Chat now with support
Chat with Support

Identity Manager 8.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Adjusting the One Identity Manager base configuration One Identity Manager schema basics Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Setting up Job servers in Designer Configuring the One Identity Manager Service Handling processes in One Identity Manager
Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration SOAP Web Service One Identity Manager as SPML provisioning service provider Processing DBQueue tasks Appendix: Configuration files of the One Identity Manager Service

Database views of the view type

Database views with the View type represent subsets of the underlying tables. Database views with the View type are mainly used to map roles. For example, the database views Department, Locality and Profitcenter are subsets of the Basetree base table.

Database views with the View type are predefined database views. Templates and formatting rules can be defined for columns in these views.

The following information is used to define a database view of the View type.

Table 17: Properties for defining a database view of the View type
Property Meaning
Table Name of the table in the data model.
Type Type of table View.
Base table

Base table that the view is based on.

Condition for view definition Restricting condition for creating the database view as a WHERE clause for database queries. The condition relates to the underlying base table.
Columns

A reference is required for each column of the database view to a column in the underlying base column. Make the assignment in the column definition.

If you want to index the database view for the full text search, the XDateInserted, XDateUpdated and XObjectKey columns must be available.

Insert values

Default settings for individual columns that are assigned when a new data set is added. The values are entered in VB.Net syntax.

Selection script

Selection script as a VB.Net term, to determine during runtime whether the object passed belongs to the view.

IMPORTANT: If the table on which the database view is based is a simple table, the selection script and the condition for the view definition must match. If one of the properties is given then the other one also has to be given.

Example

The Department table is defined as a database view of the View type. When you enter data in the Department table, the UID_OrgRoot column should be populated with the value QER-V-Department.

Table 18: Example of Defining a Database View of Type "View"
Property Value

Table

Department

Type

View

Base table

BaseTree

Condition for view definition

UID_OrgRoot = 'QER-V-Department'

Insert values base.putvalue("UID_OrgRoot", "QER-V-Department")
Selection script Value = (String.Equals($UID_OrgRoot$, "QER-V-Department", StringComparison.OrdinalIgnoreCase))

Columns -->base columns (excerpt from column definition)

Department.DepartmentName-->BaseTree.Ident_Org

Department.Description-->BaseTree.Description

Resulting view definition

create view dbo.Department as

select

Ident_Org as DepartmentName,

Description as Description,

...

from BaseTree

where UID_OrgRoot = 'QER-V-Department'

Related Topics

Database views of the proxy type

Database views with the Proxy table type are union views of different tables. Columns are mapped between a database view of the Proxy type and the underlying tables by means of the column definitions. The DBQueue Processor calculates the actual view definition from the column mapping. This only takes into account tables that are not disabled by a preprocessor condition. Templates and formatting rules cannot be defined for columns in these views.

Database views of the Proxy type are mainly used for mapping the Unified Namespace. For example, for mapping of the ADSDomain or LDAPDomain tables in the Unified Namespace, the UNSRoot view is used.

The following information is used to define a database view of the Proxy type.

Table 19: Properties for defining a database view of the Proxy type
Property Meaning
Table Name of the table in the data model.
Type Type of table Proxy
Additional view definition

Database query generated as a SELECT statement for setting up the database view. View definition extensions are generated by the DBQueue Processor. The following are taken into account when generating:

  • Tables in which the database view is entered as the proxy view
  • Columns that have a reference to a proxy view column
  • Columns that are defined as extensions to the proxy view

The extensions are linked to each other internally with the Union operator.

Condition for view definition Restricting condition for creating the database view as a WHERE clause for database queries.
Columns Database view columns.
Example

The following mappings are required to map ADSDomain in Unified Namespace to the database view USRoot.

  • The database view UNSRoot is entered as a proxy view in the table ADSDomain.
  • The columns of the table ADSDomain to be mapped in the Unified Namespace are given a reference to the corresponding columns in the proxy view.

    For example, the column Ident_Domain in the table ADSDomain is mapped to the column Ident_root of the proxy view UNSRoot.

  • Columns that are expected in the UNSRoot database view but are not contained in the ADSDomain table must be entered in the ADSDomain table as extensions to the proxy view.

    For example, the UNSRoot view expects input of the target system type in the UID_DPRNameSpace column. This column is not in the tables ADSDomain. Therefore, as an extension to the proxy view, 'ADS-DPRNameSpace-ADS' as UID_DPRNameSpace is entered in the ADSDomain table.

The DBQueue Processor generates the extended view definition from the data. The following statement is a excerpt from the generated extension.

select ... Ident_Domain as Ident_UNSRoot..., 'ADS-DPRNameSpace-ADS' as UID_DPRNameSpace from ADSDomain

Related Topics

Database views of the Union type

Database views with the Union table type are union views of various tables and are mainly used to group various object types with the same context. In the QERAccProductUsage union view, for example, you determine which service items are used in which IT Shop products.

Database views with the Union type are predefined database views. Templates and formatting rules cannot be defined for columns in these views. In the view definition, the object key column (XObjectKey) must be referenced. This makes it possible to create single object with its valid permissions.

Database views of the Union type are mainly used for editing the user interface and creating reports.

The following information is used to define a database view of the Union type.

Table 20: Properties for defining a database view of the Union type
Property Meaning
Table Name of the table in the data model.
Type Type of table Union.
Additional view definition

Database query as a SELECT statement for setting up the database view.

NOTE: Never select NULL as <Column>. Instead, convert this explicitly to the requested value type.

Example:

convert(nvarchar(max), NULL) as <column>

convert(varchar(38), NULL) as UID_<column>

convert(varchar(138), NULL) as ObjectKey<column>

Several extensions for the view definition can be defined. The extensions are linked to each other internally with the Union operator.

When you add a column, an entry is created in DialogColumn. When you delete a column, the entry is removed from the table DialogColumn.

Condition for view definition Restricting condition for creating the database view as a WHERE clause for database queries.
Columns Database view columns.
Example

The QERAccProductUsage table is defined as a database view of the Union type. In the union view, you establish which service item is used in which products. The following example shows an except from the definition based on system entitlements (table ESet) and report subscriptions (table RPSReport).

Table 21: Example of defining a database view of Union type

Property

Value

Table

QERAccProductUsage

Type

Union

Columns

TableName, UID_AccProduct, XObjectKey

Extension 1: Additional view definition

ESet

Extension 1: Query

select 'ESet' as TableName, g.XObjectKey, g.UID_AccProduct

from ESet g

Extension 2: Additional view definition

RPSReport

Extension 2: Query

select 'RPSReport' as TableName, g.XObjectKey, g.UID_AccProduct

from RPSReport g

Resulting view definition

create view dbo.QERAccProductUsage as

select * from

property (

select convert(varchar(11), null) as TableName, convert(varchar(38), null) as UID_AccProduct, convert(varchar(138), null) as XObjectKey where 1=0

union all

select xxTab.TableName, xxTab.UID_AccProduct, xxTab.XObjectKey

from (

select 'ESet' as TableName, g.XObjectKey, g.UID_AccProduct

from ESet g

) as xxTab

union all

select xxTab.TableName, xxTab.UID_AccProduct, xxTab.XObjectKey

from (

select 'RPSReport' as TableName, g.XObjectKey, g.UID_AccProduct

from RPSReport g

) as xxTab

) as x

Related Topics

Database views of the read-only type

Database views with the Read only table type may be subsets or unions of the underlying tables. Database view with the Read only type are predefined database views. Templates and formatting rules cannot be defined for columns in these views.

Database views of the Read only type are for display only and are mainly used for editing the user interface and creating reports.

The following information is used to define a database view of the Read only type.

Table 22: Properties for defining a database view of the Read-only type
Property Meaning
Table Name of the table in the data model.
Type Type of table Read only.
Additional view definition

Database query as a SELECT statement for setting up the database view.

NOTE: Never select NULL as <Column>. Instead, convert this explicitly to the requested value type.

Example:

convert(nvarchar(max), NULL) as <column>

convert(varchar(38), NULL) as UID_<column>

convert(varchar(138), NULL) as ObjectKey<column>

Several extensions for the view definition can be defined. The extensions are linked to each other internally with the Union operator.

When you add a column, an entry is created in DialogColumn. When you delete a column, the entry is removed from the table DialogColumn.

Condition for view definition Restricting condition for creating the database view as a WHERE clause for database queries. The condition is attached to the view definition generated from the extension.
Columns Database view columns.
Related Topics
Related Documents