Chat now with support
Chat with Support

Identity Manager 9.2.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics
Overview of the One Identity Manager schema Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions Column definitions Table relations Dynamic foreign key Supporting file groups
Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Tips for using PowerShell scripts

For examples of syntax and usage for PowerShell scripts in One Identity Manager, see https://github.com/OneIdentity/IdentityManager.PoSh. Take note of the installation prerequisites and information given there.

By default, the PowerShell module tries to load all referenced DLLs from a valid One Identity Manager installation. In the default installation, One Identity Manager is installed under:

  • %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)

  • %ProgramFiles%\One Identity (on 64-bit operating systems)

Using dollar ($) notation

Dollar ($) notation is used to access object properties in One Identity Manager.

Syntax

$<definition>:<data type>{<format>}$

If you are using dollar notation you need to ensure that the value is allocated the correct data type. Dollar notation returns a String type by default.

Permitted data types are:

Binary

Bool

Byte

Date

Decimal

Double

Int

Long

Short

String (default)

Text

The format specification is optional. If the format is specified, the target type of the expression is a string. If the format is not specified, it is the specified data type.

The format specifications correspond to the format strings of the string.format function for the individual types. For more information about the format string, see https://docs.microsoft.com/en-us/dotnet/standard/base-types/composite-formatting#format-string-component.

Examples:

$MaxValidDays:Int{000}$

with the value 42 give the result "042"

$XDateUpdated:Date{t}$

gives "11:16"

NOTE: If you want to use a dollar $ sign in scripts, without it representing access to a column name, you must mask it by doubling.

Example:

In PowerShell scripts, instead of:

theScript.AppendLine("foreach ($Domain in $Domains)")

use:

theScript.AppendLine("foreach ($$Domain in $$Domains)")

Detailed information about this topic

Accessing local object columns

Syntax

$<column name>:<data type>{<format>}$

Examples for use in templates

The Active Directory user display name should comprise of the first and last name of the Active Directory user. The template for ADSAccount.Displayname is:

If $Givenname$<>"" And $Surname$<>"" Then

Value = $Surname$ & " " & $Givenname$

ElseIf $Givenname$<>"" Then

Value = $Givenname$

ElseIf $Surname$<>"" then

Value = $Surname$

End If

If an identity is disabled, the leaving date should be set. The template for Person.Exitdate is:

If $IsInActive:bool$ Then

Value = Date.Today

End If

Related topics

Accessing columns of an object connected by a relation

The only relation currently permitted is the foreign key relation.

Syntax

$FK(<foreign key column>).<column name>:<data type>{<format>}$

Example for use in templates:

An Active Directory user’s first name should based on the assigned identity. The template for ADSAccount.Givenname is:

Value = $FK(UID_Person).Firstname$

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating