Identity Manager

Recently a customer had the following use case requirements to be satisfied via the Identity Manager GroupWise REST connector. Obtain a list of GroupWise groups(Distribution lists) that the user is currently a member of. The ability to remove all group membership in cases when the user gets disabled in IDVault. When users…

By: vivekbm
Feb 19, 2016
7:24 am
Reads:
788
Score:
5
This entry is part 5 of 5 in the series What's new in IDM 4.5

I think digging in and seeing what is new in releases of Identity Manager is a useful thing. The high level What’s New that the vendor provides is helpful, but rarely covers the level of detail I am interested in…

geoffc
By: geoffc
Oct 30, 2015
11:51 am
Reads:
555
Score:
Unrated

Thanks to the power and simplicity of DirXML-Script tokens in Identity Manager, one can implement even quite complex policies, whilst only rarely needing to dig directly into the underlying XML. This was not always the case, especially in the first few versions of Identity Manager, which relied on XPath and XSLT…

Alexander McHugh
Oct 1, 2015
12:11 pm
Reads:
1,369
Score:
5

If you are using the IDM 4.0 SP2 Advanced Edition with additional toys like HPD, or if you are using IDM 4.5 AE with the same pieces, you may have the opportunity to use Mobile Approvals from an Android or other phone. This is basically a simplified mobile interface made to let those doing approvals…

+ read more

By: ab
Feb 19, 2015
12:14 pm
Reads:
1,514
Score:
4.8

Note: This solution has been developed as a proof of concept in a lab, but hasn’t been battle-tested yet in a production environment.   When writing an IDM Driver, it’s easy to have dependencies which conflict with another driver’s dependencies. For example, let’s say your driver depends on commons-lang-2.6.jar, but other drivers are present which…

+ read more

By: jalbr74
Feb 9, 2015
11:53 am
Reads:
1,164
Score:
Unrated
This entry is part 3 of 3 in the series Delving into and beyond the current-op

Here’s part 3 of Alexander McHugh’s series on Delving into and beyond the current-op. The third article in the series deals exclusively with direct operations, it will outline the technical details, review general best practices related to working with direct operations. It will outline how to manipulate and transform direct operations and provide some useful toolbox rules related to direct operations.

Alexander McHugh
Jun 24, 2014
1:30 pm
Reads:
2,331
Score:
4.5
This entry is part 2 of 3 in the series Delving into and beyond the current-op

Here’s part 2 of Alexander McHugh’s series on Delving into and beyond the current-op. This second article will outline general best practices related to working directly with nodes other than the current-op within the “current operation”. It will also outline some useful toolbox rules and expressions that can be used to access and manipulate the entire XDS document.

Alexander McHugh
Jun 17, 2014
5:00 am
Reads:
2,048
Score:
4.5

When working with the default policies for the Active Directory driver, one quickly notices that this driver calls out to several Java functions. This is true with both the package based version or the pre-configured XML driver export used up until the release of NetIQ Identity Manager 4 Overall, the Active Directory driver is one…

+ read more

Alexander McHugh
Jun 9, 2014
12:47 pm
Reads:
2,455
Score:
4.67
This entry is part 1 of 3 in the series Delving into and beyond the current-op

This article is the first part in a series that will delve into the way the NetIQ Identity Manager engine juggles atomic operations. The first article, will give an overview of how the engine actually handles the current operation and outline key technical details related to this concept. Subsequent articles will delve deeper into how to access and modify operations.

Alexander McHugh
Jun 2, 2014
12:25 pm
Reads:
1,891
Score:
4.8

The attached Perl script will take an input engine trace file and split the contents of it into two files, a subscriber channel file and a publisher channel file.  All neutral data is written into both files.  It does not modify the original trace file. I created this Perl script because following an event in…

+ read more

By: mlabit
Aug 28, 2013
1:52 pm
Reads:
1,876
Score:
Unrated
Active Directory Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management Knowledge Depot LDAP Migrating from Windows XP or 2003 to SUSE Linux Monitoring Open Enterprise Server Passwords Reporting Secure Access Sentinel Supported Troubleshooting Workflow