Thursday, August 20, 2020

Sailpoint IdentityIQ Export Object using Sailpoint API

All Sailpoint IdentityIQ Object can be exported using the API also , hear is the example of the code which is used to export all the Bundle object present in the instance.

Generally we use the console to export the sailpoint identityIQ object 

checkout <class name> <object name or ID> <file> [-clean [=id,created…]]

Similar thing can be done using the API also, below is the sample source code 

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

import sailpoint.api.SailPointContext;
import sailpoint.api.SailPointFactory;
import sailpoint.object.Bundle;
import sailpoint.object.Filter;
import sailpoint.object.QueryOptions;
import sailpoint.server.ExportVisitor;
import sailpoint.server.Exporter.Cleaner;
import sailpoint.spring.SpringStarter;
import sailpoint.tools.GeneralException;
import sailpoint.tools.Util;
		
               List propertiesToClean = new ArrayList();
		propertiesToClean.add("id");
		propertiesToClean.add("created");
		propertiesToClean.add("modified");
		Cleaner cleaner = new Cleaner(propertiesToClean);
		
		
		try {
			List<Bundle> roles = context.getObjects(Bundle.class);
			System.out.println(roles);
			  for (Bundle bun : roles){
			    try{
			    	if(null !=bun.getType() && bun.getType().equalsIgnoreCase("business")){
						//new ExportVisitor(context).visit(bun);
						String xml = bun.toXml();
						System.out.println("raw xml" + xml);
					if (propertiesToClean != null){
						xml = cleaner.clean(xml);
						System.out.println("clean xml" + xml);
					}
					Util.writeFile("C://Temp//"+bun.getName()+".xml", xml);		    	
			    	}
			    }catch (GeneralException e) {
					// TODO Auto-generated catch block
					e.printStackTrace();
				}			
			  }
		} catch (GeneralException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}finally {
			try {
				SailPointFactory.releaseContext(context);
			} catch (GeneralException e) {
				e.printStackTrace();
			}
		}
		
	}



Posted by at 2 comments:
Labels: , , , , , , , ,

Saturday, August 15, 2020

Sailpoint IdentityIQ Patching from 7.3p2 to 7.3p3

All the Application server instance must be stopped before starting the process. 

Navigate to the /apps/tomcat/bin

./shutdown.sh

Database backup

Once the application is in MM, DB  backup should be taken

File backup

SP binaries need to be backed up before performing the patching of the system, this file backup step need to be performed on all the application server nodes

1.      Navigate to

/apps/tomcat/webapps/

2.      Run below command

tar -zcvf identityiq_node1_7.3p2.tar.gz identityiq/

move the tar file to some common backup path the /apps/backup

Build War File

Use SSB to build the war file , few important things to note here

  1. Read the Read me from the Patch war file
  2. Check out what the patch contain basically the files which are modified as the part of the patch and if you have modified anything
  3. For example , we have modified the Bundle.js , so here we need to take the patch file and rewrite /overwite our changes on this file
  4. This Patch contains few changes related to AD , example they have introduced few entry in XML related to performance and also the IIQ TLS and connectivity has been introduced , make sure you have updated the Application xml accordingly
  5. Other Changes related to Active Directory Application is "ldapExtendedControls" and "ADAppVersion" entry addition , Same way check for the other application in your environment and make the changes accordingly.
  6.  Few Changes related to most common Application are below
  7. Copy the patch jar file in base\patch dir of SSB
  8. Make a directory with name 7.3p3 inside base\efix
  9. build.properties values need to be updated to IIQVersion=7.3 IIQPatchLevel=p3
Active Directory Application

<entry key="ADAppVersion" value="V2"/>
<entry key="ldapExtendedControls"> 
		<value> 
		  <List> 
			<String>1.2.840.113556.1.4.1339</String> 
		  </List> 
		</value> 
</entry>

Delimited Application

<entry key="sftpAuthMethod" value="password"/>

Web Service Application

Support <AUTHENTICATE>	  
<entry key="isGetObjectRequiredForPTA">
           <value>
            <Boolean>true</Boolean>
          </value>
</entry>
<entry key="httpCookieSpecsStandard" value="true" />
<entry key="encrypted" value="accesstoken,refresh_token,oauth_token_info,client_secret,private_key,private_key_password,clientCertificate,clientKeySpec,resourceOwnerPassword" />


Database patching

Copy the created war file inside the identityiq directory

inside the identityiq

jar xvf identityiq.war

Navigate to \WEB-INF\database check for the file name and execute the scripts related changes on the database upgrade_identityiq_tables-7.3p3.oracle

Sailpoint patching

Navigate to \WEB-INF\bin folder and execute the patch command to update IIQ

IQ service update

Uninstall the IQService and Install it again , follow the steps 

Posted by at 4 comments:
Labels: , , , ,
Subscribe to: Posts (Atom)