Showing posts with label Application. Show all posts
Showing posts with label Application. Show all posts

Saturday, August 3, 2019

FeaturesString Available in Sailpoint IdenityIQ


Connector Features Supported 


The Application object also has a Feature enumeration, specified as the FeaturesString attribute of the application definition, which is used to control the functionality available through the connector.it tell what all the operation idenityIQ is configured to support for this connector.

Below are the list of the value that are possible for the FeaturesString
Application. Feature
Description
ACCOUNT_ONLY_REQUEST
The application supports requesting accounts without entitlements.
ADDITIONAL_ACCOUNT_REQUEST
The application supports requesting additional accounts.
AUTHENTICATE
The application supports pass through authentication.
COMPOSITE
The application supports composite application creation.
CURRENT_PASSWORD
Some application types support verification of the current password
DIRECT_PERMISSIONS
The application supports returning DirectPermissions.
DISCOVER_SCHEMA
The application supports discovering schemas for users and groups.
ENABLE
The application supports reading if an account is enabled or disabled.
GROUPS_HAVE_MEMBERS
The application models group memberships with a member
attribute on the group object rather than a groups attribute on
the account object.
MANAGER_LOOKUP
The application supports looking up managers as they are
encountered in a feed.
NO_AGGREGATION
An application that does not support aggregation.
NO_PERMISSIONS_PROVISIONING
Indicates that the connector cannot provision direct or target
permissions for accounts.
NO_RANDOM_ACCESS
The application does not support random access and the getObject()
methods should not be called and expected to perform.
PASSWORD
The application can provision password changes.
PROVISIONING
The application can both read and write accounts.
PROXY
The application can serve as a proxy for another application.
SEARCH

SYNC_PROVISIONING
The application can provision accounts synchronously.
UNLOCK
The application supports reading if an account is locked or unlocked.
UNSTRUCTURED_TARGETS
The application supports returning unstructured Targets.
Below are the List of the featurestring value when we configure OOTB Active Directory Connector
featuresString
PROVISIONING
SYNC_PROVISIONING
AUTHENTICATE
MANAGER_LOOKUP
SEARCH
UNSTRUCTURED_TARGETS
UNLOCK
ENABLE
PASSWORD
CURRENT_PASSWORD

Wednesday, June 26, 2019

CONFIGURING EXTENDED APPLICATION ATTRIBUTES IN SAILPOINT IIQ

A brief overview of Extended Application Attributes in SailPoint IIQ followed by instructions on
how to configure or Extend the Schema of Application Object in Sailpoint IIQ.

1.     Navigate to “identityiq_home\WEB-INF\classes\sailpoint\object”




2.     Add the Extended Attribute details need to be extended as shown below for the Application object in IIQ




3.     Run Schema Extend Attribute to generate the sql command. (iiq extendedSchema)




4.     Navigate to below path and check the file to see if the SQL commands are generated
identityiq_home\WEB-INF\database\add_identityiq_extensions.oracle






5.     Run the cmd through SQL client to modify the SPT_IDENTITY Table




  6.     Adding Attribute to Application Extended Attribute
1.      Log into SailPoint Identity IQ as an admin
2.      Click on System Setup > Application Attributes
3.      Click New Attribute
4.      Enter the attribute name and displayname for the Attribute
Attribute name should be the same as the one given in (ApplicationExtended.hbm.xml)
5.      Select any desired options (Type, Searchable, Required, Editable, etc.)
6.      Repeat step 5 for all mapped attributes
7.      Click Save



 7.     Open any Existing or New Application from the UI and we will see the Extended Attributes
are added to the Application Schema Under the Extended Attributes