Technical Solutions
Use Risk Based Authentication Method to Enable Role Based Access for SAML Federation
Using a SAML 2.0 connection, the service provider (web services or SaaS applications) trusts the identity provider (NAM IDP) to validate the user’s authentication credentials and to send identity information about the authenticated user. The service provider accepts the data and uses it to give the user access to…
Exchange SAML 2 Assertion with OAuth Access Token Using NAM 4.4
Access Manager 4.4 complies with RFC 7521 and RFC 7522 to support SAML 2 bearer profile with authorization grant flow. You can use a SAML 2 assertion to request an access token. Access Manager can validate the assertion and generate the access token, which can be used to access…
Auto Scaling of Access Manager Identity Servers in AWS
With the release of NetIQ Access Manager 4.4 SP1, Access Manager is officially supported on leading public clouds – AWS and Azure. Administrators can utilize the auto scaling services available in cloud to automatically scale out and scale in the Access Manager instances based on the load pattern. This solution demonstrates the Auto scaling of…
eDirectory Partitions/Replicas Viewer
Sometimes it may be nice to have a reliable way to get a quick summary of partitions and replicas from an eDirectory tree. This may be for troubleshooting, or as a record of the current status on a day-to-day basis. As a consultant a common request to a client is, “What partitions do you have defined,…
NetIQ Access Manager: Auto Scaling of Identity Server in AWS – Lambda function
With NetIQ Access Manager 4.4 SP1 release, Access Manager started supporting leading public clouds – AWS and Azure. To reduce the infrastructure cost, NAM admins can scale-out and scale-in the Identity Servers based on certain parameters like CPU utilization, Network In & Out, etc. The scaling operations can be scheduled as well based on timing…
Identity Manager Channels and Filters
Micro Focus Identity Manager is a pretty complex product. The engine happens to be my favorite part. It is designed to synchronize data between disparate systems, and as the years have progressed has gotten pretty complex and interesting. At the core is the Identity Manager engine (vrdim.dlm and dxevent.dlm on Windows, dxevent and vrdim in…
The Ultimate Answer to Dates, Forms and Workflows (and everything). …which is not ‘42’.
For many years I have struggled with the date fields and managing them within workflows. Today I finally decided to do something about it. Here collected are the most important details to remember when handling date attributes within your provisioning request definitions (PRDs). Form Script There are several possible formats we might need to deal…
Deploying NetIQ Access Manager in AWS for High Availability and Fault Tolerance
With the NetIQ Access Manager 4.4 SP1 release, NAM is officially supported to be deployed in leading public clouds – AWS and Azure. Customers can utilize the wide range of infrastructure options available in the cloud to deploy NAM for high availability and fault tolerance. In this cool solution, I will explain the deployment of…
Generating installation and configuration debug info in Identity Manager 4.7.x
With the release of Identity Manager 4.7 the installation and configuration methods of the product was changed from GUI based in the previous versions to be script based. In cases where troubleshooting needs to be done on the installation problems, generating debug information will be helpful to narrow down the failures and their causes. This…
ClassCastException After Upgrading IDM
IDM 4.6.2 uses a later version of Rhino that changes the way it supports “string” coercion. Here’s a solution from TNosredna to help you avoid problems after upgrading…
