Chat now with support
Chat with Support

Identity Manager 8.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Adjusting the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Setting up Job servers in Designer Configuring the One Identity Manager Service Handling processes in One Identity Manager
Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration SOAP Web Service One Identity Manager as SPML provisioning service provider Processing DBQueue tasks Appendix: Configuration files of the One Identity Manager Service

Examples of statistic definitions

Example 1:

The number of people in the company should be displayed in the statistics. This statistic should be calculated daily. The statistics definition could look like:

Statistic: CountEmployees
Display name: Number of employees
Description: Finds the number of employees in the company on a daily basis.
Calculation schedule: Calculate statistics
Measurements query:

select 'Employees' as ElementName, count (*) as ElementValue from Person

To display the statistics in the Manager in the category Employees | Info system, the following menu item is created:

Menu item: Person.InfoSystem.CountEmployees
Item type: Statistics
Sort order 1
Statistic: Number of employees
Diagram type: Thermometer

The menu item is assigned to the Manager application and an application role and can then be displayed in the Manager.

Figure 26: Displaying the statistics in the Manager

Example 2:

The number of external employees in the company should be displayed in the statistics. This statistic should be calculated weekly. If more than 20% of employees in the company are externals, the info system should display the state as acceptable instead of a correct. If more than 80% are externals the state should be unacceptable.

Statistic: CountExternalEmployees
Display name: Number of external employees.
Description: Find the number of external employees in the company on a weekly basis.
Calculation schedule: Calculate weekly statistics
Measurements query:

Select 'Employees' as ElementName, Count (*) as ElementValue

from Person where IsExternal = 1

Base measurements query:

Select 'Employees' as ElementName, Count (*) as ElementValue

from Person

Threshold green: 0.2
Threshold red: 0.8

To display the statistics in the Manager in the category Employees | Info system, the following menu item is created:

Menu item: Person.InfoSystem.CountExternalEmployees
Item type: Statistics
Sort order 2
Statistic: Number of external employees.
Diagram type: Traffic light

The menu item is assigned to the Manager application and an application role and can then be displayed in the Manager.

Example 3:

The number of employees, for which the current user is entered directly as manager, should be represented in a statistic. Restrictions to the values for the current user are made though a condition.

Statistic: CountEmployeesPersonHead
Display name: Supervised employees
Description: Finds the number of employees for which the manager is responsible on a daily basis.
Calculation schedule: Calculate statistics
Measurements query:

select XObjectKey as ElementObjectKey, 'Employees' as ElementName, Count (*) as ElementValue

from Person where IsExternal = 1

Group by XObjectKey

Condition:

ElementObjectKey in

(select XObjectKey from Person where uid_PersonHead = '%useruid%')

Configure the web project in the Web Designer, to display statistics in the Web Portal info system.

Example 4:

Internal and external employees, which the current user supervises as department manager, should be represented in a statistic. Departments are added here separately to determine clear results for displaying the measurement because a department manager might be responsible for more than one department.

Statistic: PersonCountInternalExternal_By_Department
Display name: Number of internal and external employees
Description: Finds the number of internal and external employees per department on a daily basis.
Calculation schedule: Calculate statistics
Measurements query:

select d.XObjectKey as ElementObjectKey, 'Internal' as ElementName, count(p.uid_person) as ElementValue

from Department d Left Outer Join Person p on p.UID_Department = d.UID_Department and p.IsExternal = 0

Group By d.XObjectKey

UNION ALL

select d.XObjectKey as ElementObjectKey, 'External' as ElementName, count(p.uid_person) as ElementValue

from Department d Left Outer Join Person p on p.UID_Department = d.UID_Department and p.IsExternal = 1

Group By d.XObjectKey

Condition:

ElementObjectKey in

(select d.XObjectKey from Department d join helperheadorg hpo on d.UID_Department = hpo.UID_Org where hpo.UID_PersonHead = '%useruid%')

Aggregate function SUM

Configure the web project in the Web Designer, to display statistics in the Web Portal info system.

Example 5:

Ten employees with the highest risk index should be found and displayed in a statistic. They should be sorted by measurement unit.

