Chat now with support
Chat with Support

Identity Manager 9.1.2 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using Windows PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD-notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Process step parameters

When you select a process task you specify which action will be run by the process step. The process task parameter templates are copied to the process step as parameters. This means that every process step that uses this process task can pass other parameter values. The original is not altered.

Compulsory parameters are immediately entered into the process step when the process task is selected. Then, you can enter any optional parameters individually. When a parameter is added, the value template is copied from the parameter template. Templates for parameter values are mostly predefined, for example, procedures that evaluate object UIDs and note them accordingly.

Detailed information about this topic

Editing process step parameters

To edit process step parameters

  1. In the Designer, select the process in the Process Orchestration category.

  2. Start the Process Editor with the Edit process task.

  3. Click on the element for the process step in the process document.

  4. Select the Parameter view.

    This displays all the parameters defined for the process.

  5. Check whether the required parameters are assigned and edit the parameters.

    You can add, delete, or edit parameters from the toolbar.

    TIP: Click an entry to edit the parameter value directly.

    Table 76: Meaning of icon used
    Icon Meaning

    Mandatory process task parameter

    Optional process task parameter, which is assigned to a process step.

    Optional process task parameter, which is not assigned to a process step.

Related topics

Properties of process step parameters

Table 77: Properties for parameters
Property Meaning

Name

Name of the parameter.

NOTE: You should not change the name of a parameter. The special parameters of the HandleObjectComponent process component are an exception to this rule.

Hidden

Specifies whether the parameter is shown in the One Identity Manager Service log file and in the Job Queue Info program. Values for hidden parameters are shown as <HIDDEN>.

NOTE: Users with the program function Option to see the values of hidden parameters in Job Queue Info (JobQueue_ShowHiddenParameters) can view the hidden parameters in the Job Queue Info. Assign the appropriate permissions group to the program function.

Encrypted

Specifies whether the parameter is encrypted when it is passed if the database is encrypted. Encrypted parameters are shown as <hidden> in the One Identity Manager Service log file and in the Job Queue Info program.

NOTE: If the Encrypted option is already set in the parameter template, the parameter must also be encrypted when it is passed.

Contains encrypted components

Specifies whether encrypted sequences are contained in this value. Use this option, if partially encrypted sequences such as passwords are to be passed in complex parameters, for example Windows PowerShell scripts. Encrypted parts of a parameter are shown as <Hidden> in the One Identity Manager Service log file and in the Job Queue Info program.

Value template

Define value templates in VB.Net syntax. When a parameter is added, the value template is copied from the parameter template.

TIP: To restore the default value template, select the button in View > Parameter and click the Template button in the Edit parameters view.

Type

Type of parameter. The IN, OUT and INOUT values are permitted.

Parameters of the OUT or INOUT type are parameters that a process component can use to output a value. This value is then available in all subsequent process steps in the process and can be used as a value for parameters of the IN type.

Related topics

Allocating parameter values

Define value templates in VB.Net syntax. The following statements can be used for allocating values:

  • None

  • Columns of an object or columns of an object connected by a relation

    Syntax:

    Value = $<column name>:<data type>$

    Value = ${FK(<foreign key column>).}column name>:<data type>$

    Example:

    Value = $Lastname$

    Value = $PasswordNeverExpires:bool$

    Value = $FK(Ident_Domain).Description$

  • Parameter from the optional parameter collection

    Syntax:

    Value = $PC(<parameter name>)$

    Example:

    Value = $PC(SRCUID_Application)$

  • Out-Parameter

    Parameters of the OUT or INOUT type are parameters that a process component can use to output a value. This value is then available in all subsequent process steps in the process and can be used as a value for parameters of the IN type.

    When you use OUT parameters, you need to ensure that they contain data at runtime. Alternatively, when the text is processed "&OUT(<parameter name>)&" is entered, which means that the variable will not be replaced.

    Syntax:

    Value = "&OUT(<parameter name>)&"

    Example:

    Value = "&Out(FileSize)&"

  • Global variables allocated by the set-up program

    Syntax:

    Value = Variables("<variable name>")

    Example:

    Value = Variables("GENPROCID")

    Value = Variables("FULLSYNC")

  • The local variables of the process step or of the process generated by the pre-script

    Syntax:

    Value = values("Name")

    Example:

    Value = Values("FirstHomeServer")

  • Querying configuration parameters

    The full path for the configuration parameter must always be entered.

    Syntax:

    Value = Session.Config().GetConfigParm("<full path>")

    Example:

    Value = Session.Config().GetConfigParm("TargetSystem | ADS | PersonAutoDefault")

  • VB.Net

    Enter any statements in VB.NET syntax.

  • Querying environment variables

    Syntax:

    &ENV(Variablenname)&

    Example:

    Value = "&ENV(COMPUTERNAME)&"

  • Querying secrets

    In the One Identity Manager Service configuration, the SecretAllowList and SecretsFolder parameters must be configured.

    Syntax:

    &SECRET(Name)&

    Example:

    Value = "&SECRET(API_KEY)&"

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating