Chat now with support
Chat with Support

Identity Manager 8.0 - Configuration Guide

One Identity Manager Software Architecture Working with the Designer Customizing the One Identity Manager Default Configuration Checking Data Consistency Compiling a One Identity Manager Database Working with Change Labels Basic System Configuration Data
One Identity Manager Authentication Module Database Connection Data Configuration Parameters for System Configuration Setting up the Mail Notification System Enabling More Languages for Displaying and Maintaining Data Displaying Country Information Setting Up and Configuring Schedules Password Policies in One Identity Manager Reloading Changes Dynamically TimeTrace Databases Machine Roles and Server Functions Files for Software Update Operating Systems in Use System Configuration Reports Using Predefined Database Queries Managing Custom Database Objects within a Database
The One Identity Manager Data Model Granting One Identity Manager Schema Permissions Working with the User Interface
Object definitions for the User Interface User Interface Navigation Forms for the User Interface Statistics in the One Identity Manager Extending the Launchpad Task Definitions for the User Interface Applications for Configuring the User Interface Icons and Images for Configuring the User Interface Language Dependent Data Representation
Process Orchestration in One Identity Manager
Declaring the Job Server One Identity Manager Service Configuration Handling Processes in the One Identity Manager
Tracking Changes with Process Monitoring Conditional Compilation using Preprocessor Conditions One Identity Manager Scripts Maintaining Mail Templates Reports in the One Identity Manager Custom schema extensions Transporting One Identity Manager Schema Customizations Importing Data Web Service Integration SOAP Web Service One Identity Manager as SPML Provisioning Service Provider Searching for Errors in the One Identity Manager Processing DBQueue Tasks One Identity Manager Configuration Files

Working with Module Globally Unique Modifiers

To transport, for example, predefined reports, processes, workflows or mail definitions with a complete system configuration transport, the objects require a primary key with a module GUID. These are objects are identified as part of the system configuration through the module GUID.

Syntax:

The table primary key has the format CCC-[0-9,a-f](32).

 NOTE: Entries with a module GUID are transferred automatically to the transport package when a transport of the entire system configuration is created.

You can use the following table definition settings for generating a module GUID:

  • If the options Module GUID permitted and Module GUID required are enabled, the objects have to get a module GUID. The objects in this type of labeled tables are given the module prefix CCC.
  • If only the option Module GUID permitted is enabled, the objects can get a module GUID in the required format. By default, the objects obtain a default GUID in the format [0-9,a-f](8-4-4-4-12). Create the objects with the prefix CCC if they should obtain a module GUID. You can do this using the Object Browser.
Example
  • The DialogGroup table has the options Module GUID required and Module GUID permitted enabled. When creating a new permissions group, the primary key is automatically generated in the format of a module GUID.
  • For the AERole table only the option Module GUID permitted is set. To ensure that your own application roles are added to the transport package, create the application roles in the Object Browser with a module GUID.

NOTE: In the default case, the table's primary key is created with a default GUID. To subsequently change a default GUID to a module GUID, you use the Object Browser.

IMPORTANT: Do not execute the following steps for production databases. Only perform these steps within the maintenance window. Otherwise, this could lead to inconsistent data.

To change a default GUID to a module GUID

  1. In Object Browser select the object for which you want to change the default GUID.
  2. Display the Properties context menu.
  3. On the Methods tab select the SwitchToModuleGuid() method and click Execute.

To change a module GUID to a default GUID

  1. In Object Browser select the object for which you want to change the module GUID.
  2. Display the Properties context menu.
  3. On the Methods tab select the SwitchToNormalGuid() method and click Execute.
Related Topics

Table scripts

Table scripts help you to define actions that are executed before or after saving, loading or discarding an object. In this way, substantial changes or value checks that cannot be easily done with formatting rules or templates, can be made to an object by running a table script before it is saved. After the object is saved, changes to other objects can be made or task and processes can be generated with table scripts, for example. The side effect and tasks defined in the Customizer are applied following the table scripts.

You can customize predefined default table scripts and create your own additional table scripts. The default configuration is moved to a configuration buffer during handling. You can retrieve changes from the configuration buffer and restore the default configuration in this way.

Table scripts are stored in VB.Net syntax which allows use of all VB.Net script functions.

IMPORTANT: Compile the database to bring the table scripts into effect.

Table 91: Table scripts
Script Meaning
Script (OnDiscarded) The script is run after the object is discarded.
Script (OnDiscarding) The script is run before the object is discarded.
Script (OnLoaded) The script is run after the object is loaded.
Script (OnSaved) The script is run after the object is saved.
Script (OnSaving) The script is run before the object is saved.
Related Topics

Database Views of Type "View"

Database Views of Type “View“

Database views with the type "View" represent partial sections of the underlying tables. Database views with type "View" are predefined. Templates and formatting rules can be defined for columns in these views.