Statistic: Top10ActivePersonByRiskIndex
Display name: Top 10 active employees by risk index
Description: Find ten active employees with the highest risk indexes on a daily basis.
Calculation schedule: Calculate statistics
Measurements query:

select top 10 p.InternalName as ElementName,

Round(100 * IsNull(p.RiskIndexCalculated, 0), 0) as ElementValue,

p.XObjectKey as ElementObjectKey,

ROW_NUMBER() over (order by IsNull(p.RiskIndexCalculated, 0) desc, p.InternalName) as ElementOrder

from Person p

where p.IsInActive = 0

order by ElementOrder

Configure the web project in the Web Designer, to display statistics in the Web Portal info system.

Extending the Launchpad

Launchpad is the central tool for starting One Identity Manager administration tools and configuration tools. You can use Launchpad to check the existing One Identity Manager installation and start One Identity Manager tools to execute individual tasks.

The Launchpad can be customized. You can define your own menu items and action for the Launchpad in the Designer.

You can control how and where menu items are displayed in the Launchpad. You use the menu hierarchy and the different types of menu items to do this. For more detailed information about the structure of a menu hierarchy and the individual menu items and their properties, see User interface navigation.

One Identity Manager supplies a number of Launchpad actions that you can use to start applications via the Launchpad. You can also start your own applications over the Launchpad.

Figure 27: The Launchpad user interface

Detailed information about this topic

Recommendations for extending the Launchpad

  • To create a new category in the left-hand navigation area of the Launchpad, use menu items with the Menu category item type. The items are shown with their display text.
  • To group together tasks in the main area of the Launchpad, use menu items with the Task category item typ. The items are shown with their display text.
  • For individual Launchpad tasks, use menu items with the item types Task, Fixed menu item or Data-dependent menu item. The items are shown with their display text and description.
  • Specify the order for displaying the menu items.
  • To display the task status, enter an overlay icon definition on the menu item in VB.net syntax. Use the NavigationNodeState class.

    Syntax:

    public NavigationNodeState(string state, string imageUidOrName, string description)

    public NavigationNodeState(string state, string imageUidOrName, string description, bool enabled, bool visible, int count)

    Table 61: NavigationNodeState script parameters

    Parameter

    Description

    State

    Status returned, such as Info, Ok, Error, Warning.

    ImageUidOrName

    UID or name of the icon to be displayed.

    description

    Text displayed as tooltip.

    enabled

    Specifies whether the Start button for the action is to be set or not.

    visible

    Specifies whether the task is to displayed.

    count

    Number of affected objects

    Calling example:

    Value = New NavigationNodeState("Ok", "QBM-33228392E9863141A9306B38ADF3D502", #LD("Project is completed.")#)

    Value = New NavigationNodeState("Error", "QBM-a486f0eabf674392bbbdf8572453258c", #LD("Project is not completed.")#)

  • You can use the condition to specify whether the task is only available for a direct database connection or a connection over an application server. To do this, use the variable SessionType.

    Examples of conditions

    Only direct database connection: '%SessionType%' = 'Direct'

    Only application server connection: '%SessionType%' = 'AppServer'

    If no condition is specified, the task is always available.

  • If an action is going to be run from a task, link a Launchpad action to the menu item.

    This displays the Start button for the task. The Launchpad action's description is displayed in the button's tooltip.

  • If some actions in the Launchpad should not be made available to all users, you can manage the permissions by assigning Launchpad actions to program functions (table QBMLaunchActionHasFeature). Only tasks containing actions that the user's program function permissions permit him to run are shown in the Launchpad.

    Detailed information about managing permissions and executing actions via program functions can be found in the One Identity Manager Authorization and Authentication Guide.

Related Topics

Actions for the Launchpad

One Identity Manager supplies a list of Launchpad actions that you can use to start applications. You can also start your own applications over the Launchpad.

At the start an application, you can pass calling parameters, tasks and task parameters which the application can identify. Variable are permitted in this case. Supported are:

  • Environment variables with the syntax %variable%
  • Navigation variables with the syntax %variable%
  • Columns of the object passed in $ notation.

To display Launchpad actions

  1. In Designer, select User interface | Launchpad Actions.
  2. Select the Launchpad action The following master data is required for a Launchpad action.
    Table 62: Properties of an action
    Property Description
    Description Detailed description of the action The description is displayed in the tooltip.
    Executable file Full name of the executable file
    Execution parameter Additional execution parameters for starting the application
    Action Action identifier
    Administrative context Specifies whether the application can only be started by an administrator The application expects authentication as an administrator.
    Method

    Method that must also be transferred as a start parameter

    Task parameter Additional parameters for the method
Related Documents