2.3 Creating a Policy

A policy sends data to the connected systems. A policy is created through the policy set.

2.3.1 Accessing the Policy Set

Select a driver object from the Outline view in an open project.
Select the Policy Set tab.

2.3.2 Using the Policy Set

The policy set contains a toolbar and a list of policies.

The policy list displays all the policies contained in the selected policy set. During a transformation, the policies within the list are executed from top to bottom. The toolbar contains buttons and a drop-down menu that you can use to manage policies displayed in the list, including, editing, adding, deleting, renaming, and changing the processing order of the policies.

Policy Set Toolbar

The policy set displays a copy of the policy. The buttons on the toolbar are enabled or disabled depending upon the item you have selected. The different icons are described below.

Table 2-2 Policy Set Toolbar

Operation	Description
Edit the policy	Launches the Policy Builder.
Create or add a new policy to the Policy Set	Launches the Add Policy Wizard.
Remove and delete the selected policy	Deletes the policy from the project.
Remove the selected policy from the Policy Set, but do not delete it	Removes the policy from the selected policy set object but doesn’t delete the policy.
Move the policy up the policy chain	Moves the policy up in the processing order.
Move the policy down the policy chain	Moves the policy down in the processing order.

Keyboard Support

You can move through the policy set with keystrokes as well as using the mouse. The supported keystrokes are listed below.

Table 2-3 Keyboard Support

Keystroke	Description
Up-arrow	Moves the selected policy up in the processing order.
Down-arrow	Moves the selected policy down in the processing order.
Delete	Deletes the policy from the project.
Minus	Removes the policy from the selected policy set, but does not delete it.
Plus	Launches the Add Policy Wizard.
Ctrl+Z	Undoes the last operation.
Ctrl+Y	Redoes the last operation.

2.3.3 Using the Add Policy Wizard

The Add Policy Wizard launches when you click the Create or add a new policy to the Policy Set icon in the toolbar. The Add Policy Wizard enables you to do the following:

To launch the Add Policy Wizard:

Select a driver in the Outline view.
Select a policy set item in the policy set, then click Create or add a new policy to the Policy Set .

Creating a Policy

In the Add Policy Wizard, select Create a new policy, then click Next.

You can also add a policy by right-clicking a policy set in the Policy Flow view, selecting Add Policy, then selecting how to create the policy:
- DirXML Script
- XSLT
- Link To Existing
- Copy Existing
- Schema Map (Only displayed, if the Schema Map policy set is selected.)
NOTE:DirXML Script and XSLT methods apply is-sensitive attribute on the XDS nodes to hide values of sensitive attributes such as passwords in the trace file. For a sample trace output showing the use of this attribute, see Working with is-sensitive Attributein the NetIQ Identity Manager Driver Administration Guide.
In the Create Policy dialog box, specify a policy name, then click Next.

Select Open Editor after creating object to automatically launch the Policy Builder after creating the new policy.

Accept the default container, or browse to and select the Driver, Publisher, or Subscriber object where you want the policy to be created.

If a policy is not reused by multiple drivers, you typically create that policy under the driver or channel that is using it.

This decision depends on how you want to organize the policies. By default, policies are placed under the container object that is selected in the Outline tab when the Add Policy Wizard is launched.

For example, if you move to a Publisher object in the Outline tab and then add a policy to a policy set, the policy defaults to the Publisher container.

You can change this setting if you want to create policies in a different container. For example, you can set up a policy library, put all of the common policies under this driver, and then simply reference the policies from the other drivers. That way, the policy is common. If you need to change a policy, you need to do it only once.
In the Select Type dialog box, select the type of policy you want to implement, then click Finish.

The policy type defaults to DirXML Script. You can select XSLT, if you don’t want to use DirXML Script.

If you create a Schema Map policy set, an additional option is available for Schema Map.

The new policy appears in the expanded policy set.

Copying a Policy

In the Add Policy Wizard, select Copy a policy, then click Next.
In the Create Policy dialog box, provide the necessary policy information, then click OK.
- Specify a name for the new policy
- Accept the default container, or browse to and select the Driver, Publisher, or Subscriber object where you want the policy to be created.
- Browse to and select the policy you want to copy, then click Finish.

Linking to a Policy

In the Add Policy Wizard, select Link a policy, then click Next.
In the Link Policy dialog box, click Browse to launch the model browser.
Browse to and select the Policy object you want to link into the policy set, then click OK.

Linking a policy into a policy set doesn’t create a new Policy object. Instead, it adds a reference to an existing policy. This reference can be to any existing policy within the current Identity Vault. It doesn’t need to be contained within the current Driver object, but the policy type must be valid for the policy set that it is being linked to. For example, you can’t link a Schema Map policy into an Input policy set.

Linking a policy into a policy set is not permitted when viewing all policies.
Click Finish to link to the selected policy.