Delimited File Application Configuration Using OOTB Connector

Delimiter File Connector / Flat File Connector overview

This is the OOTB Connector which comes with the Sailpoint IdentityIQ Application and supports Aggregation of both the Accounts and Group object (Entitlement).

Connector Supports

1. Reading data from a file which can be located locally or which is accessible from the application via FTP or SCP .
2. Connector Supports files separated by a comma, semicolon, pipe or regular expression
3. Supports different filtering options on the Files
4. Supports the merging functionally like how  multiple records can be merged into the single
5. The connector also supports partition like how much records batch which will be created.

1. Application Creation and Configuration

Create the 2 Sample file (Account file &Entitlement file ) sunAccount.csv and sunRole.csv before on boarding any delimiter type application.

Navigate to Applications -->Application Definition -->Add New Application
Select Application Type as DelimitedFile and set the other mandatory Attributes

2. Adding group object

Navigate to Configuration -->Setting-->Add object type

3. Account and Group Source File Information

Configure the File Path, File location, Delimiter Type and other different setting based on the file need to be on-bordered for both account and group object. refer to the below as shown in the screenshot.

4.Configure Account and Group Schema

Click on Discover Schema Attribute which will automatically populate the schema attribute for both the Account and Group Object type, this values will be populated from the Account and Group files. Make sure identity Attribute is populated this attribute is used to decide the uniqueness of the object/.

Since we have an entitlement file and the account contains the group, make sure the Role attribute on account object is set as type Role and of type entitlement and multi-valued.

5.Correlation Configuration

Click on New and create a new Correlation rule by selecting USERNAME Attribute from the account file = name attribute from the user identity, make sure that once the rule is saved it will be visible in attribute-based correlation.



6.Aggregation Task

Creating a Group Aggregation Task
Setup -->Tasks --> New Task --> Account Group Aggregation
Make sure the Task is created with the proper selection of different options available in the task definition.



Creating an Account Aggregation Task
Setup -->Tasks --> New Task --> Account Aggregation
Make sure the Task is created with the proper selection of different options available in the task definition.




7.Confirming Correlations and Accounts

Navigate to Application --> Entitlement Catalog and see if the Entitlement is getting loaded from the Role file.

Same way validate the Account and Entitlement of the user which is being loaded, Open the user identity from Identity warehouse and check the Application and Entitlement details of the user

Branding IdentityIQ - Image-based Branding Components

The application logos displayed throughout user interfaces are rendered from image files.for branding the image based component to modify the OOTB Sailpoint image to the Company logo follow the below steps mentioned.

1.  Navigate to //webapps/identityiq_home/ui/images

2. Modify below files as required

3. Navigate to //webapps/identityiq_home/images/icons
     Replace sailpoint.ico file with the new file

4. Restart the Application Server and make sure the Browser Cache is cleared.

NOTE:The easiest way to avoid problems with image scaling is to use a logo image which matches the dimensions of the default product logos so you do not have to change the image sizes.

CONFIGURING IDENTITY ATTRIBUTES IN SAILPOINT IIQ

Personal identity attributes / User Attributes are personal identifiers that are commonly used to distinguish one person from others. Examples include, but are not limited to, name, date of birth, social security number (SSN), and address. OOTB Sailpoint IdentityIQ IIQ comes with few sets of attributes , but most of the times we are required to extend the list of the Attributes , Here i have given the steps to add the more extended or custom attributes to the user or identity.

A brief overview of Identity Attributes in SailPoint IIQ followed by instructions on how to configure Searchable Identity Attributes.

      1.     Navigate to “identityiq_home\WEB-INF\classes\sailpoint\object”

2.     Add the Attribute details need to be extended as shown below

3.     Run Schema Extend Attribute to generate the sql command. (iiq extendedSchema)

    4.     Navigate to below path and check the file to see if the SQL commands are generated.identityiq_home\WEB-INF\database\add_identityiq_extensions.oracle

      5.     Run the cmd through SQL client to modify the SPT_IDENTITY Table

       6.     Adding Attribute to Identity Mapping and UI Config

1.     Log into SailPoint Identity IQ as an admin

2.     Click on System Setup > Identity Mappings

3.     Click New Identity Attribute

4.     Enter the attribute name and displayname for the Attribute

Attribute name should be same as the one given in (IdentityExtended.hbm.xml)

5.     Select any desired options (Multi-Valued, Searchable, Group Factory, Edit mode, etc.)

6.     Repeat step 5 for all mapped attributes

7.     Click OK

       

            1.    Log into SailPoint Identity IQ as an admin

2.     Navigate to the debug interface (http://localhost:8080/identityiq_home/debug/debug.jsf)

3.     Click on the UI Config button

4.     Modify the following entry:
<entry key=”identityViewAttributes” value=”name,firstname,lastname,email,manager“/>

5. Click Save

       7.     Checking for user attribute modification

Only Attribute which are set as searchable be set in the respective column.