Chat now with support
Chat with Support

Identity Manager 8.1.4 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Setting up Job servers Configuring the One Identity Manager Service Handling processes in One Identity Manager
Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Using scripts Notes on message output Notes on using date values Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing of scripts in Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for executing scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration SOAP Web Service One Identity Manager as SPML provisioning service provider Processing DBQueue tasks One Identity Manager Service configuration files

Notes on message output

You should never use the VB.Net Msgbox and Inputbox functions on servers. Use the VID_Write2Log, RaiseMessage, or AppData.Instance.RaiseMessage functions.

For examples of One Identity Manager Service log file output, see the script examples on the installation medium in the QBM\dvd\AddOn\SDK\ScriptSamples directory.

Notes on using date values

  • If no date is given, the date 12/30/1899 is used internally. Take this into account when values are compared, for example, when used in reports.

    Example of an expression for displaying data columns in reports

    {IIF(Person.ExitDate.ToString() = "12/30/1899 12:00:00 AM","-",Person.ExitDate)}

  • Time stamps, such as insert dates or modification dates, are stored in the database with the respective UTC. The object layer transforms this time data into the currently valid time zone data when an object is loaded. The user, therefore, sees all the values in local time. When an object is saved the current time zone data is transformed into UTC data.

    NOTE: The use of DateTime.Now in scripts must be critically tested. It is better to use DateTime.UTCNow than DateTime.Now to display the value to users.

  • It is not recommended to convert date values in non-U.S. notation from the String data type to the DateTime data type in scripts:

    Value = CDate("2014-12-31")

    This always causes a problem if the script is running on a U.S. system. In the best case, you are sent an error message like "Cast from string...to type Date is not valid". In the worst case, the wrong date is returned as month and day are swapped (3.12.2014 becomes 12.3.2014).

    If possible, you should avoid a string conversion altogether in this case. The DateTime type provides several constructors for this purpose. For the example above, that would be:

    Value = new DateTime(2014, 12, 31)

    However, if the data type String is to be used, the ISO date notation should be applied as this is converted correctly in all settings:

    Value = CDate("2014-12-31")

    Value = CDate("2014-12-31 15:22:12")

    The complicated version is to input the language code format for the date:

    Value = DateTime.Parse("12.31.2014", new CultureInfo("en-US"))

    Value = DateTime.ParseExact("12.31.2014", "mm.dd.yyyy", CultureInfo.InvariantCulture)

Using dollar ($) notation

Dollar ($) notation is used to access object properties in One Identity Manager. If you are using dollar notation you need to ensure that the value is allocated the correct data type. Dollar notation returns a String type by default. If another data type is specified, it is internally converted with ToString.

Permitted data types are:

Binary

Bool

Byte

Date

Decimal

Double

Int

Long

Short

String (default)

Text

NOTE: If you want to use a dollar sign in scripts, but not have the sign representing access to a column name, you must mask it by doubling.

Example

In Windows PowerShell scripts, instead of:

theScript.AppendLine("foreach ($Domain in $Domains)")

use:

theScript.AppendLine("foreach ($$Domain in $$Domains)")

Detailed information about this topic

Accessing local object columns

Syntax

$<column name>:<data type>$

Examples for use in templates

The Active Directory user display name should comprise of the first and last name of the Active Directory user. The template for ADSAccount.Displayname is:

If $Givenname$<>"" And $Surname$<>"" Then

Value = $Surname$ & " " & $Givenname$

ElseIf $Givenname$<>"" Then

Value = $Givenname$

ElseIf $Surname$<>"" then

Value = $Surname$

End If

If an employee is disabled, the leaving date should be set. The template for Person.Exitdate is:

If $IsInActive:bool$ Then

Value = Date.Today

End If

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating