Frontrange Heat is a popular Help Desk solution that contains user profiles and accounts of various types. We will walk you through the process of getting up and running a simple driver that synchronizes profiles from the Profile table down to the Identity Vault (Identity Manager/eDirectory).
While there are also other tables like HEATCAI that contain interesting information, we will not cover these in our example. But once you get an example driver up and running, it is fairly easy to adapt it to your own requirements, and even turn it into a bi-directional driver.
First, because Heat is built on top of MS-SQL 2005 (I am using Heat 9 Demo in my lab), you need to copy the jtds open source JDBC driver on your Identity Manager server (e.g. /opt/novell/eDirectory/lib/dirxml/classes for Linux). You can obtain the jtds driver from: http://sourceforge.net/projects/jtds/files/
N.B. A restart for eDirectory is required, otherwise you will get a ClassNotFound error after copying the jtds file.
Next, you need access to MS-SQL tables and settings for your Heat server. I installed Microsoft SQL Server Management Studio right onto my Heat server, and use Windows login mode while logged in as Administrator locally.
First step, we will create a View for the Profile table.
Figure 1: Create a view for providing access to the Profile table for the driver. Prefix the CustID column with pk_ to flag it as the simulated primary key.
Figure 2: Using a Where condition, you can restrict the CustType in the view to Employee.
Figure 3: Accessing the VIEW_Profile view.
Figure 4: Create a new login in MS-SQL called IDM.
Figure 5: Create a new database user for IDM.
Figure 6: You can explicitly deny access to the table Profile for IDM.
Figure 7: You need to provide read access at a minimum for IDM.
You can test connectivity with a database client.
Figure 9: DbVisualizer connection properties.
Figure 10: Accessing the view using DBVisualizer.
Now let’s create the driver using Designer.
Figure 11: Access a project using Designer. Drap-and-Drop MS SQL driver onto project.
Figure 12: New driver wizard for JDBC driver.
Figure 13: New driver wizard for MS-SQL.
Figure 14: New driver wizard, select MS-SQL version.
Figure 15: Select Direct and JTDS.
Figure 16: Enter IP Address and Port.
Figure 17: Enter user/group OU and select triggerless.
Figure 18: Select Configure.
Figure 19: Modify URL and enter IDM password.
Figure 20: Replace view name.
Figure 21: Edit Schema mapping.
Figure 22: Modify Filter.
Figure 23: Remove Post Polling Statements.
Figure 24: Modify Placement Rule(Publisher).
Figure 25: Modify Create Rule to assign default password(optional).
Now you are ready to fire up your driver. Driver should automatically import users from Profile table.
Figure 26: Users created in Identity Vault(iManager).
Figure 27: Metadata for an imported user.
Now you can take it from there, and add support for other types of objects, and even start to provision new profiles in Heat by modifying the Filters and driver parameters. Or course, you probably want to spend some time understanding how Heat is used by a specific organization. Heat customers probably have some user import scripts or procedures already that you will want to investigate. You can check http://support.frontrange.com/support/HEAT/Import321.htm for an example.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.