NOTE this article has been updated (Sept 4, 2015) with a NAM 4.1-compatible version of the extension. OK, so your SAML Service Provider is asking for a default domain suffix for every username (firstname.lastname@example.org). Or, your application behind NAM wants to receive the full name of a logged-in user’s manager. Or, you need to provide…
NetIQ Access Manager is a great product. One of its strong points is the extensibility in terms of look ’n feel, authentication and other customizations. An area with less flexibility is the user data, especially when working with SAML. Access Manager generally assumes that the data in your LDAP directory has the format you need….
Introduction Many organizations need or desire to process or filter user attributes after user authentication before share those attributes with any other service. Use cases are, Modify user attributes like changing email domain (runtime in memory) before sending any user information to Access Gateway. On Federation with third party SP when NAM acting as…
Working with the new Driver for eDirectory I found some things, which are worth to talk about, since they are a kind of special. In my article Bidirectional Driver for eDirectory – Some hints and workarounds it was pointing out that the driver filter could cause some trouble. I want to stress what is to…
Here’s part 3 of Alexander McHugh’s series on Delving into and beyond the current-op. The third article in the series deals exclusively with direct operations, it will outline the technical details, review general best practices related to working with direct operations. It will outline how to manipulate and transform direct operations and provide some useful toolbox rules related to direct operations.
Here’s part 2 of Alexander McHugh’s series on Delving into and beyond the current-op. This second article will outline general best practices related to working directly with nodes other than the current-op within the “current operation”. It will also outline some useful toolbox rules and expressions that can be used to access and manipulate the entire XDS document.
This article is the first part in a series that will delve into the way the NetIQ Identity Manager engine juggles atomic operations. The first article, will give an overview of how the engine actually handles the current operation and outline key technical details related to this concept. Subsequent articles will delve deeper into how to access and modify operations.
Manage user radius attributes with a fully cross-platform GUI.
Geoffrey Carman discusses an interesting subtlety in the Operation Attribute token that is quite important for several reasons. Check it out.
If you are just getting started with IDM, there are some common pitfalls. It would be nice if someone just pointed them out to help you avoid them. This is not the sort of thing that goes in the docs, so here is my attempt.