立即与支持人员聊天
与支持团队交流

Identity Manager 9.2.1 - Configuration Guide

About this guide One Identity Manager software architecture Customizing the One Identity Manager default configuration Customizing the One Identity Manager base configuration One Identity Manager schema basics
Overview of the One Identity Manager schema Table types and default columns in the One Identity Manager data model Notes on editing table definitions and column definitions Table definitions Column definitions Table relations Dynamic foreign key Supporting file groups
Editing the user interface
Object definitions for the user interface User interface navigation Forms for the user interface Statistics in One Identity Manager Extending the Launchpad Task definitions for the user interface Applications for configuring the user interface Icons and images for configuring the user interface Using predefined database queries
Localization in One Identity Manager Process orchestration in One Identity Manager
Mapping processes in One Identity Manager Setting up Job servers
The One Identity Manager Service functionality Tracking changes with process monitoring Conditional compilation using preprocessor conditions Scripts in One Identity Manager
Visual Basic .NET scripts usage Notes on message output Notes on using date values Tips for using PowerShell scripts Using dollar ($) notation Using base objects Calling functions Pre-scripts for use in processes and process steps Using session services Using #LD notation Script library Support for processing scripts in the Script Editor Creating and editing scripts in the Script Editor Copying scripts in the Script Editor Testing scripts in the Script Editor Testing script compilation in the Script Editor Overriding scripts Permissions for running scripts Editing and testing script code with the System Debugger Extended debugging in the Object Browser
One Identity Manager query language Reports in One Identity Manager Adding custom tables or columns to the One Identity Manager schema Web service integration One Identity Manager as SCIM 2.0 service provider Processing DBQueue tasks One Identity Manager Service configuration files

Data retrieval using SQL queries

Data queries with the SQL query module are run directly on the database without checking user access permissions. This means that a column to be used in the report is displayed even though the user may not have access permission to it.

Table 151: Data source SQL properties
Property Meaning

Name

Name of the data source.

Description

Description of data source.

Max. lines

Maximum number of result lines for this query.

NOTE: The report only displays results up to this maximum even if the number of results exceeds it. In the default, no error messages or tips are displayed. Any possible messages must be customized in the report.

Parent query

Not used.

Query module

Select the SQL query module.

Query

Full database query SQL syntax. The query must contain all the columns used in the report. You can also use SQL parameters in the query. Add these parameters subsequently to the report by entering them on the Parameters tab.

Syntax for parameters:

@<parameter name>

Syntax for parameters of Date data type and a scope (time period from/until):

@<parameter name>Start

@<parameter name>End

Example of usage in the SQL query:

and StartDate between @<parameter name>Start and @<parameter name>End

Example:

The query should return the identities (Person table) assigned to an department. The department (UID_Department) is found with the object key (XObjectKey). This is passed as a parameter to the report. The identity‘s first name (firstname), last name (lastname) and department name (departmentname) are queried.

Select Firstname, Lastname, Departmentname

from person join Department

on person.uid_Department = department.uid_Department

where Department.XObjectKey = @ObjectKeyBase

Related topics

Data retrieval using database views

You can use the View query module to create data queries using predefined database views and thus control user access permissions.

Table 152: Data source view properties
Property Meaning

Name

Name of the data source.

Description

Description of data source.

Max. lines

Maximum number of result lines for this query. If this number is exceeded, the report stops generating.

Parent query

Not used.

Query module

Select the View query module.

View name

Name of the database view.

Condition

Condition for limiting the data set returned from the database table. You formulate the condition as a valid WHERE clause for database queries. You may use SQL parameters in the condition. Add these parameters subsequently to the report by entering them on the Parameters tab.

Syntax for parameters:

@<Parametername>

Sort order

The data queries are sorted by these database view columns.

Related topics

Data retrieval using an object

Data queries with the Object query module are created using the object layer and therefore take user access permissions fully into account.

Table 153: Data source object properties
Property Meaning

Name

Name of the data source.

Description

Description of data source.

Max. lines

Maximum number of result lines for this query.

NOTE: The report only displays results up to this maximum even if the number of results exceeds it. In the default, no error messages or tips are displayed. Any possible messages must be customized in the report.

Parent query

In a parent query, restrictions are applied to the data record that are passed on to subsequent queries, all members of a department, for example. Parameters that are defined in the parent query are also available in subsequent queries.

Query module

Select the Object query module.

Table

Select the table to find the object in.

Columns

Columns to use in the report.

Some columns are always added to the report definition and must not be explicitly entered here. These include:

  • The table's primary key column.
  • All columns used in the table display template.
  • Pseudo columns (_Display and _DisplayLong) supplied by the table's display template.
  • An additional column (<column>_Display) is also created for the display value for foreign key columns and columns with a list of defined values or multi-language entries.

Resolve foreign key

Set this option if the display value of the referenced object should be returned in <column>_Display rather than the UID.

Condition

Condition for limiting the data set returned from the table. You formulate the condition as a valid WHERE clause for database queries. You may use SQL parameters in the condition. Add these parameters subsequently to the report by entering them on the Parameters tab.

Syntax for parameters:

@<Parametername>

Syntax for columns of a parent query:

@<name of parent query>.<column of the parent query>

Sort order

The data queries are sorted by these table columns.

Related topics

Data retrieval using single object history

Use data queries with the Single object history query module when you want to create reports about a single object, for example, one identity, with its history data.

Table 154: Properties of data source single object history
Property Meaning

Name

Name of the data source.

Description

Description of data source.

Max. lines

Maximum number of result lines for this query.

NOTE: The report only displays results up to this maximum even if the number of results exceeds it. In the default, no error messages or tips are displayed. Any possible messages must be customized in the report.

Parent query

In a parent query, restrictions are applied to the data record that are passed on to subsequent queries, all members of a department, for example. Parameters that are defined in the parent query are also available in subsequent queries.

Query module

Select the Single object history query module.

Object key

The object key can be queried directly or using a parameter. Add these parameters subsequently to the report by entering them on the Parameters tab. Columns in a parent query are formatted with the following syntax:

<parent query name>.<parent query column>

Min date or range

Use the minimum date to specify the point in time that the history data should start from. You can define the date directly or using a parameter. In the case of a parameter, the minimum date of all affected entries in the connected One Identity Manager History Database databases is determined. Add these parameters subsequently to the report by entering them on the tab Parameters.

Columns

Columns for which the changes are determined.

Resolve foreign key

Set this option if the display value of the referenced object should be returned rather than the UID.

The data query returns the following columns.

Table 155: Columns from a data query using single object history
Column Meaning

ChangeID

Unique identifier (UID) for the record.

ObjectKey

Object key or the record.

ObjectUID

Unique identifier (UID) for the modified objects.

User

Name of user that caused the change.

ChangeTime

Time of change

ChangeType

Type of change (Insert, Update, Delete)

Columnname

Name of column whose value has changed.

ColumnDisplay

Display name of column whose value has changed.

OldValue

Old column value.

OldValueDisplay

Old column display value.

NewValue

New column value.

NewValueDisplay

New value display value.

Related topics
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级