When creating new request workflows with IDM Designer and using one of the default workflow forms, you will typically get a recipient selector field with the default Object Selector.

Sometimes you may want to replace this selector with a custom search.
In this example we will use IDM Designer to create a custom search that allows users to enter Given Name and/or Surname for their search; this search will only return users that do not have their ‘Login Disabled’ attribute set.

Here’s how to proceed:

  1. Open IDM Designer
  2. In the ‘Directory Abstraction Layer’ (DAL) add a new query:

    * General
    Use the name ‘queryUsers’ and a display label of your choice
    Select “User” as Query Entity

    * Parameters:
    Add 2 parameter references: ‘paramSurname’ and ‘paramGivenName’ with display labels of your choice

    * Query Conditions
    Add a new Condition Grouping with 3 conditions

    				'Last Name' 		'starts with' 	'%paramSurname%'
    			and	'First Name' 		'starts with' 	'%paramSurname%'
    			and	'Login Disabled' 	'not equals' 	'true'

    * Search
    Add the appropriate Search Root, Search Scope, and Max Entries

  3. Deploy the query

    We will use this query in our form to search for users that match the Surname and Given Name that we enter in the form.

    After saving your new Query, you may need to flush the Cache in administration tab of User Application

  4. Create a new workflow (or open an existing workflow) of your choice.
  5. Edit the Request Form and add 4 form fields:
    	* 'fldSurname' 		(Data type: string, Control Type: text)
    	* 'fldGivenName' 	(Data type: string, Control Type: text)
    	* 'fldSearchBtn' 	(Data type: string, Control Type: Html)
    	* 'fldMatches' 		(Data type: dn, Control Type: PickList)
  6. * For the ‘fldSearchBtn’ field add this line as ‘HTML Content’ (get the single and double quotes right)

    '&nbsp;<input type=\"button\" name=\"btnSearch\" value=\"Search\" onclick=\"runQuery();\" />'

    * For the ‘fldMatches’ field, use ‘User’ as Entity key and ‘LastName, FirstName’ as Display Expression

  7. In the ‘Script’ tab of the form, add a new inline script with these lines

    var globalVars	= new Object();
    // called from form:onload to permanently remember some global vars
    function storeGlobalVars( IDVault, form )
       globalVars.IDVault	= IDVault;
       globalVars.form		= form;
    // called from custom HTML field to run the query
    function runQuery( )
    		var SN = globalVars.form.getValue( "fldSurname" );
    		var GN = globalVars.form.getValue( "fldGivenName" );
    		if (( SN == undefined ) || ( SN == "" )) SN = "*";
    		if (( GN == undefined ) || ( GN == "" )) GN = "*";
    		// run the query and store the results into the "fldMatches" field
    			{"paramSurname":SN, "paramGivenName":GN })
    	catch ( e )
    		alert( "runQuery error: " + e );

  8. In the ‘Events’ tab of the form, add a new onload script with this line

    	storeGlobalVars( IDVault, form );

    This will store the variables ‘form’ and ‘IDVault’ in a global form memory area to ensure that you can access them anytime.

  9. Deploy the form and test
  10. Adapt the procedure to your needs:

    Of course you may want to add other search fields and run a different query, but all you have to do is:

    • Add new text fields to your form
    • Modify the query object to reflect your query needs
    • modify the inline script to copy your field input into the query
  11. Environment used:
    Identity Manager Version 3.6.x/3.7.x
    IDM Designer 3.5

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
Mar 30, 2010
10:07 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow