Chat now with support
Chat with Support

Identity Manager 9.2 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Creating and editing task definitions

You can edit properties of task definitions or create new task definitions.

To create or edit a task definition

  1. In the Designer, select User Interface > Task definitions category.

  2. Select the task.

    - OR -

    To create a new task, select the Object > New menu item.

  3. Select the Change main data task and edit the task's main data.

  4. Assign a permissions group to the task definition.

    1. Select the View > Select table relations menu item and enable the DialogGroupHasMethod table.

    2. In the edit view, select the Permissions group view and select the permissions groups.

  5. Assign the task definition to the object definition for which the task should be offered in the user interface.

    1. Select the View > Select table relations menu item and enable the DialogObjectHasMethod table.

    2. In the edit view, select the Object view and select the object definition.

  6. (Optional) Assign a program function to the task definition.

    1. Select the View > Select table relations menu item and enable the QBMMethodHasFeature table.

    2. In the edit view, select the Program function view and select the program function.

  7. Select the Database > Commit to database and click Save.

Related topics

Disabling task definitions

You can disable individual predefined tasks to prevent them being shown in the user interface. They remain disabled even after schema installation.

To disable a task

  1. In the Designer, select the task in the User interface > Task definitions category.

  2. Select the Change main data task.

  3. Set the Disabled option.

  4. Select the Database > Commit to database and click Save.

Related topics

Script for conditional displaying of tasks

In principle, a user's permissions for displaying and editing tasks are controlled by permissions in permissions groups.

You can also use a script in the custom task definition to conditionally display a task. For example, this way you can control whether a task is only displayed in the Manager if a certain condition is met.

Example:

A method is displayed only when the object is loaded from the database. Adding a new object must not show the method.

If Not Entity.IsLoaded Then

Value = False

Else

Value = True

End If

NOTE: The script does not change the user’s permissions but simply the behavior if the object is loaded in one of the One Identity Manager tools. If you want to limit visibility and editability of a task, change the permissions of the permissions groups. For more information, see the One Identity Manager Authorization and Authentication Guide.

To specify a script for conditionally displaying a task

  1. In the Designer, select the task in the User interface > Task definitions category.

  2. Select the Change main data task.

  3. Enter a Visibility script in VB.Net syntax. If the return value is false, task is not displayed in any of the One Identity Manager tools.

  4. Select the Database > Commit to database and click Save.

Related topics

Properties of task definitions

Table 59: Task properties
Property Meaning

Task name

Name of the task.

Caption

The display name is used to display the task in the administration tool task view. Display names can be given in more than one language.

NOTE: The tasks are displayed in alphabetical order in the task view of One Identity Manager.

Description

Description of the task. The description is shown as a tooltip in the user interface task view.

Enabled for

This property specifies the intended use of the task.

Permitted values are:

  • Fat Client: You can display the task in the graphical user interface.

  • Web Client: You can display the task in web applications.

  • Fat Client + Web Client: You can display the task in both the graphical user interface and web applications.

Task behavior

Sets the behavior of the task.

The following entries are permitted:

  • No data: Default. The task is available for single object and multiple object editing. Changes are run separately for each object, even if multiple edit is used.

  • Save required: The task saves data. A corresponding alert message is displayed. This task is available for multiple editing of objects.

  • Single objects only: This task is only permitted for single objects.

  • Save required + single objects only: The task saves data. A corresponding alert message is displayed. This task is only permitted for single objects. This task is available for multiple editing of objects.

  • Run on multiple objects: This task is available for multiple editing of objects. Changes are run for all objects together through a multi-object.

  • Save required + run on multiple objects: The task saves data. A corresponding alert message is displayed. This task is available for multiple editing of objects. Changes are run for all objects together through a multi-object. This task is available for multiple editing of objects.

Icon

Icon for displaying the task in the user interface.

Script

Task script. You can use function calls or commando input in VB.Net statements for the task script. The Base. syntax always accesses the object that is currently loaded.

NOTE: The database needs to be complied after changing a task script.

Visibility script

Script for conditional displaying of tasks in One Identity Manager tools. For more information, see Script for conditional displaying of tasks.

Disabled

Specifies whether the task is displayed in the user interface. Disabled tasks are never displayed in the user interface. Predefined system users are not effected by this limitation. This modification is also permitted for predefined default user interface tasks and is not overwritten when the schema is installed.

Processing status

The processing status is used for creating custom configuration packages.

Object

Assignment to object definitions (DialogObjectHasMethod table) for which the task will be shown in the user interface.

Permissions group

Assignment of permissions groups (DialogGroupHasMethod table), whose users can apply this task.

Program function

Program function, which is linked to the task definition. If a task definition is assigned a program function (QBMMethodHasFeature table) users can only run this task if they have the necessary permissions groups. For more information about managing permissions and running methods using program functions, see the One Identity Manager Authorization and Authentication Guide.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating