About this guide
One Identity Manager software architecture
Working with objects in One Identity Manager
Inserting, modifying and deleting an object in One Identity Manager
Customizing the One Identity Manager default configuration
Reloading changes dynamically
Locking and unlocking individual properties for editing
System configuration reports
Adjusting the One Identity Manager base configuration
Overview of the settings of a database
Changing the connection data for the database
Database configuration for a test, development or productive environment
Language settings for displaying and maintaining the data
Configuration parameters for system configuration
One Identity Manager schema basics
Overview of the One Identity Manager schema
Table types and default columns in the One Identity Manager data model
Notes on editing table definitions and column definitions
Editing table definitions and column definitions
Table types in One Identity Manager
Editing the user interface
Database views of the view type
Database views of the proxy type
Database views of the Union type
Database views of the read-only type
Using table scripts
Editing table relations
Working with a Globally Unique Identifier module
Templates for generating values
Editing value templates
Preventing a change to a column
Restricting the execution of value templates
Example of local value templates within an object
Example of cross-object value templates
Formatting of values
Defining unique columns
Limiting the column length
Defining decimal places for displaying values
Predefined formatting types
Creating formatting scripts
Column dependencies for setting values
Permitted values for a column
Configuring columns for full-text search
Mapping dynamic foreign keys
Supporting file groups
Table properties
Column properties
Object definitions for the user interface
Localization in One Identity Manager
Selection criteria for object definitions
Using the captions for object definitions
Editing the object definitions
Object definition properties
User interface navigation
Navigation elements
Recommendations for editing menu navigation
Notes on working with the User Interface Editor
Selecting the user interface navigation view for editing
Forms for the user interface
Loading the entire user interface navigation
Loading the user interface navigation using an application
Directly loading menu items
Loading menu items using permissions groups
Loading the user interface navigation using a WHERE clause
Simulating the user interface navigation during editing
Copying an existing user interface navigation for a new permissions group
Creating a new user interface navigation
Copying a menu item
Creating a new menu item
Creating a menu category
Assigning a menu item to an application
Assigning a menu item to a permissions group
General menu item properties
Creating database queries for data-dependent menu items
Editing lists
Using links
Using variables
Recommendations for editing forms
Editing user interface forms
Statistics in One Identity Manager
Notes on working with the Form Editor
Disabling user interface forms
Copying a user interface form
Creating a new user interface form
Assigning a user interface form to an application
Assigning a user interface form to a permissions group
Assigning a user interface form to an object definition
Assigning a user interface form to a menu item
Displaying custom columns and tables on master data forms
Forms for custom extensions
User interface form properties
Working with overview forms
Editing statistic definitions
Including statistics in the user interface
Diagram types for visualizing statistics
Examples of statistic definitions
Extending the Launchpad
Recommendations for extending the Launchpad
Actions for the Launchpad
Creating new menu items and actions for the Launchpad
Task definitions for the user interface
Applications for configuring the user interface
Icons and images for configuring the user interface
Using predefined database queries
Working in different time zones
Determining working hours
Editing country information
Process orchestration in One Identity Manager
Enabling other countries and states
Specifying the standard hours for countries and states/provinces/counties
Displaying public holidays for countries and states
Editing countries
Editing states
Country properties
State properties
Public holiday properties
Language-dependent data representation
Basic rules for using language-dependent data
Labeling columns for translation
Using the text memory for translation
Displaying the translations in the Language Editor
Showing usage of a translation
Editing the translations from a single table
Editing all translations
Changing the key text of a translation
Importing translations
Setting up Job servers in Designer
Tracking changes with process monitoring
Editing a Job server
Machine roles and server functions
Job server statistic information
Connection data for process generation
Installing the One Identity Manager Service on the Job server
Configuring the One Identity Manager Service
One Identity Manager Service configuration files
Customizing the One Identity Manager Service configuration for a Job server
Handling processes in One Identity Manager
Template for the configuration file
Selecting the module types and editing the parameters
Validity check on configuration file
Process collection module
Job destination module
Selecting a method
Logwriter module
Dispatcher module
Connection module
HTTP authentication module
Module plug-ins
HTTPLogPlugin
ScheduleCommandPlugin
RequestWatchDogPlugin
PerformanceCounterPlugin
DebugMailPlugin
ShareInfoPlugin
RemoteConnectPlugin
File module with private key
Editing processes with the Process Editor
Defining processes
Creating and editing processes
Copying processes
Creating and editing process steps
Copying individual process steps
Importing a process step into a process
Searching for an entry within a process
Comparing processes
Exporting and importing processes
Properties of a process
Process step properties
Process step parameters
Events for processes
Simulating process generation
Checking the validity of a process
Compiling a process
Using process-specific and global variables for the process definition
Thresholds for handling processes
Specifying the executing server
Notifications about process step handling
Executing processes automatically
Displaying the status of process plans
Starting a process plan immediately
Creating and editing a process plan
Process plan properties
Overview of process components
Basic rules for process monitoring
Logging data changes
Logging process information during process handling
Conditional compilation using preprocessor conditions
Editing the process information for processes
Editing the process information for process steps
Editing the process information for events
Recording messages in the process history
Process tracking for DBQueue Processor operations
Archiving and deleting records
Preprocessor-relevant configuration parameters
Preprocessor conditions in objects
Preprocessor conditions in VB.Net expressions
Evaluation of preprocessor conditions during compilation
Scripts in One Identity Manager
Using scripts
Notes on message output
Notes on using date values
Using dollar ($) notation
Reports in One Identity Manager
Accessing local object columns
Accessing columns of an object connected by a relation
Accessing the old column value
Accessing the display value of a column
Accessing references in comments
Accessing meta values of the local object
Using base. Object
Calling functions
Pre-scripts for use in processes and process steps
Using session services
Querying configuration parameters
Testing for the existence of certain database entries
Querying session object global variables
Using #LD-Notation
Scripts in the script library
Support for processing of scripts in Script Editor
Creating and editing scripts with the Script Editor
Copying scripts in the Script Editor
Testing a script in the Script Editor
Testing script compilation in the Script Editor
Overriding scripts
Editing and testing script code with the System Debugger
Loading the system library
Editing script code in the System Debugger
Logging database queries and object actions
Testing script code in the System Debugger
Testing scripts in the System Debugger
Testing templates and formatting scripts in the System Debugger
Testing methods in the System Debugger
Testing table scripts in the System Debugger
Saving changes to the database
Working with the Report Editor
Adding custom tables or columns to the One Identity Manager schema
Menu items in Report Editor
Views in the Report Editor
Program settings for the Report Editor
Logging database queries
Creating and editing reports in the Report Editor
Editing the general report properties
Creating and editing a data source
Data retrieval using an SQL query
Data retrieval using a database view
Data retrieval using an object
Data retrieval using single object history
Data retrieval using multiple object history
Data retrieval using historical assignments
Data query for simulation data
Report parameters
Editing report parameters
General parameter settings
Defining the parameter values
Settings for calculating values
Using virtual data sources
Editing the report form
Example of a simple report with data grouping
Translating reports
Embedding reports in the user interface
Creating and exporting reports on a cyclical basis
Creating a new table
Extending a table
Defining columns
Web service integration
Creating a simple column
Creating a foreign key column
Creating a dynamic foreign key column
Creating a new column for database views of View type
Advanced configuration of columns
Creating database views with read-only type
Creating database views of Union type
Creating a new assignment table
Creating indexes
Removing custom schema extensions
Permissions for schema extensions
Change labels for the schema extensions
Applying the schema extensions
Recommendations for advanced configuration of custom schema extensions
Managing custom database objects within the database
Binding a web service
SOAP Web Service
Generic web service call
Direct web service call
Self-defined web service call
Creating a web service solution with the Web Service Integration Wizard
Modifying a web service solution
Deleting a web service solution
Installing and configuring the SOAP Web Service
One Identity Manager as SPML provisioning service provider
Installing SOAP Web Service
Configuring the SOAP Web Service
Display the status of a SOAP Web Service
Uninstalling the SOAP Web Service
Examples of calls
SPML web service
Installing and configuring the SPML web service
Configuring the One Identity Manager schema
Testing SPML web service functionality
Processing DBQueue tasks
Configuring the DBQueue Processor for test and development environments
Initializing the DBQueue Processor
Reinitialization of DBQueue Processor
Controlling processing of DBQueue Processor tasks
Processing DBQueue Processor tasks
Reactivating DBQueue Processor tasks
Bulk processing in DBQueue Processor
How the central dispatcher communicates with individual slots
Appendix: Configuration files of the One Identity Manager Service
Creating a web service solution with the Web Service Integration Wizard
Web service integration > Binding a web service > Creating a web service solution with the Web Service Integration Wizard
Prerequisite
- Before you can bind a web service with the WCF service type, the SvcUtil,exe file must exist in the One Identity Manager installation directory.
Refer to Microsoft for information about where you can purchase this file.
- Before you can bind a web service with the SOAP service type, the WSDL.exe file must be on the server that executed provisioning.
Refer to Microsoft for information about where you can purchase this file.
To integrate a new web service
- In Designer, select Base Data | General | Web services.
- Select Integrate new web service from the task view.
This start the Web Service Integration Wizard.
- Click Next on the start page.
- Enter the access data and general web service properties on the Integrate new web service page.
Table 195: General properties of a web service Property Description Web service name Display name of the web service in One Identity Manager. Description Spare text box for additional explanation. .NET namespace for the proxy code Unique identifier for the .NET namespace. Web service URL URL at which the web service is run. WSDL file URL URL at which the WSDL.exe for the web service can be reached.
If the WSDL.exe is not publicly available, it can also be saved locally.
NOTE: If the web service operator changes the WSDL file, run the Web Service Integration Wizard again in order to implement the changes.
Service type Type of web service. Locked Indicates whether the web service can be used. User name User name for logging in to the web service. User domain User domain. User password and password confirmation Password for logging in to the web service. Proxy code generator Path and file name for the proxy code generator. - If the WCF service type is selected, path to SvcUtil.exe file.
- If the service type SOAP is selected, path to WSDL.exe file.
Table 196: Advanced properties of a web service Property Description Proxy server URL URL of the proxy server, if communication is routed via a proxy server. Proxy server user name User name for logging onto the proxy server. Proxy server domain Proxy server domain. Proxy server password and password confirmation Password and password confirmation for logging onto the proxy server. Timeout for WSDL.exe Timeout for accessing the WSDL file. User-defined command line Command line for calling the proxy code generator. The command line can extended by another parameter if required. Default command:
/nologo /language:VB "/namespace:%Namespace%" "/out:{0}" %WsdlUrl%
Example:
/nologo /language:VB "/namespace:EnricoHolidayWebservice" "/out:{0}" http://kayaposoft.com/enrico/ws/v1.0/index.php?wsdl
- Click Check.
This tests access to the web service.
- If the test is successful, click Next.
- The generated proxy code is shown on the page, Create proxy code.
The proxy code contains all web service methods, which are defined in the WSDL file and makes them available to the One Identity Manager script components.
- On Select method calls, select the web service methods you want to use in One Identity Manager. A script is generated for each of the selected methods in the next step.
- A script is generated to call the selected method on the Generate web service call page. Enter all the required parameter and properties for this.
- Click
to specify the type of method call.
Table 197: Type of method call Type Description Self-Defined Web Service Call For more information, see Self-defined web service call . Direct Web Service Call For more information, see Direct web service call. Generic Web Service Call For more information, see Generic web service call.
Table 198: Script properties Property Description Script name Name of script. Label custom scripts with the CCC_. Script names for the generic web service call must follow the following format:
<customer prefix>_<table>_<target system>_<event>
Select the table, target system and event to create the script for. Parameter, value type and data table are automatically determined from the selected table.
Parameter Name of the parameter. Value type Parameter data type. Data table Data table that contains the data to be transferred to the web service. Return value Data type of the parameter containing the return value. Table 199: Data transfer Property Description Parameter Parameter transferred to the web service. Value type Parameter data type. Mapped from Parameter from the defined script properties. Open the menu and assign the associated parameters. If necessary, select the column from the data table which contains the value to be passed. You will see the generated script in the script code view. You can use extended edit mode to edit the script.
TIP: The script calls the VID_GetWcfWebServicefunction, which in turn, uses the GetWcfBinding and GetWcfEndpointAddressfunctions. These three functions can be overwritten. - Click
- To end the Web Service Integration Wizard, click Finish.
- Save the changes.
- Compile the database.
Related Topics
Modifying a web service solution
You can change or extend an existing web service solution at any time. This overwrites the existing script or adds new scripts.
To extend a web service solution
- In Designer, select Base Data | General | Web services.
- Select the web service in the List Editor.
- Select Create web service call in the task view.
This start the Web Service Integration Wizard.
- Follow the wizard's instructions.
- Save the changes.
- Compile the database.
To edit a web service solution
- In Designer, select Base Data | General | Web services.
- Select the web service in the List Editor.
- Select Edit web service.
This start the Web Service Integration Wizard.
- Follow the wizard's instructions.
- Save the changes.
- Compile the database.
Detailed information about this topic
Deleting a web service solution
To delete a web service solution from the database
- Delete the web service.
- Delete all associated custom scripts.
- Determine all other custom element of your web service solution and delete them.
- Save the changes.
- Compile the database.
SOAP Web Service
SOAP Web Service
The One Identity Manager's SOAP Web Service provides a SOAP interface for accessing the One Identity Manager object model. The SOAP Web Service manages a connection pool. Not every call opens a new connection. Not all object layer functions are support by the SOAP Web Service. The SOAP Web Service supplies methods for single objects, object lists and function call.
| Method | Description |
|---|---|
| CreateSingleObject | Adds a new single object. |
| GetCompleteSingleObject | Loads a single complete object from the database with all parameters. |
| GetCompleteSingleObjectEx | Functionality analog to GetCompleteSingleObject with support for a multi-column primary key. |
| GetSingleObject | Loads a single object from the database. |
| GetSingleObjectEx | Functionality analog to GetSingleObject with support for a multi-column primary key. |
| ChangeSingleObject | Saves changes to a single object. |
| ChangeSingleObjectEx | Functionality analog to ChangeSingleObject with support for a multi-column primary key. |
| DeleteSingleObject | Deletes a single object. |
| DeleteSingleObjectEx | Functionality analog to DeleteSingleObject with support for a multi-column primary key. |
| Exists | Does a specific single object exist? |
| ExistsEx | Functionality analog to Exists with support for a multi-column primary key. |
| GetSingleProperty | Get a single value from an object. |
| GetSinglePropertyEx | Functionality analog to GetSingleProperty with support for a multi-column primary key. |
| Method | Description |
|---|---|
| GetListObject | Loads a list of objects. |
| GetListObjectWithDisplays | Loads a list of objects with data additional to the primary key about the columns to load. |
| Function | Description |
|---|---|
| InvokeCustomizer | Call a customizer method for an object. |
| InvokeCustomizerEx | Functionality analog to InvokeCustomizer with support for a multi-column primary key. |
| InvokeDialogMethod | Calls a dialog method for a dialog object. |
| InvokeDialogMethodEx | Functionality analog to InvokeDialogMethod with support for a multi-column primary key. |
| FireGenEvent | Generates processes of a specific event. |
| FireGenEventEx | Functionality analog to FireGenEvent with support for a multi-column primary key. |