Identity Manager
Identity Manager Policy: Run One Event Only
A simple policy to allow one event to run only from the Subscriber channel of any given driver config. Add it as the first policy in the Subscriber Event Transformation Poilcyset (ETP) in order to permit one Subscriber event, then stop the driver config object on the second event.
Generic File Driver (GFD) for IDM, v 1.1
Although I never had to, it seems that importing images is a frequently asked feature in IDM. The Generic File Driver was not yet able to do so, although Joakim Ganse used the GFD and some ECMA scripting to do so. The last trigger to implement this feature was a forum post that requested…
Prerequisites for Office 365 driver on Win2K16 Server 64-bit made easy
This article will help simplify the installation of the Office 365 driver on Windows Server 2016. Compared to other drivers, this driver is a bit tricky to understand the requirements/prerequisites needed. Installing the prerequisites on Windows Server 2016 for Office 365 driver is made easy with the following step-by-step instructions…
Creating Dynamic Groups in the IDM Engine
I was recently asked to help troubleshoot a perceived problem with Dynamic Groups. While at first I thought the problem was non-working dynamic groups, in actuality the problem was less about Dynamic Groups on their own and more about IDM working with them, specifically creating them or setting their memberQuery attribute; the memberQuery attribute holds…
Customizing IDM User Experience
Just about every client wants to be able to customize their web presence. For IDM, this includes several different points of customization for IDM Home. SSPR has one, User Application has another, OSP has a third. Each is different. There is no single point to customization for the IDM Home presentation. User Application was the first app to be…
String normalization – Removing accents and diacritic marks
An increasingly common requirement within Identity Management projects is to remove or substitute some characters in a given string. Usually these are non-English (ASCII) characters, accents and diacritic marks. We live in an increasingly global environment. This often causes challenges in identity projects where one must synchronise identity data (names, locations) from a diversity of different…
Example of calling GroupWise REST API from Identity Manager policy – Part 1
Recently a customer had the following use case requirements to be satisfied via the Identity Manager GroupWise REST connector. Obtain a list of GroupWise groups(Distribution lists) that the user is currently a member of. The ability to remove all group membership in cases when the user gets disabled in IDVault. When users…
What’s new in IDM 4.5 – Part 5
I think digging in and seeing what is new in releases of Identity Manager is a useful thing. The high level What’s New that the vendor provides is helpful, but rarely covers the level of detail I am interested in…
Manipulating node sets in IDM via Set Operations
Thanks to the power and simplicity of DirXML-Script tokens in Identity Manager, one can implement even quite complex policies, whilst only rarely needing to dig directly into the underlying XML. This was not always the case, especially in the first few versions of Identity Manager, which relied on XPath and XSLT…
Enabling IDM Mobile Approvals in IDM 4.0 SP2 and IDM 4.5
If you are using the IDM 4.0 SP2 Advanced Edition with additional toys like HPD, or if you are using IDM 4.5 AE with the same pieces, you may have the opportunity to use Mobile Approvals from an Android or other phone. This is basically a simplified mobile interface made to let those doing approvals…