Database views of type "View" are generally used for displaying roles. For example, the views Department, Locality and Profitcenter are parts of the base table Basetree.

The following information is displayed for a database view of type "View".

Table 92: Properties for Defining a Database View of Type "View"
Property Meaning
Table Name of the table in the data model.
Type Table type "View".
Base table

Base table that the view is based on.

Condition for view definition Limiting condition as WHERE clause for setting up the database view. The condition relates to the underlying base table.
Columns A reference is required for each column of the database view to a column in the underlying base column. Make the assignment in the column definition.
Example

The table Department is defined as a database view of type "View".

Table 93: Example of Defining a Database View of Type "View"
Property Value
Table Department
Type View
Base table BaseTree
Condition for view definition UID_OrgRoot = 'QER-V-Department'
Column-->Base column (excerpt).

Department.DepartmentName-->BaseTree.Ident_Org

Department.Description-->BaseTree.Description

Resulting view definition

create view dbo.Department as

select

Ident_Org as DepartmentName,

Description as Description,

...

from BaseTree

where UID_OrgRoot = 'QER-V-Department'

You can user insert values to preset certain values in the table when adding a new data set.

Table 94: Defining Insert Values
Property Value
Insert values

Default settings for individual columns that are assigned when a new data set is added. The values are entered in VB.Net syntax.

Selection script

Selection script as a VB.Net term, to determine during runtime whether the object passed belongs to the view.

NOTE:You must recompile the database if you changed insert values and selection scripts!

Example

The UID_OrgRoot is given the value QER-V-Department when data is added to the table Department. The insert values are defined as follows.

Table 95: Example for defining the insert values.
   
Insert values base.putvalue("UID_OrgRoot", "QER-V-Department")
Selection script Value = (String.Equals($UID_OrgRoot$, "QER-V-Department", StringComparison.OrdinalIgnoreCase))

IMPORTANT: If the base table that the view is based on has a table type "B" then the selection script has to correspond to the view condition. If one of the properties is given then the other one also has to be given.

Related Topics

Database Views of Type "Union"

Database Views of Type “Union“

Database views with the table type "Union" are views of the union of different tables and supply a grouping of different object types with the same context. Thus the union view QERAccProductUsage determined, which service items are used in which products, for example.

Views of type "Union" are predefined. Templates and formatting rules cannot be defined for columns in these views. The object key column (XObjectKey) must be referenced in the view definition. This makes it possible to create single object with its valid permissions.

"Union" views are mainly used for editing the user interface and for creating reports.

The following information is displayed for a database view of type "Union".

Table 96: Properties for Defining a Database View of Type "Union"
Property Meaning
Table Name of the table in the data model.
Type Table type "Union".
Additional view definition

Database query as a SELECT statement for setting up the database view.

Several extensions for the view definition can be defined. The extensions are linked with each other with the Union operator.

When you add a column, an entry is created in the table DialogColumn. When you delete a column, the entry is removed from the table DialogColumn.

Condition for view definition Limiting condition as WHERE clause for setting up the database view.
Columns Database view columns.
Example

The table QERAccProductUsage is defined as a database view of type "Union". In the union view, you establish which service item is used in which products. The following example shows an except from the definition based on system entitlements (table ESet) and report subscriptions (table RPSReport).

Table 97: Example of Defining a Database View of Type "Union"
Property Value
Table QERAccProductUsage
Type Union
Columns

TableName, UID_AccProduct, XObjectKey

Extension 1: Additional view definition ESet
Extension 1: Query

select 'ESet' as TableName, g.XObjectKey, g.UID_AccProduct

from ESet g

Extension 2: Additional view definition RPSReport
Extension 2: Query

select 'RPSReport' as TableName, g.XObjectKey, g.UID_AccProduct

from RPSReport g

Resulting view definition

create view dbo.QERAccProductUsage as

select * from

(

select convert(varchar(11), null) as TableName, convert(varchar(38), null) as UID_AccProduct, convert(varchar(138), null) as XObjectKey where 1=0

union all

select xxTab.TableName, xxTab.UID_AccProduct, xxTab.XObjectKey

from (

select 'ESet' as TableName, g.XObjectKey, g.UID_AccProduct

from ESet g

) as xxTab

union all

select xxTab.TableName, xxTab.UID_AccProduct, xxTab.XObjectKey

from (

select 'RPSReport' as TableName, g.XObjectKey, g.UID_AccProduct

from RPSReport g

) as xxTab

) as x

Related Topics
Related Documents