

  2. Select the Object > New menu item.

  3. Edit the main data.

    Table 63: Properties of predefined database queries
    Property Description

    Processing status

    Object processing status. The processing status is used for creating custom configuration packages.

    Description

    Text field for additional explanation.

    Identifier for SQL code

    A unique identifier that is used to identify the query

    SQL type

    Type of SQL query. Permitted values are:

    • Statement: This is a complete SQL query.

    • WHERE clause: This is where clause part of the SQL query.

    Code

    Full database query SQL syntax. You can also use SQL parameters in the query.

  4. Assign permissions groups.

    1. Select View > Select table relations and enable the QBMGroupHasLimitedSQL table.

    2. In the edit view, select the Permissions group view and select the permissions groups.

  5. Select the Database > Save to database and click Save.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen