Showing posts with label Customization Rule. Show all posts
Showing posts with label Customization Rule. Show all posts

Thursday, February 10, 2022

Sailpoint IdentityIQ Loopback Connector Configuration

Loopback Connector is used to manage the Workgroup & Capability of Sailpoint. This Connector is part of the SSF Framework.

Below Configuration is done to manage the WG which start with  "VIS"

  • Ignore non correlated identities = true
  • Ignore identities with no entitlements = true
  • Identity filter = Workgroups.name.startsWith("VIS")

Account Customization Rule

List workgroupList = (List)object.getAttribute("workgroups.name");
List updatedWorkgroupList=new ArrayList();
if(!workgroupList.isEmpty()){
  for(String workgroupName:workgroupList){  
  if(workgroupName.startsWith("VIS")){
	updatedWorkgroupList.add(workgroupName);
  }  
 }
  if(!updatedWorkgroupList.isEmpty()){
	object.setAttribute("workgroups.name",updatedWorkgroupList);
	return object;
	}else{
	return null;
	}
}else{
return null;
}

 WorkGroup Customization Rule

import sailpoint.object.ManagedAttribute;
import java.util.Map;
import java.util.HashMap;
String workGroupName = (String) object.getAttribute("name");
if (workGroupName.startsWith("VIS")){
	object.put("privileged","Yes");
	object.setDisplayName(object.getAttribute("name"));
    object.setAttribute("description",(String)object.getAttribute("description"));
return object ;
}

Monday, December 6, 2021

Sailpoint IdentityIQ Database Multiplex Application Configuration

Sailpoint IdentityIQ Database Multiplex Application Configuration

APPLICATION --> ACCESS_NAME --> ACCOUNTS

Group Query : SELECT DISTINCT APPLICATION_ID,APPLICATION,ACCESS_ID,ACCESS_NAME,ACCESS_DESCRIPTION from VIS_APPLICATION order by ACCESS_NAME ASC

Account Query : SELECT IDENTIFICATION, USER_TYPE, NAME, LASTNAME, STATUS,EMAIL,APPLICATION,ACCESS_NAME FROM VIS_USER order by EMAIL ,APPLICATION,ACCESS_NAME













































JDBCBuildMap / Build Map Rule

        import java.util.Map;     
        import sailpoint.connector.*;
	import sailpoint.object.Application;
	import org.apache.commons.logging.Log;
	import org.apache.commons.logging.LogFactory;
	import sailpoint.api.SailPointContext;
	
     Map map = JDBCConnector.buildMapFromResultSet(result, schema);  
     if (schema.getObjectType().compareTo(Connector.TYPE_ACCOUNT) == 0) {                   
		String applName = (String) map.get("APPLICATION");    
		String mergeAttribute = (String) map.get("EMAIL") + "_VIS " + applName;     
		map.put( "IIQSourceApplication","VIS" + applName);     
		map.put("mergeAttribute",mergeAttribute);		
     }else if (schema.getObjectType().compareTo(Connector.TYPE_GROUP) == 0) {
		String applName = (String) map.get("APPLICATION"); 	   
		String profilemergeAttribute = (String) map.get("ACCESS_NAME") + "_VIS " + applName;   	   
		map.put( "IIQSourceApplication","VIS" + applName);     
		map.put("profilemergeAttribute",profilemergeAttribute);
    }    
    return map;

ResourceObjectCustomization/Customization Rule

        import org.apache.commons.logging.Log;
	import org.apache.commons.logging.LogFactory;
	import sailpoint.api.SailPointContext;
	import sailpoint.object.Configuration;
	import sailpoint.object.ResourceObject;
	import sailpoint.tools.GeneralException;
		
	ResourceObject resourceObject = object;	
	String APP_STATUS_ATTRIBUTE = "STATUS";
	List ACTIVE_STATUS_LIST = new ArrayList( Arrays.asList("ENABLED", "Enabled", "enabled", "ENABLE", "Enable", "enable", "ACTIVE", "Active", "active") );
	String accountStatus = null;	
	if ("account".equals(object.getObjectType())) {	
		accountStatus = object.getAttribute(APP_STATUS_ATTRIBUTE);		
		if(ACTIVE_STATUS_LIST.contains(accountStatus) ){			
			resourceObject.setAttribute("IIQDisabled", false);			
		}else{			
			resourceObject.setAttribute("IIQDisabled", true);			
		}		
	}
	return resourceObject;