Define value templates in VB.Net syntax. The following statements can be used for allocating values:
-
None
-
Columns of an object or columns of an object connected by a relation
Syntax:
Value = $<column name>:<data type>$
Value = ${FK(<foreign key column>).}column name>:<data type>$
Example:
Value = $Lastname$
Value = $PasswordNeverExpires:bool$
Value = $FK(Ident_Domain).Description$
-
Parameter from the optional parameter collection
Syntax:
Value = $PC(<parameter name>)$
Example:
Value = $PC(SRCUID_Application)$
-
Out-Parameter
Parameters of the OUT or INOUT type are parameters that a process component can use to output a value. This value is then available in all subsequent process steps in the process and can be used as a value for parameters of the IN type.
When you use OUT parameters, you need to ensure that they contain data at runtime. Alternatively, when the text is processed "&OUT(<parameter name>)&" is entered, which means that the variable will not be replaced.
Syntax:
Value = "&OUT(<parameter name>)&"
Example:
Value = "&Out(FileSize)&"
-
Global variables allocated by the set-up program
Syntax:
Value = Variables("<variable name>")
Example:
Value = Variables("GENPROCID")
Value = Variables("FULLSYNC")
-
The local variables of the process step or of the process generated by the pre-script
Syntax:
Example:
Value = Values("FirstHomeServer")
-
Querying configuration parameters
The full path for the configuration parameter must always be entered.
Syntax:
Value = Session.Config().GetConfigParm("<full path>")
Example:
Value = Session.Config().GetConfigParm("TargetSystem | ADS | PersonAutoDefault")
-
VB.Net
Enter any statements in VB.NET syntax.
-
Querying environment variables
Syntax:
&ENV(Variablenname)&
Example:
Value = "&ENV(COMPUTERNAME)&"
-
Querying secrets
In the One Identity Manager Service configuration, the SecretAllowList and SecretsFolder parameters must be configured.
Syntax:
&SECRET(Name)&
Example:
Value = "&SECRET(API_KEY)&"
Related topics
Events are defined to assign processes to objects. Processes cannot be generated until a link has been created between object, event, and process. The following predefined events are available. These are described in the following table.
Table 78: Predefined events
|
Insert |
Event created when an object is created. Available for all objects. |
|
Update |
Event created when an object is changed. Available for all objects. |
|
Delete |
Event created when an object is deleted. Available for all objects. |
|
Execute |
The event is triggered by the DBQueue Processor when the activation time of a deferred operation is reached. |
|
Assign |
The event is triggered when many-to-many assignments are added. |
|
Remove |
The event is triggered when many-to-many assignments are removed. |
Other events are provided by the Customizer.You can define other custom events to trigger processes.
Detailed information about this topic
If the object event is assigned a program function, users that own this program function by permissions group, can trigger the object event and therefore the process, irrespective of their permissions. Detailed information about managing permissions and running processes with program functions can be found in the One Identity Manager Authorization and Authentication Guide.
To create an event
-
In the Designer, select the process in the Process Orchestration category.
-
Start the Process Editor with the Edit process task.
-
Click on the element for the process in the process document.
-
Select the Events view and click 
.
-
Enter the following information.
Table 79: Event properties
|
Object event |
Name of the object event.
The Object event menu displays the object events of the table specified in the process.
-
Select an existing object event.
- OR -
-
Click and enter the name of the new object event. |
|
Sort order |
Specifies the sort order in which the processes are generated if multiple processes refer to the same event of the base object.
Processes with a lower sort order are generated before processes with a higher sort order. |
|
Event process information |
VB.Net expression for displaying the display name in the process view. |
-
(Optional) Assign a program function to the object event.
-
In the Designer, select the event in the Process Orchestration > Object events.
-
Select the View > Select table relations menu item and enable the QBMEventHasFeature table.
-
In the edit view, select the Program function view and select the program function.
Related topics
The basic permissions for triggering processes are granted to the logged in user by the Common_TriggerEvents program function.
In One Identity Manager, triggering of events on stored processes is linked to the permissions concept. Users can only trigger events on objects like this if they own edit permissions for them. This can lead to table users who only have viewing permissions not being able to trigger additional events for processes.
In this case, it is possible to connect the object events (QBMEvent table) with a program function (QBMFeature table). An event (JobEventGen table), which is defined for a process, is linked with an object event (JobEventGen.UID_QBMEvent column). The object events are linked to a program function (QBMEventHasFeature table). Users with this program function can trigger the object event and therefore the process too independent of their permissions.
TIP: The Common_TriggerSpecificEvents program function allows you to trigger specific events from the front-end. You can assign this program function to custom object events that any user can trigger. The program function is allocated to the QBM_BaseRigt permissions group.
Detailed information about managing permissions and running processes with program functions can be found in the One Identity Manager Authorization and Authentication Guide.
Related topics
