NetIQ Communities

Start exploring, experiencing, and engaging with NetIQ customers and commentators in NetIQ Communities! From industry news in NetIQ Views, to technical how-tos in Cool Solutions, to connecting with NetIQ experts in our Support Forums, you can join the conversation today.

Our community includes 3 main areas

Join the conversation on social media
Subscribe to our newsletter

What's Happening...

Getting Started with Identity Governance – Part 4

I have been discussing the Identity Governance product in terms of interesting things I have noticed using it. I discussed the product, how to enable logging, and the identified the main configuration tools in the first article. In the second article I discussed the configutil.sh file that is used to manage the Identity Governance side…

Getting Started with Identity Governance – Part 3

I have been discussing the Identity Governance product in terms of interesting things I have noticed using it. In trying to resolve these issues, I have not usually found the answer in the documentation, since it is impossible to document everything. Additionally, the kind of information I need, working within the product, doing foolish things…

CloudFormation Template to deploy NetIQ Access Manager in AWS

NetIQ Access Manager 4.4 SP1 and later versions of Access Manager are supported to be deployed in leading public clouds such as AWS and Azure. The NAM_Deploy_AC_IDP_MAG_v1.yml CloudFormation Template (CFT) attached in this tool can be used to deploy the Access Manager components in AWS in the selected VPC This CFT will do the following:…

Getting Started with Identity Governance – Part 2

NetIQ has a new product called Identity Governance that has a lot of new features and functionality. There is much to learn about this tool. In the first article in this series I started talking about the product, how to enable logging, and then identified the main configuration tools. This time I want to talk…

Reporting Events to AbuseIPDB

AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet. Correlated events in Sentinel can be automatically provisioned to AbuseIPDB using the following script with the Execute Action. Due to Bug # 944428, you will require at least Execute a Command 2011.1r2 or greater.

Getting Started with Identity Governance – Part 1

NetIQ has a new product called Identity Governance. This is a pretty neat tool that adds some important functionality. If you are familiar with Micro Focus/NetIQ/Novell Identity Manager then you will be familiar with many of the features in Identity Governance. The focus of Identity Manager is to provision and manage users in multiple systems….

Making Fields in a PRD Reflect Trustee Rights (ACLs) – Part 2

In part 1 of this article, we focused on the back-end retrieval of ACL information for use by a Provisioning Request Definition (PRD) in order to enable the form to reflect an administrator’s rights. In part 2, we will discuss how to use that information within the Form API.

Group Policy Administrator 6.9.1 is generally available

Group Policy Administrator 6.9.1 is generally available. This release supports the service account to access the GPR Security Management node and resolves several other issues.

Sending encrypted e-mail notifications from Sentinel

Recently I had a need for encrypting the e-mail notifications that Sentinel sends from e.g. correlation rules. The e-mails were going to be sent outside the organization to an external e-mail address, and the requirement was that only the recipient should be able to read the messages which of course presents a problem when using…

Easier JSON processing IDM driver policies

Identity Manager has very good facilities for dealing with XML files right out of the box. JSON parsing, however, usually means using an XPATH token to call your own custom ECMA code to parse the JSON object and return values and/or XML that can be manipulated by the IDM driver’s policies. To make it easier to retrieve data from…

Walking through the ServiceNow Driver – Part 4

This series is walking through the ServiceNow IDM driver configuration. In general, the docs never discuss this level of detail and while I concede this is as boring as eating paint as it dries, nonetheless I like to think there is value when you run into an issue in a policy and can find a discussion of what it is doing. Knowing what is supposed to…

Post Processing after NAM Authentication

NAM Identity Provider authenticates the user based on configured contract, method and authentication class. NAM authentication classes are deployed in IDP servers and running as server-side code. If you would like to update user’s profile or execute some business logic (post-processing) without stopping or delaying regular login process, follow this solution to create…

Understanding Package versioning – Part 1

If you are using Identity Manager version 4.0x and higher you will know about Packages. I love packages, as might be evident by how much I have written about them. Series: Let’s talk some more about Packages in Designer 4 New object type in IDM4, ds-object, and how you might generate the information They have…

Walking through the ServiceNow Driver – Part 2

I started looking through the ServiceNow driver settings, Global Configuration Values, and Entitlements in the first article in this series. Now let’s look at the Filter and Schema Map to see what object classes are supported.

OAuth Resource Owner Flow with additional contract parameter

The Resource Owner Flow is one of the modes in the OAuth protocol. In this flow, a user can authenticate using the IDP contract that uses form-based authentication. Sometime during client application development, the application expects more than…